Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightVM vs Wiz comparison

The compared Rapid7 and Wiz solutions aren't in the same category. Rapid7 is ranked #4 in RBVM , with an average rating of 8.2, and holds a 17.8% mindshare in the category. Wiz is ranked #2 in CNAP , with an average rating of 9.0, and holds a 25.7% mindshare. Additionally, 88% of Rapid7 users are willing to recommend the solution, compared to 100% of Wiz users who would recommend it.
Rapid7 InsightVM
Read 58 Rapid7 InsightVM reviews
  • 5,741 Views
  • 3,772 Comparison Views
88% willing to recommend
Wiz
Read 18 Wiz reviews
  • 15,369 Views
  • 11,726 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jun 2, 2024

Rapid7 InsightVM received mixed feedback on deployment time and user interface, Wiz was praised for its intuitive interface and strong collaboration tools. Users of both products provided positive feedback for customer support. Ultimately, both products offer valuable features for cybersecurity efforts, but Rapid7 InsightVM may require more attention to user interface improvements, integration capabilities, and customer support responsiveness, while Wiz may need enhancements to customization options.

  • Features: InsightVM excels in reporting capabilities, automation, and visibility into vulnerabilities, while Wiz stands out for its intuitive interface, collaboration tools, seamless integrations, and robust security features.
  • Pricing and ROI: Rapid7 and Wiz are seen reasonably priced, with straightforward implementation and flexible licensing options. Rapid7 InsightVM excels in improved vulnerability management, visibility, and remediation efficiency, leading to a strong ROI. Wiz delivers value and results effectively, but lacks detailed comparison features.
  • Room for Improvement: Rapid7 InsightVM users have mentioned the need for a more intuitive interface, better integration capabilities, and enhanced reporting and visualization features. On the other hand, Wiz users have highlighted areas such as advanced analytics tools.
  • Deployment and customer support: Overall, users had mixed experiences with the implementation duration of Rapid7 InsightVM and Wiz, with some taking weeks and others just a few days. Rapid7 excels in customer service with fantastic support and thorough assistance. Wiz also offers excellent support, emphasizing quick issue resolution, making users feel valued and supported.

The summary above is based on 46 interviews we conducted recently with Rapid7 InsightVM and Wiz users. To access the review's full transcripts, download our report.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Rapid7 InsightVM vs. Wiz Report (Updated: March 2023).
Buyer's Guide
Rapid7 InsightVM vs. Wiz
March 2023
Download the complete report
Helped 805,335 peers since 2012
 

Categories and Ranking

Rapid7 InsightVM
Average Rating
8.0
Number of Reviews
58
Ranking in other categories
Risk-Based Vulnerability Management (4th)
Wiz
Average Rating
9.0
Number of Reviews
18
Ranking in other categories
Vulnerability Management (4th), Container Security (2nd), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (2nd), Data Security Posture Management (DSPM) (2nd), Compliance Management (1st)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Rapid7 InsightVM is designed for Risk-Based Vulnerability Management and holds a mindshare of 17.8%, up 12.1% compared to last year.
Wiz, on the other hand, focuses on Cloud-Native Application Protection Platforms (CNAPP), holds 25.7% mindshare, up 19.0% since last year.
Risk-Based Vulnerability Management
Cloud-Native Application Protection Platforms (CNAPP)
 

Featured Reviews

SH
Jan 19, 2024
Easy deployment, but technical support could respond faster
The initial setup is not so complex. It is quickly deployable configurable and integrated with your existing setup. The common process for Rapid7 InsightVM involves comparing it against their standard procedures to ensure compliance with the required licenses and resources. Users download the necessary files and initiate/reactivate licenses. Certain configurations are also set up. This process typically takes two to three days for the department, but we usually allocate a week for completion. Our team feels enabled enough after completing the training session on Rapid7 InsightVM. We conduct our tests independently, and whenever we need support, we seek assistance directly from Rapid7. This process isn't overly complex or time-consuming. We ensure thorough preparation by gathering all necessary information, addressing internet concerns, and informing the customer. Once fully prepared, we proceed forward.
Read full review
Mindaugas Dailidonis - PeerSpot reviewer
Sep 10, 2024
Advanced security insights and comprehensive risk visibility across multi-cloud environments
The time savings and the many moments of "if I was building a CNAPP, this is how I would do it" were where Wiz had already implemented what I wished for. Wiz also saves time by validating a network misconfiguration by not only looking at the cloud asset configuration but also by testing if a port that is stated to be open is actually open. The Wiz product team recognises that the world doesn't revolve around Cyber Security teams. This is evident in their emphasis on providing clear and simple remediation advice and offering explanations of the alerts, making it easy for non-security team members to understand what’s happening and why. This was one of the key criteria why Wiz has been selected over the competitors. My favourite is the EASM/External Exposure view and overall package - full risk visibility. It allows us to prioritize, and I mean truly prioritize, what should be addressed first. We can now see cloud workloads exposed to the internet in case of critical vulnerabilities, and if these workloads hold or can access sensitive data, we can act fast and patch these workloads first, and therefore reduce our overall risk exposure time. Another favourite feature is the ability to give feedback and quickly raise a support case, as well as the comment option for each finding in Wiz web portal. It enables simple, yet effective collaboration between security, cloud, infrastructure and development teams.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The pricing is reasonable."
"When you connect any new device to the network, Rapid7 has the ability to detect the new device immediately. It can scan that device to detect if it has any vulnerability. It tells you what is vulnerable and what has been misconfigured. It also tells you what is the risk of that misconfiguration or lack of patches and how to resolve the problem."
"The product is scalable."
"This solution's most useful feature is that it is entirely a single-page application."
"The cost is what is most valuable. Compared to the other products on the market, the cost is more palatable."
"The product's initial setup phase was very easy."
"InsightVM's best features are the vulnerability database and remediation steps."
"There are many integrations with things like the VMware NSX that are great, the reporting is really solid."
More Rapid7 InsightVM pros
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
"The product's most valuable feature combines different contexts and attributes to produce highly confident alerts."
"The security baseline and vulnerability assessments is the valuable feature."
"The tool's most valuable feature is its attack path analysis."
"Wiz offers greater visibility and more in-depth findings in terms of configuration, misconfiguration, and vulnerabilities."
"The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI."
"Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
More Wiz pros
 

Cons

"They should improve the cybersecurity feature of the solution."
"There was functionality present previously, however, currently, we can't integrate directly with Jira Service Desk - only the cloud version."
"InsightVM could be improved by providing passive scanning as an option."
"I think the improvement in the tool should be to provide a better update to users because sometimes the information within the cloud and the scanner are not synchronized very fast."
"The solution could improve by being more secure."
"Some of our customers want to be completely cloud based, and Rapid7 doesn't offer this as an option."
"InsightVM is getting a little stale and is in danger of falling behind its competitors."
"The reporting is very bad when you compare it with other vulnerability assessment tools."
More Rapid7 InsightVM cons
"The only thing that needs to be improved is the number of scans per day."
"The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that."
"Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform."
"We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"The solution's container security could be improved."
"The APIs are currently quite limited and not very mature, which makes integration with Splunk difficult."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
More Wiz cons
 

Pricing and Cost Advice

"The license is annual and this is the optimal approach when it comes to most software."
"The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."
"It is pretty expensive. It depends on what you consider pricey, however, if you only look at vulnerability management solutions, such as within VM or VMDR, there are, I suppose the prices are almost the same. But I believe you will discover that for yourself."
"Its pricing depends on the number of users per month."
"Its price is too high. My only concern or issue with Rapid7 is its pricing."
"A full license for the solution is expensive because it is at the organizational level and not by individual users."
"The price of the solution is less than the competitors."
"Our licensing costs are somewhere around $40,000 annually. There are no additional fees."
More Rapid7 InsightVM pricing and cost advice
"The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."
"I wish the pricing was more transparent."
"The cost of the other solutions is comparable to Wiz."
"Wiz is a moderately priced solution, where it is neither cheap nor costly."
"The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."
"Based on the features and capabilities, the product pricing seems reasonable."
"If one is cheap and ten is expensive, I rate the tool's price as a five out of ten."
"The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."
More Wiz pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
See recommendations
805,335 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
38%
Computer Software Company
11%
Financial Services Firm
7%
Manufacturing Company
6%
Computer Software Company
16%
Financial Services Firm
14%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid...
See all answers
What do you like most about Rapid7 InsightVM?
The product's initial setup phase was very easy.
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightVM?
Rapid7 is a bit expensive.
See all answers
How would you compare Wiz vs Lacework?
Wiz and Lacework sucks... Buy Orca.
See all answers
AWS Cloud Security Posture tool - has anyone used either Wiz or Ermetic cloud security products and can compare them to AWS Security Hub?
Whether or not the cost of third-party Cloud Security tools is justified would depend on your specific needs and budget. Suppose you are looking for a comprehensive Cloud Security solution that can...
See all answers
What do you like most about Wiz?
With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.
See all answers
 

Comparisons

Tenable Nessus vs Rapid7 InsightVM Logo
Tenable Nessus vs Rapid7 InsightVM
Compared 21% of the time
Qualys VMDR vs Rapid7 InsightVM Logo
Qualys VMDR vs Rapid7 InsightVM
Compared 17% of the time
Tenable Security Center vs Rapid7 InsightVM Logo
Tenable Security Center vs Rapid7 InsightVM
Compared 13% of the time
Microsoft Defender Vulnerability Management vs Rapid7 InsightVM Logo
Microsoft Defender Vulnerability Management vs Rapid7 InsightVM
Compared 7% of the time
Tenable Vulnerability Management vs Rapid7 InsightVM Logo
Tenable Vulnerability Management vs Rapid7 InsightVM
Compared 4% of the time
More Rapid7 InsightVM Competitors
Prisma Cloud by Palo Alto Networks vs Wiz Logo
Prisma Cloud by Palo Alto Networks vs Wiz
Compared 17% of the time
Orca Security vs Wiz Logo
Orca Security vs Wiz
Compared 10% of the time
Microsoft Defender for Cloud vs Wiz Logo
Microsoft Defender for Cloud vs Wiz
Compared 8% of the time
CrowdStrike Falcon Cloud Security vs Wiz Logo
CrowdStrike Falcon Cloud Security vs Wiz
Compared 4% of the time
Snyk vs Wiz Logo
Snyk vs Wiz
Compared 4% of the time
More Wiz Competitors
 

Product Reports

Buyer's Guide
Rapid7 InsightVM
August 2024
Rapid7 InsightVM reportDownload Rapid7 InsightVM product report
Buyer's Guide
Wiz
August 2024
Wiz reportDownload Wiz product report
 

Also Known As

InsightVM, NeXpose
No data available
 

Learn More

Rapid7
Wiz
 

Overview

Rapid7 InsightVM is a comprehensive vulnerability management platform that protects your systems from attackers and is easy to scale. The solution provides easy access to vulnerability management, application security, detection and response, external threat intelligence, orchestration and automation, and more. Rapid7 InsightVM is ideal for security, IT, and DevOps teams, helping them reduce risk by enabling them to detect and respond to attacks quickly.

Rapid7 InsightVM Features

Rapid7 InsightVM has many valuable key features. Some of the most useful ones include:

  • Automated containment: With this feature, you can decrease exposure from vulnerabilities by automatically implementing temporary (or permanent) compensating controls via your network access control (NAC) systems, firewalls, and endpoint detection and response tools.
  • Policy assessment: Rapid7 InsightVM offers pre-built scan templates for common compliance requirements. The solution helps you take clear, actionable steps to compliance once you have assessed your risk posture. In addition, Rapid7 InsightVM’s Custom Policy Builder allows you to modify existing benchmarks or create new policies from scratch.
  • REST API: Rapid7 InsightVM REST API is easy to use and was built to easily automate virtually any aspect of vulnerability management, from data collection to risk analysis.
  • Live dashboards: Rapid7 InsightVM includes dashboards that are live and interactive by nature. The live dashboards enable you to create custom cards and full dashboards for anyone in your organization and allow you to track progress of your security program.
  • Automation-assisted patching: Rapid7 InsightVM’s automation-assisted patching gives you the autonomy to make key decisions in your patching process, such as your approval to apply certain patches to certain vulnerabilities.
  • Real risk prioritization: Rapid7 InsightVM makes it simple to know which vulnerabilities need to be prioritized and where your riskiest assets lie.
  • Goals and SLA’s: This feature enables you to make and track progress toward your goals and service level agreements (SLAs) at an appropriate pace.

Rapid7 InsightVM Benefits

There are many benefits to implementing Rapid7 InsightVM. Some of the biggest advantages the solution offers include:

  • Attack surface monitoring for maintained visibility: By leveraging attack surface monitoring with Project Sonar (a Rapid7 research project that regularly scans the internet to gain insights into global exposure to common vulnerabilities), you can gain more control of all of your external-facing assets, both known and unknown.
  • Container security: Rapid7 InsightVM integrates with your CI/CD tools, public container repositories, and private repositories to assess container images for vulnerabilities during the build process even before they are deployed.
  • Lightweight endpoint agent: Rapid7 InsightVM unifies data so you only need to install a single agent for continuous vulnerability assessment, incident detection, and log data collection.
  • Easily assign and track remediation duties: Using Rapid7 InsightVM, IT and security teams can assign as well as track remediation duties without having to deal with remediation reports, complex spreadsheets, or back-and-forth email tags.
  • Integration with cloud services and virtual infrastructure: Rapid7 InsightVM provides full visibility into risk across your physical, virtual, and cloud infrastructure.
  • Integrated threat feeds: Rapid7 InsightVM is designed with integrated threat feeds, giving you a dynamic view that shows you which threats are most relevant to your environment, enabling you to better protect against current, impending threats so you can react quickly to critical vulnerabilities.

Reviews from Real Users

Below are some reviews and helpful feedback written by PeerSpot users currently using the Rapid7 InsightVM solution.

An owner at a tech services company says, "I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps."

PeerSpot user Kimeang S., Technical Consultant at Yip Intsoi, mentions, "The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at."

A Director of Information Technology at a government explains, "The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."

Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within their internal environments.

Wiz's Security Graph delivers automated alerts whenever risks emerge, allowing teams to prioritize and address the most critical issues before they escalate into breaches. Furthermore, Wiz ensures rapid and agentless visibility into critical data across various repositories, enabling organizations to easily determine the location of their data assets.

Wiz Features

Wiz provides various features in the following categories:

  • Agentless Scanning: The solution can scan every layer of a cloud environment without requiring agents, managing the entire process and providing comprehensive visibility.

  • Workflow Integration: Users can create customized workflows within Wiz to identify and assign actions based on urgency, integrating them with ticketing systems for quick and efficient remediation.

  • Vulnerability Management: Wiz's vulnerability management modules provide detailed analytics and visibility across cloud systems, streamlining the manual process of vulnerability discovery. The automated attack path analysis helps identify risks and trace potential points of exposure, allowing users to understand and mitigate them effectively and proactively.

  • CSPM (Cloud Security Posture Management): Wiz's CSPM module offers instant visibility into high-level risks to an enterprise’s cloud environment, covering all accounts without the need for agents.

  • Out-of-the-Box Reporting and Custom Queries: The service supports comprehensive reporting with asset context, allowing users to perform complex custom queries on the solution’s user-friendly interface.

  • Automation Roles and Dashboards: The solution facilitates automation by providing essential roles and dedicated dashboards that enable teams to understand security information quickly, even those with limited expertise.

  • Contextual Risk Evaluation: The service contextualizes the various components contributing to an issue, providing a risk evaluation framework that helps prioritize remediation efforts.

  • Security Graph and Visibility: Wiz's security graph offers visibility across the entire organization, even with multiple accounts, enabling users to understand their environment and assets effectively.

The Benefits of Wiz

Wiz offers the following benefits:


  • Comprehensive agentless scanning

  • Effective identification and mitigation of vulnerabilities

  • Streamlined vulnerability management

  • Robust reporting capabilities and customizable queries

  • Enhanced automation and role-based access control

  • Prioritized risk evaluation for efficient remediation

  • Security posture across multiple accounts

Reviews from Real Users

Kamran Siddique, VP Information Security at boxed.com, remarks his company has seen a ROI while using Wiz, as it simplifies the process by integrating multiple useful tools into one solution.

According to a Senior Security Architect at Deliveroo, Wiz has given their company a fresh approach to vulnerability management, as Wiz's native integrations are extremely useful and paramount to the operational success of their platform.



Get a demo | Wiz

 

Sample Customers

ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
Buyer's Guide
Rapid7 InsightVM vs. Wiz
March 2023
Free Report: Rapid7 InsightVM vs. Wiz
Find out what your peers are saying about Rapid7 InsightVM vs. Wiz and other solutions. Updated: March 2023.
DOWNLOAD NOW
805,335 professionals have used our research since 2012.
See our Rapid7 InsightVM vs. Wiz report.

We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.