Try our new research platform with insights from 80,000+ expert users

Pentera vs Rapid7 InsightVM comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Pentera
Average Rating
7.8
Reviews Sentiment
7.2
Number of Reviews
9
Ranking in other categories
Penetration Testing Services (2nd), Breach and Attack Simulation (BAS) (1st)
Rapid7 InsightVM
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
61
Ranking in other categories
Risk-Based Vulnerability Management (4th)
 

Mindshare comparison

Pentera and Rapid7 InsightVM aren’t in the same category and serve different purposes. Pentera is designed for Breach and Attack Simulation (BAS) and holds a mindshare of 30.4%, up 27.2% compared to last year.
Rapid7 InsightVM, on the other hand, focuses on Risk-Based Vulnerability Management, holds 14.4% mindshare, up 14.0% since last year.
Breach and Attack Simulation (BAS)
Risk-Based Vulnerability Management
 

Featured Reviews

Richard Marlow - PeerSpot reviewer
Provides good features and helps monitor the status of ransomware protection in an organization
The tool is quite scalable. There's a one-to-one relationship between the engine and how many scans we can do. We can only do one scan with one engine. We had some issues around the password assessments because we added a lot of users. It took a long time. I rate the scalability a seven out of ten. We have three users in our organization.
Mahmoud Elhamaymy - PeerSpot reviewer
Reliable scanning and integration strengthen security infrastructure
InsightVM has a very organized GUI with ease of use. The vulnerability scans are reliable, and the credential scan is a beneficial feature. The solution is efficient and trustworthy. It's based on the CVSS risk scoring system, which is well-recognized and effective. The integration capabilities through APIs allow easy integration with existing security infrastructure.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Pentera has many authentic features."
"The product is easy to use."
"What I like the most about Pentera is its solution-oriented approach."
"Maybe there are some remediation steps on the website, we can mask sensitive information on the website better."
"The tool showed us that our ransomware protection wasn’t working on some machines."
"Pentera has many authentic features."
"The platform's most valuable features are credential management and vulnerability management."
"The vulnerability scanner, exploit achievements, and remediation actions are all great."
"I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps."
"When you connect any new device to the network, Rapid7 has the ability to detect the new device immediately. It can scan that device to detect if it has any vulnerability. It tells you what is vulnerable and what has been misconfigured. It also tells you what is the risk of that misconfiguration or lack of patches and how to resolve the problem."
"The connectivity provided by Rapid7 InsightVM is valuable."
"We are very satisfied with the reports, as they provide us with the information that is required for our management."
"It's easy to use. It's fast, it's a powerful easy to access tool."
"The stability of Rapid7 InsightVM is excellent."
"I rate InsightVM eight out of 10 for ease of setup. It takes two or three engineers to deploy. The solution requires some maintenance. It's mainly cleaning up data."
"The solution scales well."
 

Cons

"Maybe scalability. I know that the Pentera right now is high level in order to scan big deals over 500 IPs and not less, and not less. That can be more granular. This will be useful."
"The price could be improved."
"One of the big issues we have is that the tool has an additional license for compromised credentials. Suppose compromised credentials for any of your domains appear in leaks, dumps, or are being sold. In that case, they try to aggregate that data and highlight that, for example, ten users appeared in recent dumps as compromised credentials. However, they don't provide much information about where those compromises came from or their source information, probably to protect their sources."
"The licensing and IP management need improvement."
"Pentera's general dashboards could be improved and made more specific in terms of vulnerabilities that I'm discovering."
"The vulnerability scanner, exploit achievements, and remediation actions are all great."
"One area for product improvement could be the inclusion of a dashboard to cover multiple branches and subsidiaries, allowing for centralized monitoring."
"The automated penetration testing features must be improved."
"The drawback is that it is still not a fully SaaS solution, so you must deploy a console."
"I’d like to see Rapid7 InsightVM improve by adding a knowledge base similar to what Qualys offers. This would help us easily check and search for vulnerabilities using Rapid7 IDs associated with CVs or CVSS. From a features perspective, everything was fine at the time, and the security features of Rapid7 InsightVM were effective."
"Some difficulties with the online reporting and lack of integrations."
"All products have room for increased security and Rapid7 InsightVM is no exception."
"A definite improvement would be to make it easier to run ad-hoc scans without needing to assign the asset to a site or group."
"Within InsightVM, there is no feature to assign a ticket. If we can have more API calls, we can do that from InsightVM."
"Rapid7 could be easier to manage."
"The on-premise updates could improve from Rapid7 InsightVM."
 

Pricing and Cost Advice

"The tool is relatively cheap."
"The product's cost is reasonable. I rate the pricing a three out of ten."
"We have to pay a yearly licensing cost for Pentera."
"It's not that expensive, but it could be more cost-effective."
"The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."
"A full license for the solution is expensive because it is at the organizational level and not by individual users."
"Pricing is reasonable because we pay according to asset usage. We can define our assets and sites according to our preference."
"In some cases, we procure the licenses. In some cases, the customers directly buy the license from Rapid7."
"The tool's price is neither too high nor too low. My company needs to pay 65,000 per year. There are no additional costs apart from the licensing fees attached to the solution."
"The solution's pricing is better than Nexus which charges a high amount for very little use."
"Its licensing is yearly. Everything is included in the price for one year."
"It is pretty expensive. It depends on what you consider pricey, however, if you only look at vulnerability management solutions, such as within VM or VMDR, there are, I suppose the prices are almost the same. But I believe you will discover that for yourself."
report
Use our free recommendation engine to learn which Breach and Attack Simulation (BAS) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Computer Software Company
13%
Manufacturing Company
9%
Educational Organization
6%
Educational Organization
42%
Computer Software Company
9%
Financial Services Firm
8%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Pentera?
What I like the most about Pentera is its solution-oriented approach.
What needs improvement with Pentera?
The licensing and IP management need improvement. When the IP is imported into a system, we cannot withdraw or revoke the license.
What is your primary use case for Pentera?
I am using the OpenIntra solution for pentesting and managing candidates in my environment. I also use this solution for house customers.
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid...
What do you like most about Rapid7 InsightVM?
The product's initial setup phase was very easy.
What is your experience regarding pricing and costs for Rapid7 InsightVM?
Rapid7 InsightVM is expensive, possibly one of the highest in pricing among similar products.
 

Also Known As

No data available
InsightVM, NeXpose
 

Overview

 

Sample Customers

Blackstone Group Caterpillar Apria Healthcare Taylor Vinters Sandler Capital Management Drawbridge BNP Paribas British Red Cross
ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
Find out what your peers are saying about Pentera, Cymulate, Picus Security and others in Breach and Attack Simulation (BAS). Updated: March 2025.
845,040 professionals have used our research since 2012.