Most Helpful Review
Researched Rapid7 Metasploit but chose Rapid7 InsightVM: Stable and Scalable solution with good technical support and reporting capabilities
Find out what your peers are saying about Rapid7 InsightVM vs. Rapid7 Metasploit and other solutions. Updated: November 2020.
448,542 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"It is stable and scalable."
"This solution is much more user-friendly than past solutions I have used."
"Rapid7 InsightVM has given us a practical view of the vulnerabilities present in our organization."
"The most valuable feature for us is the different types of reporting it provides."
"We feel the interface is very good. It is very easy to use, even a nontechnical person can use it."
"The most valuable feature is the site scanning, where we can provide a complete subnet and what it is we need to scan on those devices."
"There are many integrations with things like the VMware NSX that are great, the reporting is really solid."
"It's easy to use. It's fast, it's a powerful easy to access tool."
"It's not possible to do penetration testing without being very proficient in Metasploit."
"The option to generate phishing emails has proven to be very valuable in understanding the behavior of users."
"It contains almost all the available exploits and payloads."
"The most valuable feature for us is the support for testing Linux-based web server components."
"The reporting on the solution is good."
"All of the features are great."
"There are not enough templates, and the reporting is weak with this solution."
"This solution creates false-positives which can cause issues with reporting."
"A definite improvement would be to make it easier to run ad-hoc scans without needing to assign the asset to a site or group."
"This solution integrates with another module in Metasploit, that doesn't exist in the other solutions. It is subscribed to on our roadmap, but we chose to implement both Nexppose and AppSpider."
"The reporting has room for improvement. You cannot customize any report. If I need a specific requirement, I have to create a new report for it."
"The reporting is a little bit tricky because it can be difficult to exactly pinpoint some of the assets to filter them and generate a report."
"Some difficulties with the online reporting and lack of integrations."
"The InsightVM cannot scan if we connect to our customer by the VPN."
"The initial setup was a bit "tweaky" for the open-source version."
"Metasploit cannot be installed on a machine with an antivirus."
"It is necessary to add some training materials and a tutorial for beginners."
"Better automation capabilities would be an improvement."
"The solution should improve the responsiveness of its live technical support."
"At the time I was using it, the graphical user interface needed some improvements."
Pricing and Cost Advice
"The price of the solution is less than the competitors."
"I do not have experience with the pricing of the solution."
"This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important."
"The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."
"Our licensing costs are somewhere around $40,000 annually. There are no additional fees."
"The licensing is asset-based and very straightforward."
"I use the open-source version of this product. Pricing is not relevant."
"It is expensive. Our license expired, and our company is not thinking to renew because of our budget."
"The great advantage with Rapid7 Metasploit, of course, is that it's free."
Questions from the Community
Top Answer: It's easy to use. It's fast, it's a powerful easy to access tool.
Top Answer: Our licensing costs are somewhere around $40,000 annually. There are no additional fees. We will probably increase our license count annually as our environment kind of naturally grows. We started out… more »
Ask a question
Earn 20 points
out of 36 in Vulnerability Management
Average Words per Review
out of 36 in Vulnerability Management
Average Words per Review
Compared 42% of the time.
Compared 17% of the time.
Compared 14% of the time.
Compared 4% of the time.
Compared 2% of the time.
Compared 52% of the time.
Compared 12% of the time.
Compared 7% of the time.
Compared 6% of the time.
Compared 3% of the time.
Also Known As
Rapid7 InsightVM is the vulnerability assessment tool built for the modern web. InsightVM combines complete ecosystem visibility, an unparalleled understanding of the attacker mindset, and the agility of SecOps so you can act before impact.
Attackers are always developing new exploits and attack methods—Metasploit penetration testing software helps you use their own weapons against them. Utilizing an ever-growing database of exploits, you can safely simulate real-world attacks on your network to train your security team to spot and stop the real thing.
Learn more about Rapid7 InsightVM
Learn more about Rapid7 Metasploit
|ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM||City of Corpus Christi, Diebold, Lumenate, Nebraska Public Power District, Prairie North Regional Health, Apptio, Automation Direct, Bob's Stores, Cardinal Innovations Healthcare Solutions, Carnegie Mellon University|
Financial Services Firm22%
Non Tech Company11%
Computer Software Company31%
Comms Service Provider16%
Financial Services Firm7%
Comms Service Provider32%
Computer Software Company26%
K 12 Educational Company Or School4%
Rapid7 InsightVM is ranked 2nd in Vulnerability Management with 13 reviews while Rapid7 Metasploit is ranked 7th in Vulnerability Management with 5 reviews. Rapid7 InsightVM is rated 8.0, while Rapid7 Metasploit is rated 7.4. The top reviewer of Rapid7 InsightVM writes "Broad capabilities make this scanning solution able to cover a lot of ground". On the other hand, the top reviewer of Rapid7 Metasploit writes "Straightforward to set up, and helpful for moving from development to production". Rapid7 InsightVM is most compared with Tenable Nessus, Qualys VM, Tenable SC, Tenable.io Vulnerability Management and Kenna.VM, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Wireshark, Qualys VM, Darktrace and Acunetix Vulnerability Scanner. See our Rapid7 InsightVM vs. Rapid7 Metasploit report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.