We performed a comparison between Cybersixgill and Rapid7 Metasploit based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."To be diligent for the customer, we usually go into Cybersixgill Investigative Portal to analyze and search things. The solution tells us the reputation of cyber threat actors. So, if someone has a reputation of one, it is a really bad idea to care about what that person is saying. However, if you find someone with a reputation of nine, then there is a high probability that we need to address the problem. You can get information about these type of actors in Cybersixgill Investigative Portal. They have a huge collection, which is like having the rules/goals of the dark web and deep web without having to go there. Our analysts avoid going dark web because they have Cybersixgill Investigative Portal and can get the news from their browser, searching wherever they want."
"The solution’s approach of using limited open source intelligence and focusing, instead, on the Deep Web and Dark Web is what seals the deal. That is why I like them. I have other tools that I can aggregate all the open source intelligence from. I value Cybersixgill because it provides access to things that no one else does."
"The advanced analysis has made our security operations more efficient. It has also potentially given us quicker access to data that we might not have otherwise located."
"They also provide some of the greatest notification capabilities. I put in a customer's company name and domain names, or sometimes I put in their IP addresses as a keyword. Once Sixgill collects information that includes those keywords, they then provide us email notifications. That means we can catch information related to our customers as soon as possible."
"The solution is open source and has many small targetted penetration tests that have been written by many people that are useful. You can choose different subjects for the test, such as Oracle databases or Apache servers."
"The most valuable feature for us is the support for testing Linux-based web server components."
"The option to generate phishing emails has proven to be very valuable in understanding the behavior of users."
"All of the features are great."
"The Search Engineering feature is good."
"The greatest advantage of Rapid7 Metasploit is that it is the only system that can directly exploit vulnerabilities on the Metasploit platform."
"The tool's most useful feature for penetration testing is its automation capabilities. With the professional edition, you can upload the results from Nessus in the Rapid7 Metasploit solution portal."
"I use Rapid7 Metasploit for payload generation and Post-Exploitation."
"The breadth of access to data is good, but there are gaps. More data would be my suggestion because the platform is good and I have no complaints about the system. I think it is just a case of always trying to get more data sources."
"We need real-time updated information. If we could have this, it would be amazing. For example, if someone was posting something, then ten second later, it was on the platform. Sometimes, it takes a minute or hours right now, depending on the forum."
"Regarding their scraping abilities, things could be solidified. There are definitely improvements that could be made on the specificity for setting certain queries."
"Sixgill has strong capabilities based on search queries, but there is some difficulty in using Sixgill. Their querying is very powerful but it can be difficult. It's not hugely complex but you need some skill to use Sixgill querying."
"The solution is not user-friendly and has room for improvement."
"If your company's patch is not up to date, but you have other detection or defense solutions such as endpoint detection and response and antivirus software, the product exploit may not work effectively. This is because its exploit database update process is slow and not real-time. For zero-day vulnerabilities or new security threats, relying on Rapid7 Metasploit alone may not be effective."
"Rapid7 Metasploit can add a GUI feature because it is only available online."
"Rapid7 Metasploit could be made easier for new users to learn."
"The initial setup was a bit "tweaky" for the open-source version."
"The open-source version has reporting limitations. You need to develop these capabilities yourself. Built-in reporting is an excellent feature for penetration testing, but it isn't a must-have. The solution could also cover more vulnerabilities. Metasploit has around 10,000 exploits in its library, but more is always better."
"We'd like them to offer better coverage of malware."
"There are numerous outdated exploits in their database that should be updated."
Earn 20 points
Cybersixgill is ranked 50th in Vulnerability Management while Rapid7 Metasploit is ranked 11th in Vulnerability Management with 18 reviews. Cybersixgill is rated 8.8, while Rapid7 Metasploit is rated 7.6. The top reviewer of Cybersixgill writes "Provides early detection of imminent attacks, and speeds up addressing of vulnerabilities internally because it makes them real". On the other hand, the top reviewer of Rapid7 Metasploit writes "Helps find vulnerabilities in a system to determine whether the system needs to be upgraded". Cybersixgill is most compared with Recorded Future, Intel 471, ZeroFOX, Digital Shadows and CyberInt Argos, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Pentera, Rapid7 InsightVM, Acunetix and Nucleus.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.