Try our new research platform with insights from 80,000+ expert users

Pentera vs Rapid7 InsightVM comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Pentera
Average Rating
7.8
Reviews Sentiment
7.2
Number of Reviews
9
Ranking in other categories
Penetration Testing Services (2nd), Breach and Attack Simulation (BAS) (1st)
Rapid7 InsightVM
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
61
Ranking in other categories
Risk-Based Vulnerability Management (4th)
 

Mindshare comparison

Pentera and Rapid7 InsightVM aren’t in the same category and serve different purposes. Pentera is designed for Breach and Attack Simulation (BAS) and holds a mindshare of 30.4%, up 27.2% compared to last year.
Rapid7 InsightVM, on the other hand, focuses on Risk-Based Vulnerability Management, holds 14.4% mindshare, up 14.0% since last year.
Breach and Attack Simulation (BAS)
Risk-Based Vulnerability Management
 

Featured Reviews

Richard Marlow - PeerSpot reviewer
Provides good features and helps monitor the status of ransomware protection in an organization
The tool is quite scalable. There's a one-to-one relationship between the engine and how many scans we can do. We can only do one scan with one engine. We had some issues around the password assessments because we added a lot of users. It took a long time. I rate the scalability a seven out of ten. We have three users in our organization.
Mahmoud Elhamaymy - PeerSpot reviewer
Reliable scanning and integration strengthen security infrastructure
InsightVM has a very organized GUI with ease of use. The vulnerability scans are reliable, and the credential scan is a beneficial feature. The solution is efficient and trustworthy. It's based on the CVSS risk scoring system, which is well-recognized and effective. The integration capabilities through APIs allow easy integration with existing security infrastructure.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Pentera has many authentic features."
"The product is easy to use."
"The platform's most valuable features are credential management and vulnerability management."
"The solution is SaaS-based. From a cloud perspective, it has Pentera Surface and Pentera Core. The Core is the on-prem deployed solution, while the Surface is the cloud-hosted solution that scans your public infrastructure. From the Surface perspective, the most valuable feature so far has been the attack surface mapping."
"What I like the most about Pentera is its solution-oriented approach."
"Maybe there are some remediation steps on the website, we can mask sensitive information on the website better."
"The tool showed us that our ransomware protection wasn’t working on some machines."
"The vulnerability scanner, exploit achievements, and remediation actions are all great."
"The solution works well."
"The performance is good."
"The solution is automatically scheduled so it runs by itself."
"Has great reporting features."
"We are very satisfied with the reports, as they provide us with the information that is required for our management."
"The most valuable features of Rapid7 InsightVM are the accurate level of scanning and the workflows are good."
"This solution is very easy to use and easy to install."
"The most valuable features of the solution are the agent and the scanning."
 

Cons

"The licensing and IP management need improvement."
"One area for product improvement could be the inclusion of a dashboard to cover multiple branches and subsidiaries, allowing for centralized monitoring."
"One of the big issues we have is that the tool has an additional license for compromised credentials. Suppose compromised credentials for any of your domains appear in leaks, dumps, or are being sold. In that case, they try to aggregate that data and highlight that, for example, ten users appeared in recent dumps as compromised credentials. However, they don't provide much information about where those compromises came from or their source information, probably to protect their sources."
"The vulnerability scanner, exploit achievements, and remediation actions are all great."
"Pentera's general dashboards could be improved and made more specific in terms of vulnerabilities that I'm discovering."
"Maybe scalability. I know that the Pentera right now is high level in order to scan big deals over 500 IPs and not less, and not less. That can be more granular. This will be useful."
"There is room for improvement in virtualization compatibility."
"The licensing and IP management need improvement. When the IP is imported into a system, we cannot withdraw or revoke the license."
"There needs to be much clearer instructions surrounding scanning."
"I would like to see more integration."
"Rapid7 InsightVM could be easier to use for those who are using it for the first time."
"It would be great to have a mobile application client. Currently, you have to use a mobile web browser on a device, but it is not similar to the desktop web browser in terms of user experience. It would be nice to have a mobile application to access the platform."
"InsightVM is getting a little stale and is in danger of falling behind its competitors."
"I’d like to see Rapid7 InsightVM improve by adding a knowledge base similar to what Qualys offers. This would help us easily check and search for vulnerabilities using Rapid7 IDs associated with CVs or CVSS. From a features perspective, everything was fine at the time, and the security features of Rapid7 InsightVM were effective."
"In terms of improvements, its price could be better. Our main issue with Rapid7 is that it is too expensive. You can only sell it to enterprise accounts. In terms of new features, Rapid7 came up with a product called InsightIDR a couple of years ago, which is a good SIEM solution. We expect that Rapid7 will work on some sort of integration between InsightVM and InsightIDR, where vulnerability or anomaly detected by InsightVM can be reported in InsightIDR in some sort of real-time. Rapid7 doesn't patch. For example, if you have a vulnerability, some products can scan and also do the patching, but Rapid7 does not do the patching. It would be nice if it can also patch."
"I would say that it improved our visibility, but it left things open."
 

Pricing and Cost Advice

"It's not that expensive, but it could be more cost-effective."
"The tool is relatively cheap."
"We have to pay a yearly licensing cost for Pentera."
"The product's cost is reasonable. I rate the pricing a three out of ten."
"The license is annual and this is the optimal approach when it comes to most software."
"Comparing the price with the value that we receive, I am not happy with it."
"The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."
"It is pretty expensive. It depends on what you consider pricey, however, if you only look at vulnerability management solutions, such as within VM or VMDR, there are, I suppose the prices are almost the same. But I believe you will discover that for yourself."
"It is less expensive compared to other competitors."
"Its price is too high. My only concern or issue with Rapid7 is its pricing."
"Licensing fees are paid on a yearly basis."
"This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important."
report
Use our free recommendation engine to learn which Breach and Attack Simulation (BAS) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Computer Software Company
14%
Manufacturing Company
9%
Educational Organization
6%
Educational Organization
42%
Computer Software Company
9%
Financial Services Firm
8%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Pentera?
What I like the most about Pentera is its solution-oriented approach.
What needs improvement with Pentera?
The licensing and IP management need improvement. When the IP is imported into a system, we cannot withdraw or revoke the license.
What is your primary use case for Pentera?
I am using the OpenIntra solution for pentesting and managing candidates in my environment. I also use this solution for house customers.
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid...
What do you like most about Rapid7 InsightVM?
The product's initial setup phase was very easy.
What is your experience regarding pricing and costs for Rapid7 InsightVM?
Rapid7 InsightVM is expensive, possibly one of the highest in pricing among similar products.
 

Also Known As

No data available
InsightVM, NeXpose
 

Overview

 

Sample Customers

Blackstone Group Caterpillar Apria Healthcare Taylor Vinters Sandler Capital Management Drawbridge BNP Paribas British Red Cross
ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
Find out what your peers are saying about Pentera, Cymulate, Picus Security and others in Breach and Attack Simulation (BAS). Updated: March 2025.
845,040 professionals have used our research since 2012.