We performed a comparison between Rapid7 InsightVM and SecurityScorecard based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management."Using Rapid7, we can install a scan engine, we can do our VPN connections, and we can conduct internal scans of remote sites. We prefer the web application. It's smarter and more accurate from an application perspective."
"The solution is good because it has a lot of options."
"The most valuable feature is the vulnerability scan."
"The assessment is most valuable."
"The solution works well."
"The remediation project is a pretty effective because it allows us, as clients or countries, to choose specific assets and set limitations on them for a certain period which allows us to track and follow up on those limitations. However, when it comes to real-time monitoring and live dashboards, InsightVM doesn't quite fit the bill. It's not a real-time solution and is not instant."
"The most valuable feature for me is the risk calculation based on monthly effects."
"Has great reporting features."
"I rate the product's initial setup phase a nine on a scale of one to ten, where one is a difficult setup phase, and ten is an easy setup process."
"With its automated approach, nothing is missed on the IPs your organization is related to."
"The solution helps identify our environment's vulnerabilities."
"One of its most effective features for risk identification is its enterprise-ready automation for third-party risk measurements."
"There are end-user needs and expectations that are being overlooked in the development that could be addressed by appointing a customer advisory board."
"Patch management is the only missing feature I can think of. Rapid7 detects vulnerabilities, but it should also help you manage patches."
"Rapid7 InsightVM could be easier to use for those who are using it for the first time."
"The reporting is a little bit tricky because it can be difficult to exactly pinpoint some of the assets to filter them and generate a report."
"There was functionality present previously, however, currently, we can't integrate directly with Jira Service Desk - only the cloud version."
"This solution integrates with another module in Metasploit, that doesn't exist in the other solutions. It is subscribed to on our roadmap, but we chose to implement both Nexppose and AppSpider."
"The integration with other solutions like JIRA could be better. Perhaps there could be some additional updates in the next phase that could integrate with it, so then you can proceed with the VT much easier."
"We have some issues with how it scans patches."
"There could be more information in regards to solving problems like hints on what specifically to look for."
"The tool needs to have the ability to mitigate vulnerabilities with alternative solutions."
"They could improve the process with a questionnaire module for the product."
"SecurityScorecard's technical team's response time is an area that my company expects to be made faster."
Rapid7 InsightVM is ranked 4th in Risk-Based Vulnerability Management with 55 reviews while SecurityScorecard is ranked 5th in IT Vendor Risk Management with 4 reviews. Rapid7 InsightVM is rated 8.0, while SecurityScorecard is rated 8.0. The top reviewer of Rapid7 InsightVM writes "You can scan a network, and receive recommendations to address vulnerabilities with the click of a button". On the other hand, the top reviewer of SecurityScorecard writes "Easy-to-deploy product with good technical support services ". Rapid7 InsightVM is most compared with Tenable Nessus, Qualys VMDR, Tenable Security Center, Microsoft Defender Vulnerability Management and Lacework, whereas SecurityScorecard is most compared with Bitsight Third-Party Risk Management, Recorded Future, RiskRecon, Tenable Nessus and Qualys VMDR.
We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.