We performed a comparison between Rapid7 Metasploit and Vectra AI based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, SentinelOne and others in Vulnerability Management."Technical support has been helpful and responsive."
"Rapid7 Metasploit is a useful product."
"It's not possible to do penetration testing without being very proficient in Metasploit."
"The tool's most useful feature for penetration testing is its automation capabilities. With the professional edition, you can upload the results from Nessus in the Rapid7 Metasploit solution portal."
"The greatest advantage of Rapid7 Metasploit is that it is the only system that can directly exploit vulnerabilities on the Metasploit platform."
"The most valuable features of the solution are the scripts, the modules, and the tools that the Rapid7 Metasploit framework has."
"I use Rapid7 Metasploit for payload generation and Post-Exploitation."
"The most valuable feature for us is the support for testing Linux-based web server components."
"The key feature for me for Detect for Office 365 is that it can also concentrate all the information and detection at one point, the same as the network solution does. This is the key feature for me because, while accessing data from Office 365 is possible using Microsoft interfaces, they are not really user-friendly and are quite confusing to use. But Detect for Office 365 is aggregating all the info, and it's only the interesting stuff."
"Vectra AI generates relevant information."
"The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment."
"One of the key advantages for us is we define a 24/7 service around it. We use far more of Vectra alerts than we do with our SIEM product because we understand that when we get an alert from Vectra we actually need to do something about it."
"It provides various dashboards that facilitate the identification of connections and can detect data exfiltration, meaning data sent from your environment to another."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
"It's important for us that the user interface is easy to understand and that is the biggest benefit we see from Vectra AI."
"The solution's ability to reduce alerts, by rolling up numerous alerts to create a single incident or campaign, helps in that it collapses all the events to a particular host, or a particular detection to a set of hosts. So it doesn't generate too many alerts. By and large, whatever alerts it generates are actionable, and actionable within the day."
"Rapid7 Metasploit could be made easier for new users to learn."
"I would like to see more capabilities, more functions, and more features. More types of attack vectors."
"There are numerous outdated exploits in their database that should be updated."
"At the time I was using it, the graphical user interface needed some improvements."
"Advanced Infrastructure should be implemented in the next release for better orchestration."
"I think areas with shortcomings that need improvement are more integration and automation."
"Rapid7 Metasploit can add a GUI feature because it is only available online."
"We'd like them to offer better coverage of malware."
"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."
"We would like to see more information with the syslogs. The syslogs that they send to our SIEM are a bit short compared to what you can see. It would be helpful if they send us more data that we can incorporate into our SIEM, then can correlate with other events."
"The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful."
"We had another product with Vectra AI and used the MDR solution as an add-on. Initially, it wasn't fully appropriately configured, so we didn't get the expected results. Even once configured correctly, we weren't fully satisfied with its response. The issue was both with their service response and the product's capabilities."
"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."
"It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability."
"I think Vectra AI's automation, reporting, and integration could be improved."
"Vectra Recall could be utilized much more, and I'm seeing some indications of that today with the investigative components. I use the Visualize feature to visualize components and dashboards a lot. I'm interested in new ways to build automated searches or having them leveraged already from Vectra."
Rapid7 Metasploit is ranked 12th in Vulnerability Management with 18 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 42 reviews. Rapid7 Metasploit is rated 7.6, while Vectra AI is rated 8.6. The top reviewer of Rapid7 Metasploit writes "Helps find vulnerabilities in a system to determine whether the system needs to be upgraded". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Rapid7 Metasploit is most compared with Tenable Nessus, Pentera, Acunetix and Rapid7 InsightVM, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Corelight.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.