Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightVM vs Skybox Security Suite comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Average Rating
9.6
Reviews Sentiment
8.1
Number of Reviews
3
Ranking in other categories
Vulnerability Management (27th), Continuous Threat Exposure Management (CTEM) (6th)
Rapid7 InsightVM
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
62
Ranking in other categories
Risk-Based Vulnerability Management (4th)
Skybox Security Suite
Average Rating
7.6
Reviews Sentiment
6.8
Number of Reviews
37
Ranking in other categories
Vulnerability Management (41st), Firewall Security Management (7th)
 

Mindshare comparison

Risk-Based Vulnerability Management
Vulnerability Management
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Mahmoud Elhamaymy - PeerSpot reviewer
Reliable scanning and integration strengthen security infrastructure
InsightVM has a very organized GUI with ease of use. The vulnerability scans are reliable, and the credential scan is a beneficial feature. The solution is efficient and trustworthy. It's based on the CVSS risk scoring system, which is well-recognized and effective. The integration capabilities through APIs allow easy integration with existing security infrastructure.
NenadMijatovic - PeerSpot reviewer
Efficient in vulnerability management, stable and easy to use
Vulnerability management is the most valuable feature because it lets you focus on the most critical vulnerabilities. That's the important thing. Here in Serbia, there are not so many companies that have too many firewalls inside one company. So, they usually don't buy this model for Firewall Assurance unless there is some compliance. So you can prove that your firewalls are compliant. So, that model is not so important here in Serbia. It's for bigger companies. So, they usually buy network assurance to build the model of the network and vulnerability management to focus on the most important vulnerabilities. Moreover, Skybox can collect data for many vendors. From the endpoint protection vendors to the network equipment vendors to other security vendors. So, it supports more than one hundred vendors to collect data from them.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Zafran is an excellent tool."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"The product's initial setup phase was very easy."
"The ease of deployment and configuration allows users to onboard quickly."
"The connectivity provided by Rapid7 InsightVM is valuable."
"It's very scalable."
"Rapid7 InsightVM has given us a practical view of the vulnerabilities present in our organization."
"most valuable features of Rapid7 InsightVM for me are creating dynamic asset tags, generating reports, and deploying the agent. The agent scans assets every four hours, providing real-time data on any devices. Although there weren't any significant new features compared to our previous tool, having both SIEM and vulnerability management handled by one tool made things easier. We could gather logs from different devices and cloud sources, and perform detailed investigations without switching tools. I haven't worked with the automation capabilities of InsightVM. For remediation prioritization, we check the vulnerability, search for solutions on open platforms, and work with different teams to apply patches after proper testing. Currently, we don’t have any AI or ASM projects assisted by InsightVM"
"The most valuable feature is the vulnerability scan."
"This solution's most useful feature is that it is entirely a single-page application."
"Skybox allows organizations to reprioritize the vulnerability they attempt to patch and mitigate, based on the contextual awareness of the network."
"instead of asking for firewall rules which may or may not be relevant, or could already be there, or could be over-permissioned, Skybox can be used to map out the resources that that application is going to use and provide the exact rules that an application would require to function correctly. If the traffic isn't able to flow for the application, if it's erring out, Skybox can be used to troubleshoot that and say, "All right, where is the traffic being stopped and why, and how do I fix that.""
"We are currently working on rule review and compliance. The logging features are good."
"Skybox Security Suite is cost-effective."
"It's given us more visibility in terms of what are the kinds of configurations that are on these devices, and how many of these are stale rules. So it's helped greatly in terms of cleaning up of rules, for sure. And it has definitely given us a more secure way of backing up the configuration on these devices."
"Overall, the tool has helped us reduce risks. If any step is missing, it's easier for my team or engineers to identify it. The tool provides accurate recommendations based on the data. Its integration is easy, and I have integrated it with Fortinet firewalls."
"This type of tool does a great job of reaching into those other devices producing risk recommendations, compliance recommendations, and a single plane of glass to do your queries, so you can find where these rules might exist."
"It's very supportive and very user-friendly."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"The reporting is very bad when you compare it with other vulnerability assessment tools."
"The reporting has room for improvement. You cannot customize any report. If I need a specific requirement, I have to create a new report for it."
"This solution creates false-positives which can cause issues with reporting."
"Rapid7 InsightVM is expensive, possibly one of the highest in pricing among similar products."
"Rapid7 could be easier to manage."
"The solution should include a tighter integration with third-party threat modeling and threat intelligence tools."
"It is still not a fully cloud-based solution. It will be helpful for customers if it is a complete cloud solution. It is a hybrid solution at the moment."
"The integration with other solutions like JIRA could be better. Perhaps there could be some additional updates in the next phase that could integrate with it, so then you can proceed with the VT much easier."
"The tool does not offer options for customization."
"There is room for improvement in the technical support."
"I've had issues with licensing where, when they were expiring and I asked for the updated licenses, I would the wrong ones. I think their process needs to be straightened out a little bit - I don't know if they fixed it already, it has been awhile. It wasn't as straightforward as it could have been."
"If anything could be improved it would be staying on top of the collector scripts, but I understand that's a very tough challenge."
"The company made bad business decisions impacting many clients and their own staff. Reporting could have been improved, and feature requests often were not implemented."
"The stability is something that is questionable. I don't know whether it is because of the kind of infrastructure we have or because of the product in itself. We're running it on a virtual machine right now. Maybe once a month, or once in every 45 days, it requires a restart because the application fails to connect. So I have to restart the whole Skybox Manager itself, the Skybox server itself, and then connect to it from our Skybox Manager."
"The setup documentation needs a lot of improvement."
"The solution was quite technical. It would be easier to manage if the solution was more specific about aspects of the solution and provided more advisory around how to use it effectively. It would help users a lot if they were more clear about everything."
 

Pricing and Cost Advice

Information not available
"Its pricing depends on the number of users per month."
"InsightVM is an expensive product, especially compared to its competitors, at around a million NOK per year."
"We purchase annual licenses."
"Its licensing is yearly. Everything is included in the price for one year."
"The price of the solution is less than the competitors."
"The solution is a bit more reasonably priced than other products."
"This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important."
"The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."
"The software is expensive. I rate its pricing an eight out of ten."
"With licensing, the number of network nodes becomes very expensive to the point where you have to rationalize if the tools are warranted anymore."
"Fully understand the total cost of ownership. They have gone to a new model where you have to replace the hardware every X amount of years at a very substantial cost and fully understand your intended number of nodes. To operate a firewall, you have to pay two licenses, a firewall node and a network node. If you are a reasonable-sized organization, this gets expensive very quickly."
"The price of the Skybox Security Suite can be expensive."
"The price is not expensive."
"The solution is based on a subscription model for annual licenses."
"Currently, the licensing costs me about $300 USD for the year. This is a huge amount for my environment."
"Pricing is on the higher side. In terms of licensing, you should buy the complete suite rather than buying only the Change Manager. I think Change Manager with Vulnerability Control is something that would be interesting to look at."
report
Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
11%
Manufacturing Company
7%
Retailer
6%
Educational Organization
39%
Computer Software Company
9%
Financial Services Firm
8%
Manufacturing Company
7%
Financial Services Firm
18%
Computer Software Company
17%
Manufacturing Company
10%
Energy/Utilities Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
I find that the pricing for Zafran aligns well with the comprehensive features it offers. The asset and user-based li...
What needs improvement with Zafran Security?
While Zafran Security is already a powerful tool, there are areas where it could be further improved to provide even ...
What is your primary use case for Zafran Security?
Our primary use case for Zafran involves leveraging it to enhance our vulnerability risk scoring methodology. In toda...
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. Yo...
What do you like most about Rapid7 InsightVM?
The product's initial setup phase was very easy.
What is your experience regarding pricing and costs for Rapid7 InsightVM?
Rapid7 InsightVM is expensive, possibly one of the highest in pricing among similar products.
What do you like most about Skybox Security Suite?
Overall, the tool has helped us reduce risks. If any step is missing, it's easier for my team or engineers to identif...
What is your experience regarding pricing and costs for Skybox Security Suite?
Skybox Security Suite has indeed helped us reduce costs. The prices of AlgoSec and Skybox Security Suite are approxim...
What needs improvement with Skybox Security Suite?
There is room for improvement in the product's user interface. It could be more user-friendly.
 

Also Known As

No data available
InsightVM, NeXpose
No data available
 

Overview

 

Sample Customers

Information Not Available
ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
ADP, Blue Cross Blue Shield, BT, USAID, Delta Dental, EDF Energy, EMC, HSBC, Johnson & Johnson
Find out what your peers are saying about Rapid7 InsightVM vs. Skybox Security Suite and other solutions. Updated: March 2023.
849,190 professionals have used our research since 2012.