Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightVM vs Tenable Vulnerability Management comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Nov 6, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Average Rating
9.6
Reviews Sentiment
8.1
Number of Reviews
3
Ranking in other categories
Vulnerability Management (27th), Continuous Threat Exposure Management (CTEM) (6th)
Rapid7 InsightVM
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
62
Ranking in other categories
Risk-Based Vulnerability Management (4th)
Tenable Vulnerability Manag...
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
42
Ranking in other categories
Vulnerability Management (5th), Risk-Based Vulnerability Management (3rd)
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Mahmoud Elhamaymy - PeerSpot reviewer
Reliable scanning and integration strengthen security infrastructure
InsightVM has a very organized GUI with ease of use. The vulnerability scans are reliable, and the credential scan is a beneficial feature. The solution is efficient and trustworthy. It's based on the CVSS risk scoring system, which is well-recognized and effective. The integration capabilities through APIs allow easy integration with existing security infrastructure.
Mani Bommisetty - PeerSpot reviewer
Streamlines vulnerability management with excellent reporting and potential AI integration
Tenable is user-friendly and excels in reporting. It allows me to easily fetch and schedule reports. The software's discovery feature aids in strengthening our security posture. The single-sensor installation process on various operating systems is smooth, unlike Rapid7, which requires different versions for separate systems. Furthermore, Tenable enables vulnerability management through potential AI integration that consolidates efforts and resolves multiple vulnerabilities simultaneously.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Zafran is an excellent tool."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"We are able to see the real risk of a vulnerability on our environment with our security tools."
"It's easy to use. It's fast, it's a powerful easy to access tool."
"Using Rapid7, we can install a scan engine, we can do our VPN connections, and we can conduct internal scans of remote sites. We prefer the web application. It's smarter and more accurate from an application perspective."
"There are many integrations with things like the VMware NSX that are great, the reporting is really solid."
"It is stable and scalable."
"The ease of deployment and configuration allows users to onboard quickly."
"The most valuable feature for us is the different types of reporting it provides."
"This solution's most useful feature is that it is entirely a single-page application."
"The solution is automatically scheduled so it runs by itself."
"A new user can easily understand the workflow, even if they are creating users for other divisions and the user is a beginner."
"One of the most valuable features of Tenable.io Vulnerability Management is its exportability, which allows us to conduct risk assessments efficiently."
"It is very stable, and it is updated periodically by adding new vulnerabilities."
"The stability is commendable, and I would rate Tenable ten out of ten."
"The vulnerability management itself is the most valuable feature as well as references to the mitigation techniques."
"They are on a good trajectory as a company and investing in R&D in the right ways."
"It is easy to manage. Most of the information the tool provided helped to further investigate the vulnerability and its impact."
"The initial setup is pretty straightforward."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"The solution needs to improve its vulnerability design to include CVC results."
"There is room for improvement on its cloud side. In the next release I would like to see better reporting."
"They should integrate the solution with multiple products."
"We found that after you passed an endpoint, it didn't always reflect it in the next scan. I'm not sure if it was a glitch or some issue with the product's software. That was never clear. That was always an issue and something that definitely needed improvement."
"Some of our customers want to be completely cloud based, and Rapid7 doesn't offer this as an option."
"I think the improvement in the tool should be to provide a better update to users because sometimes the information within the cloud and the scanner are not synchronized very fast."
"It is still not a fully cloud-based solution. It will be helpful for customers if it is a complete cloud solution. It is a hybrid solution at the moment."
"The reporting is a little bit tricky because it can be difficult to exactly pinpoint some of the assets to filter them and generate a report."
"The product could be easier to set up on the cloud."
"I would like the solution to cover the whole cycle of mitigation since it's an area where the solution currently lacks."
"The UI has room for improvement."
"Tenable.io Vulnerability Management could be improved with an increased number of dashboards and MSSP integration."
"I would rate it four out of ten. For startups, freelancers, or companies between startup and midsize, Tenable is recommended. However, for midsize or enterprise-level companies, I would not prefer it."
"The solution’s pricing could be improved."
"The solution must provide penetration testing."
"The shortcoming of the solution that needs improvement is related to its capability to do vulnerability assessments on applications."
 

Pricing and Cost Advice

Information not available
"InsightVM is an expensive product, especially compared to its competitors, at around a million NOK per year."
"We have an annual license to use Rapid7 InsightVM and if we want to extend it, we will possibly choose more than one year."
"This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important."
"The tool's price is neither too high nor too low. My company needs to pay 65,000 per year. There are no additional costs apart from the licensing fees attached to the solution."
"The license is annual and this is the optimal approach when it comes to most software."
"Its licensing is yearly. Everything is included in the price for one year."
"The price of the solution is less than the competitors."
"Our licensing costs are somewhere around $40,000 annually. There are no additional fees."
"Tenable.io Vulnerability Management's pricing solution model isn't great."
"Yearly payments are to be made toward the licensing cost of the product. It is neither a cheap nor an expensive product."
"Compared to other VM solutions, Tenable.io Vulnerability Management is expensive."
"Tenable charges around $40 per device."
"The tool is reasonably priced."
"On a scale of one to ten, where one is low, and ten is high price, I rate the pricing an eight. So, it is a pretty expensive solution."
"There are additional features that can be licensed for an additional cost."
"Tenable.io is not known for being a cheap product."
report
Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
12%
Manufacturing Company
7%
Retailer
6%
Educational Organization
40%
Computer Software Company
9%
Financial Services Firm
8%
Manufacturing Company
6%
Educational Organization
26%
Computer Software Company
12%
Financial Services Firm
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
I find that the pricing for Zafran aligns well with the comprehensive features it offers. The asset and user-based li...
What needs improvement with Zafran Security?
While Zafran Security is already a powerful tool, there are areas where it could be further improved to provide even ...
What is your primary use case for Zafran Security?
Our primary use case for Zafran involves leveraging it to enhance our vulnerability risk scoring methodology. In toda...
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. Yo...
What do you like most about Rapid7 InsightVM?
The product's initial setup phase was very easy.
What is your experience regarding pricing and costs for Rapid7 InsightVM?
Rapid7 InsightVM is expensive, possibly one of the highest in pricing among similar products.
What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of ...
What needs improvement with Tenable.io Vulnerability Management?
I would suggest HP WebInspect as a better option than Tenable.io. My current client doesn't have access to it. Howeve...
 

Also Known As

No data available
InsightVM, NeXpose
Tenable.io
 

Overview

 

Sample Customers

Information Not Available
ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
Global Payments AU/NZ
Find out what your peers are saying about Rapid7 InsightVM vs. Tenable Vulnerability Management and other solutions. Updated: March 2025.
848,716 professionals have used our research since 2012.