• Home
  • Rapid7 InsightVM vs. Wiz

Rapid7 InsightVM vs Wiz comparison

Cancel
You must select at least 2 products to compare!
Rapid7 Logo

Rapid7 InsightVM

Read 55 Rapid7 InsightVM reviews
6,391 views|4,159 comparisons
89% willing to recommend
Wiz Logo

Wiz

Read 11 Wiz reviews
14,043 views|10,336 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Rapid7 InsightVM vs. Wiz
March 2023
Executive Summary
Updated on Mar 13, 2024

Rapid7 InsightVM received mixed feedback on deployment time and user interface, Wiz was praised for its intuitive interface and strong collaboration tools. Users of both products provided positive feedback for customer support. Ultimately, both products offer valuable features for cybersecurity efforts, but Rapid7 InsightVM may require more attention to user interface improvements, integration capabilities, and customer support responsiveness, while Wiz may need enhancements to customization options.

  • Features: InsightVM excels in reporting capabilities, automation, and visibility into vulnerabilities, while Wiz stands out for its intuitive interface, collaboration tools, seamless integrations, and robust security features.
  • Pricing and ROI: Rapid7 and Wiz are seen reasonably priced, with straightforward implementation and flexible licensing options. Rapid7 InsightVM excels in improved vulnerability management, visibility, and remediation efficiency, leading to a strong ROI. Wiz delivers value and results effectively, but lacks detailed comparison features.
  • Room for Improvement: Rapid7 InsightVM users have mentioned the need for a more intuitive interface, better integration capabilities, and enhanced reporting and visualization features. On the other hand, Wiz users have highlighted areas such as advanced analytics tools.
  • Deployment and customer support: Overall, users had mixed experiences with the implementation duration of Rapid7 InsightVM and Wiz, with some taking weeks and others just a few days. Rapid7 excels in customer service with fantastic support and thorough assistance. Wiz also offers excellent support, emphasizing quick issue resolution, making users feel valued and supported.

The summary above is based on 46 interviews we conducted recently with Rapid7 InsightVM and Wiz users. To access the review's full transcripts, download our report.

To learn more, read our detailed Rapid7 InsightVM vs. Wiz Report (Updated: March 2023).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Anonymous User
Easy deployment, but technical support could respond faster
The ease of deployment and configuration allows users to onboard quickly, aligning smoothly with various functionalities.
Mihir Ashar
Provides profound visibility into vulnerabilities across our cloud environment and outstanding customer support
Wiz helped us reduce blind spots in our risk detection capabilities; the older tools we previously used did not offer the same level of visibility... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature.""The reports in Rapid7 InsightVM are useful when compared to competitors.""The most valuable feature for us is the different types of reporting it provides.""InsightVM's most valuable feature is risk scoring, a formula based on different vectors like the ease of exploitation and the availability of the machine.""I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps.""We can create our own templates.""The pricing is reasonable.""The product is scalable."

More Rapid7 InsightVM Pros →

"The first thing that stood out was the ease of installation and the quick value we got out of the solution.""The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster.""Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk.""Our most important features are those around entitlement, external exposure, vulnerabilities, and container security.""The solution is very user-friendly.""The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at.""I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts.""The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."

More Wiz Pros →

Cons
"A definite improvement would be to make it easier to run ad-hoc scans without needing to assign the asset to a site or group.""Technical support does not respond quickly.""The product does not have the capability to do dynamic scanning of non-web applications.""Their customer support should be improved, and the effectiveness of scans also needs to be improved.""The on-premise updates could improve from Rapid7 InsightVM.""They should improve the cybersecurity feature of the solution.""This solution creates false-positives which can cause issues with reporting.""Rapid7 InsightVM, has impressive capabilities, especially when it comes to managing video equipment. However, we've noticed that Rapid7 also offers a cloud solution called CloudSec, and we don't have that. We think it would be better if InsightVM had all the features for both on-premise and cloud management."

More Rapid7 InsightVM Cons →

"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately.""Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform.""Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes.""The solution's container security could be improved.""The remediation workflow within the Wiz could be improved.""The only thing that needs to be improved is the number of scans per day.""One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging.""We're looking at some of the data compliance stuff that they've got Jon offer. I know they're looking at container security, which we gonna be looking at next."

More Wiz Cons →

Pricing and Cost Advice
  • "The price of the solution is less than the competitors."
  • "I do not have experience with the pricing of the solution."
  • "This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important."
  • "The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."
  • "Our licensing costs are somewhere around $40,000 annually. There are no additional fees."
  • "The licensing is asset-based and very straightforward."
  • "Its price is too high. My only concern or issue with Rapid7 is its pricing."
  • "Comparing the price with the value that we receive, I am not happy with it."

    • More Rapid7 InsightVM Pricing and Cost Advice →

  • "The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."
  • "The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."
  • "The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."
  • "I wish the pricing was more transparent."
  • "The cost of the other solutions is comparable to Wiz."
  • "Wiz is a moderately priced solution, where it is neither cheap nor costly."

    • More Wiz Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    How would you choose between Rapid7 InsightVM and Tenable Nessus?
    Top Answer:You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid7… more »
    Read all 2 answers   →
    What do you like most about Rapid7 InsightVM?
    Top Answer:InsightVM offers a robust platform for identifying, prioritizing, and addressing vulnerabilities across an organization's IT infrastructure.
    Read all 40 answers   →
    What is your experience regarding pricing and costs for Rapid7 InsightVM?
    Top Answer:The solution’s pricing is good because the value proposition delivers a report box. It is not very costly.
    Read all 30 answers   →
    How would you compare Wiz vs Lacework?
    Top Answer:Wiz and Lacework sucks... Buy Orca. 
    AWS Cloud Security Posture tool - has anyone used either Wiz or Ermetic ...
    Top Answer:Whether or not the cost of third-party Cloud Security tools is justified would depend on your specific needs and budget. Suppose you are looking for a comprehensive Cloud Security solution that can… more »
    What do you like most about Wiz?
    Top Answer:With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.
    Read all 7 answers   →
    Ranking
    4th
    out of 37 in Risk-Based Vulnerability Management
    Views
    6,391
    Comparisons
    4,159
    Reviews
    21
    Average Words per Review
    374
    Rating
    8.1
    2nd
    out of 41 in Cloud-Native Application Protection Platforms (CNAPP)
    Views
    14,043
    Comparisons
    10,336
    Reviews
    11
    Average Words per Review
    1,370
    Rating
    9.2
    Comparisons
    Also Known As
    InsightVM, NeXpose
    Learn More
    Rapid7
    Wiz
    Overview

    Rapid7 InsightVM is a comprehensive vulnerability management platform that protects your systems from attackers and is easy to scale. The solution provides easy access to vulnerability management, application security, detection and response, external threat intelligence, orchestration and automation, and more. Rapid7 InsightVM is ideal for security, IT, and DevOps teams, helping them reduce risk by enabling them to detect and respond to attacks quickly.

    Rapid7 InsightVM Features

    Rapid7 InsightVM has many valuable key features. Some of the most useful ones include:

    • Automated containment: With this feature, you can decrease exposure from vulnerabilities by automatically implementing temporary (or permanent) compensating controls via your network access control (NAC) systems, firewalls, and endpoint detection and response tools.
    • Policy assessment: Rapid7 InsightVM offers pre-built scan templates for common compliance requirements. The solution helps you take clear, actionable steps to compliance once you have assessed your risk posture. In addition, Rapid7 InsightVM’s Custom Policy Builder allows you to modify existing benchmarks or create new policies from scratch.
    • REST API: Rapid7 InsightVM REST API is easy to use and was built to easily automate virtually any aspect of vulnerability management, from data collection to risk analysis.
    • Live dashboards: Rapid7 InsightVM includes dashboards that are live and interactive by nature. The live dashboards enable you to create custom cards and full dashboards for anyone in your organization and allow you to track progress of your security program.
    • Automation-assisted patching: Rapid7 InsightVM’s automation-assisted patching gives you the autonomy to make key decisions in your patching process, such as your approval to apply certain patches to certain vulnerabilities.
    • Real risk prioritization: Rapid7 InsightVM makes it simple to know which vulnerabilities need to be prioritized and where your riskiest assets lie.
    • Goals and SLA’s: This feature enables you to make and track progress toward your goals and service level agreements (SLAs) at an appropriate pace.

    Rapid7 InsightVM Benefits

    There are many benefits to implementing Rapid7 InsightVM. Some of the biggest advantages the solution offers include:

    • Attack surface monitoring for maintained visibility: By leveraging attack surface monitoring with Project Sonar (a Rapid7 research project that regularly scans the internet to gain insights into global exposure to common vulnerabilities), you can gain more control of all of your external-facing assets, both known and unknown.
    • Container security: Rapid7 InsightVM integrates with your CI/CD tools, public container repositories, and private repositories to assess container images for vulnerabilities during the build process even before they are deployed.
    • Lightweight endpoint agent: Rapid7 InsightVM unifies data so you only need to install a single agent for continuous vulnerability assessment, incident detection, and log data collection.
    • Easily assign and track remediation duties: Using Rapid7 InsightVM, IT and security teams can assign as well as track remediation duties without having to deal with remediation reports, complex spreadsheets, or back-and-forth email tags.
    • Integration with cloud services and virtual infrastructure: Rapid7 InsightVM provides full visibility into risk across your physical, virtual, and cloud infrastructure.
    • Integrated threat feeds: Rapid7 InsightVM is designed with integrated threat feeds, giving you a dynamic view that shows you which threats are most relevant to your environment, enabling you to better protect against current, impending threats so you can react quickly to critical vulnerabilities.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Rapid7 InsightVM solution.

    An owner at a tech services company says, "I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps."

    PeerSpot user Kimeang S., Technical Consultant at Yip Intsoi, mentions, "The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at."

    A Director of Information Technology at a government explains, "The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."

    Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within their internal environments.

    Wiz's Security Graph delivers automated alerts whenever risks emerge, allowing teams to prioritize and address the most critical issues before they escalate into breaches. Furthermore, Wiz ensures rapid and agentless visibility into critical data across various repositories, enabling organizations to easily determine the location of their data assets.

    Wiz Features

    Wiz provides various features in the following categories:

    • Agentless Scanning: The solution can scan every layer of a cloud environment without requiring agents, managing the entire process and providing comprehensive visibility.

    • Workflow Integration: Users can create customized workflows within Wiz to identify and assign actions based on urgency, integrating them with ticketing systems for quick and efficient remediation.

    • Vulnerability Management: Wiz's vulnerability management modules provide detailed analytics and visibility across cloud systems, streamlining the manual process of vulnerability discovery. The automated attack path analysis helps identify risks and trace potential points of exposure, allowing users to understand and mitigate them effectively and proactively.

    • CSPM (Cloud Security Posture Management): Wiz's CSPM module offers instant visibility into high-level risks to an enterprise’s cloud environment, covering all accounts without the need for agents.

    • Out-of-the-Box Reporting and Custom Queries: The service supports comprehensive reporting with asset context, allowing users to perform complex custom queries on the solution’s user-friendly interface.

    • Automation Roles and Dashboards: The solution facilitates automation by providing essential roles and dedicated dashboards that enable teams to understand security information quickly, even those with limited expertise.

    • Contextual Risk Evaluation: The service contextualizes the various components contributing to an issue, providing a risk evaluation framework that helps prioritize remediation efforts.

    • Security Graph and Visibility: Wiz's security graph offers visibility across the entire organization, even with multiple accounts, enabling users to understand their environment and assets effectively.

    The Benefits of Wiz

    Wiz offers the following benefits:


    • Comprehensive agentless scanning

    • Effective identification and mitigation of vulnerabilities

    • Streamlined vulnerability management

    • Robust reporting capabilities and customizable queries

    • Enhanced automation and role-based access control

    • Prioritized risk evaluation for efficient remediation

    • Security posture across multiple accounts

    Reviews from Real Users

    Kamran Siddique, VP Information Security at boxed.com, remarks his company has seen a ROI while using Wiz, as it simplifies the process by integrating multiple useful tools into one solution.

    According to a Senior Security Architect at Deliveroo, Wiz has given their company a fresh approach to vulnerability management, as Wiz's native integrations are extremely useful and paramount to the operational success of their platform.



    Get a demo | Wiz

    Sample Customers
    ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
    Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
    Top Industries
    REVIEWERS
    Computer Software Company17%
    Financial Services Firm13%
    Comms Service Provider13%
    Energy/Utilities Company10%
    VISITORS READING REVIEWS
    Educational Organization33%
    Computer Software Company11%
    Financial Services Firm7%
    Manufacturing Company6%
    REVIEWERS
    Computer Software Company38%
    Retailer13%
    Outsourcing Company13%
    Manufacturing Company13%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm14%
    Manufacturing Company9%
    Government6%
    Company Size
    REVIEWERS
    Small Business47%
    Midsize Enterprise20%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise43%
    Large Enterprise41%
    REVIEWERS
    Small Business17%
    Midsize Enterprise25%
    Large Enterprise58%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise15%
    Large Enterprise65%
    Buyer's Guide
    Rapid7 InsightVM vs. Wiz
    March 2023
    Free Report: Rapid7 InsightVM vs. Wiz
    Find out what your peers are saying about Rapid7 InsightVM vs. Wiz and other solutions. Updated: March 2023.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    Rapid7 InsightVM is ranked 4th in Risk-Based Vulnerability Management with 55 reviews while Wiz is ranked 2nd in Cloud-Native Application Protection Platforms (CNAPP) with 11 reviews. Rapid7 InsightVM is rated 8.0, while Wiz is rated 9.2. The top reviewer of Rapid7 InsightVM writes "You can scan a network, and receive recommendations to address vulnerabilities with the click of a button". On the other hand, the top reviewer of Wiz writes "Multiple features help us prioritize remediation, and agentless implementation reduces overhead". Rapid7 InsightVM is most compared with Tenable Nessus, Qualys VMDR, Tenable Security Center, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management, whereas Wiz is most compared with Prisma Cloud by Palo Alto Networks, Orca Security, Microsoft Defender for Cloud and AWS Security Hub. See our Rapid7 InsightVM vs. Wiz report.

    We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.