Anonymous UserHead of Cybersecurity Assurance & Controls Director at a tech services company
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The most valuable feature for us is the different types of reporting it provides."
"We feel the interface is very good. It is very easy to use, even a nontechnical person can use it."
"The most valuable feature is the site scanning, where we can provide a complete subnet and what it is we need to scan on those devices."
"There are many integrations with things like the VMware NSX that are great, the reporting is really solid."
"It's easy to use. It's fast, it's a powerful easy to access tool."
"This solution is very easy to use and easy to install."
"The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at."
"The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."
"On the Varonis side, technical support is phenomenal. Their ability to explain is very good, and they seem to be very knowledgeable. When I get an alert that doesn't quite make sense, they dive in there and kind of take me through it. That's very useful and very good. There are some false alerts, but it is better to have a false alert than no alert at all."
"That alerting and reporting service is great."
"This solution integrates with another module in Metasploit, that doesn't exist in the other solutions. It is subscribed to on our roadmap, but we chose to implement both Nexppose and AppSpider."
"The reporting has room for improvement. You cannot customize any report. If I need a specific requirement, I have to create a new report for it."
"The reporting is a little bit tricky because it can be difficult to exactly pinpoint some of the assets to filter them and generate a report."
"Some difficulties with the online reporting and lack of integrations."
"The InsightVM cannot scan if we connect to our customer by the VPN."
"It would be nice to have an additional feature that would provide reports on who has logged onto the console or who did what on the console."
"There needs to be much clearer instructions surrounding scanning."
"We found that after you passed an endpoint, it didn't always reflect it in the next scan. I'm not sure if it was a glitch or some issue with the product's software. That was never clear. That was always an issue and something that definitely needed improvement."
"We have Microsoft Office 365. I just saw an article today which says that they're actually getting integrated with Microsoft Office 365, which would be a useful feature. For user-based reports, log on activity, and stuff like that, it doesn't seem to really be present like Log360. That could just be my inexperience with it. I've been dealing with it for only about two and a half months."
"The GUI should be more functional. There should be a process for connecting through Chrome, Internet Explorer, etc."
"This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important."
"The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."
"Our licensing costs are somewhere around $40,000 annually. There are no additional fees."
"The licensing is asset-based and very straightforward."
"Its price is too high. My only concern or issue with Rapid7 is its pricing."
"Comparing the price with the value that we receive, I am not happy with it."
"The license is annual and this is the optimal approach when it comes to most software."
"In some cases, we procure the licenses. In some cases, the customers directly buy the license from Rapid7."
"Licensing is on an annual basis. Maintenance and renewal fees are separate. Varonis Datalert is quite expensive."
Rapid7 InsightVM is the vulnerability assessment tool built for the modern web. InsightVM combines complete ecosystem visibility, an unparalleled understanding of the attacker mindset, and the agility of SecOps so you can act before impact.
Varonis Datalert prevents data breaches and alert on suspicious activity, stop ransomware, and defend your data from insider threats. It monitors enterprise assets for suspicious activity and unusual behavior, detecting critical events and compromised assets on your core infrastructure: Windows, UNIX/Linux, NAS, Active Directory, SharePoint, Exchange, and Office 365. It detects insider threats and cyber threats by analyzing data, account activity, and user behavior and automate responses to suspicious activity and alert on unusual behavior - using deep analysis of metadata, machine learning, and advanced User Behavior Analytics (UBA).
Rapid7 InsightVM is ranked 2nd in Vulnerability Management with 18 reviews while Varonis Datalert is ranked 10th in User Behavior Analytics - UEBA with 2 reviews. Rapid7 InsightVM is rated 8.0, while Varonis Datalert is rated 9.0. The top reviewer of Rapid7 InsightVM writes "Broad capabilities make this scanning solution able to cover a lot of ground". On the other hand, the top reviewer of Varonis Datalert writes "It does a good job on file share awareness and has phenomenal technical support". Rapid7 InsightVM is most compared with Tenable Nessus, Qualys VM, Tenable SC, Tenable.io Vulnerability Management and Qualys Virtual Scanner Appliance, whereas Varonis Datalert is most compared with Splunk User Behavior Analytics, Quest Change Auditor Threat Detection, Exabeam Fusion SIEM, ObserveIT and ManageEngine Log360.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.