Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightVM vs XM Cyber comparison

The compared Rapid7 and XM Cyber solutions aren't in the same category. Rapid7 is ranked #4 in RBVM , with an average rating of 8.1, and holds a 20.7% mindshare in the category. XM Cyber is ranked #2 in CTEM , with an average rating of 8.0, and holds a 35.9% mindshare. Additionally, 88% of Rapid7 users are willing to recommend the solution, compared to 100% of XM Cyber users who would recommend it.
Rapid7 InsightVM
Read 61 Rapid7 InsightVM reviews
  • 5,237 Views
  • 3,502 Comparison Views
88% willing to recommend
XM Cyber
Read 2 XM Cyber reviews
  • 460 Views
  • 275 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Rapid7 InsightVM and XM Cyber based on real PeerSpot user reviews.

Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Risk-Based Vulnerability Management Report (Updated: January 2025).
Buyer's Guide
Risk-Based Vulnerability Management
January 2025
Download the complete report
Helped 831,071 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Rapid7 InsightVM
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
61
Ranking in other categories
Risk-Based Vulnerability Management (4th)
XM Cyber
Average Rating
8.0
Reviews Sentiment
7.8
Number of Reviews
2
Ranking in other categories
Vulnerability Management (29th), Cloud Security Posture Management (CSPM) (26th), Continuous Threat Exposure Management (CTEM) (2nd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Rapid7 InsightVM is designed for Risk-Based Vulnerability Management and holds a mindshare of 20.7%, up 15.0% compared to last year.
XM Cyber, on the other hand, focuses on Continuous Threat Exposure Management (CTEM), holds 35.9% mindshare, down 47.5% since last year.
Risk-Based Vulnerability Management
Continuous Threat Exposure Management (CTEM)
 

Featured Reviews

Shakeel Ahmad - PeerSpot reviewer
Brilliant audit report and scorecard but scans often get blocked by firewalls
The solution cannot scan third-party tools that have firewalls within them. The firewalls detect and block the solution. Conversely, Nexus is able to bypass firewalls because it has low detectability. We use Nexus when the solution cannot bypass a firewall. The solution can scan 60% of the time but Nexus can scan 90% of the time. The solution needs to improve its vulnerability design to include CVC results. Nexus has a good, long range and a good database for finding CVC numbers. We need this level of security detail but the solution does not seem to provide it.
Read full review
HolgerHeimann - PeerSpot reviewer
Reliable with no false-positives and helpful support
There's a lot of improvement possible, however, most of it is in the details. I personally like the concept, as it's pretty straightforward and the product is not trying to overload functionality. It's a clean and straightforward approach. You know what you get. Most of the improvements are detail improvements. They're pretty open to future requests as well, so we send them a lot of suggestions. For example, at the moment, they have something called Battleground. That's a visualization of the network, and it's a visualization of the attack paths that are possible. The program uses so-called scenarios, and we say, "Okay, I'm watching traffic for maybe 24 hours," and then you get a result for that scenario, what happens in that time with what the attack paths are, et cetera. The result of the same scenario yesterday or tomorrow may be different as something might change. In that, one of the things I'm currently missing, which is on the list to be added, is some kind of diff visualization. For example, showing a two-screen split of activity. On the left side of the screen, that's how it was yesterday; on the right side, that's how it is today; and here are the differences. We'd like to see a cheaper price.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's a relevant management tool."
"It is stable and scalable."
"It's easy to use. It's fast, it's a powerful easy to access tool."
"The product's initial setup phase was very easy."
"The most valuable features of Rapid7 InsightVM are the accurate level of scanning and the workflows are good."
"The most valuable feature for us is the different types of reporting it provides."
"InsightVM has a very organized GUI with ease of use."
"There are many integrations with things like the VMware NSX that are great, the reporting is really solid."
More Rapid7 InsightVM pros
"The platform's most valuable feature is attack simulation."
"What I personally like very much, from my experience, is that it is very reliable."
 

Cons

"They should integrate the solution with multiple products."
"I would say that it improved our visibility, but it left things open."
"The integration with other solutions like JIRA could be better. Perhaps there could be some additional updates in the next phase that could integrate with it, so then you can proceed with the VT much easier."
"InsightVM could be improved by providing passive scanning as an option."
"It is still not a fully cloud-based solution. It will be helpful for customers if it is a complete cloud solution. It is a hybrid solution at the moment."
"Some difficulties with the online reporting and lack of integrations."
"There was functionality present previously, however, currently, we can't integrate directly with Jira Service Desk - only the cloud version."
"The reporting has room for improvement. You cannot customize any report. If I need a specific requirement, I have to create a new report for it."
More Rapid7 InsightVM cons
"We'd like to see a cheaper price."
"XM Cyber could identify all areas of vulnerability. They could expand the identification span for different areas."
 

Pricing and Cost Advice

"The license is annual and this is the optimal approach when it comes to most software."
"Its price is too high. My only concern or issue with Rapid7 is its pricing."
"We purchase annual licenses."
"The solution's pricing is better than Nexus which charges a high amount for very little use."
"The licensing is asset-based and very straightforward."
"Our licensing costs are somewhere around $40,000 annually. There are no additional fees."
"Its pricing depends on the number of users per month."
"The tool's price is neither too high nor too low. My company needs to pay 65,000 per year. There are no additional costs apart from the licensing fees attached to the solution."
More Rapid7 InsightVM pricing and cost advice
"We have to pay standard licensing fees."
report
See which vendors are best for you
Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
See recommendations
831,071 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
42%
Computer Software Company
10%
Financial Services Firm
7%
Manufacturing Company
6%
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
9%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid...
See all answers
What do you like most about Rapid7 InsightVM?
The product's initial setup phase was very easy.
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightVM?
Rapid7 InsightVM is expensive, possibly one of the highest in pricing among similar products.
See all answers
What do you like most about XM Cyber?
The platform's most valuable feature is attack simulation.
See all answers
What is your experience regarding pricing and costs for XM Cyber?
We have to pay standard licensing fees. There are no additional costs. It is an expensive product. I rate the pricing a seven out of ten.
See all answers
What needs improvement with XM Cyber?
XM Cyber could identify all areas of vulnerability. They could expand the identification span for different areas.
See all answers
 

Comparisons

Tenable Nessus vs Rapid7 InsightVM Logo
Tenable Nessus vs Rapid7 InsightVM
Compared 21% of the time
Qualys VMDR vs Rapid7 InsightVM Logo
Qualys VMDR vs Rapid7 InsightVM
Compared 17% of the time
Tenable Security Center vs Rapid7 InsightVM Logo
Tenable Security Center vs Rapid7 InsightVM
Compared 12% of the time
Microsoft Defender Vulnerability Management vs Rapid7 InsightVM Logo
Microsoft Defender Vulnerability Management vs Rapid7 InsightVM
Compared 8% of the time
Rapid7 InsightIDR vs Rapid7 InsightVM Logo
Rapid7 InsightIDR vs Rapid7 InsightVM
Compared 5% of the time
More Rapid7 InsightVM Competitors
Pentera vs XM Cyber Logo
Pentera vs XM Cyber
Compared 26% of the time
Cymulate vs XM Cyber Logo
Cymulate vs XM Cyber
Compared 15% of the time
SafeBreach vs XM Cyber Logo
SafeBreach vs XM Cyber
Compared 10% of the time
Wiz vs XM Cyber Logo
Wiz vs XM Cyber
Compared 8% of the time
Orca Security vs XM Cyber Logo
Orca Security vs XM Cyber
Compared 3% of the time
More XM Cyber Competitors
 

Product Reports

Buyer's Guide
Rapid7 InsightVM
January 2025
Rapid7 InsightVM reportDownload Rapid7 InsightVM product report
Buyer's Guide
Cymulate vs. XM Cyber
December 2024
XM Cyber reportDownload XM Cyber product report
 

Also Known As

InsightVM, NeXpose
No data available
 

Learn More

Rapid7
XM Cyber
 

Overview

Rapid7 InsightVM is a comprehensive vulnerability management platform that protects your systems from attackers and is easy to scale. The solution provides easy access to vulnerability management, application security, detection and response, external threat intelligence, orchestration and automation, and more. Rapid7 InsightVM is ideal for security, IT, and DevOps teams, helping them reduce risk by enabling them to detect and respond to attacks quickly.

Rapid7 InsightVM Features

Rapid7 InsightVM has many valuable key features. Some of the most useful ones include:

  • Automated containment: With this feature, you can decrease exposure from vulnerabilities by automatically implementing temporary (or permanent) compensating controls via your network access control (NAC) systems, firewalls, and endpoint detection and response tools.
  • Policy assessment: Rapid7 InsightVM offers pre-built scan templates for common compliance requirements. The solution helps you take clear, actionable steps to compliance once you have assessed your risk posture. In addition, Rapid7 InsightVM’s Custom Policy Builder allows you to modify existing benchmarks or create new policies from scratch.
  • REST API: Rapid7 InsightVM REST API is easy to use and was built to easily automate virtually any aspect of vulnerability management, from data collection to risk analysis.
  • Live dashboards: Rapid7 InsightVM includes dashboards that are live and interactive by nature. The live dashboards enable you to create custom cards and full dashboards for anyone in your organization and allow you to track progress of your security program.
  • Automation-assisted patching: Rapid7 InsightVM’s automation-assisted patching gives you the autonomy to make key decisions in your patching process, such as your approval to apply certain patches to certain vulnerabilities.
  • Real risk prioritization: Rapid7 InsightVM makes it simple to know which vulnerabilities need to be prioritized and where your riskiest assets lie.
  • Goals and SLA’s: This feature enables you to make and track progress toward your goals and service level agreements (SLAs) at an appropriate pace.

Rapid7 InsightVM Benefits

There are many benefits to implementing Rapid7 InsightVM. Some of the biggest advantages the solution offers include:

  • Attack surface monitoring for maintained visibility: By leveraging attack surface monitoring with Project Sonar (a Rapid7 research project that regularly scans the internet to gain insights into global exposure to common vulnerabilities), you can gain more control of all of your external-facing assets, both known and unknown.
  • Container security: Rapid7 InsightVM integrates with your CI/CD tools, public container repositories, and private repositories to assess container images for vulnerabilities during the build process even before they are deployed.
  • Lightweight endpoint agent: Rapid7 InsightVM unifies data so you only need to install a single agent for continuous vulnerability assessment, incident detection, and log data collection.
  • Easily assign and track remediation duties: Using Rapid7 InsightVM, IT and security teams can assign as well as track remediation duties without having to deal with remediation reports, complex spreadsheets, or back-and-forth email tags.
  • Integration with cloud services and virtual infrastructure: Rapid7 InsightVM provides full visibility into risk across your physical, virtual, and cloud infrastructure.
  • Integrated threat feeds: Rapid7 InsightVM is designed with integrated threat feeds, giving you a dynamic view that shows you which threats are most relevant to your environment, enabling you to better protect against current, impending threats so you can react quickly to critical vulnerabilities.

Reviews from Real Users

Below are some reviews and helpful feedback written by PeerSpot users currently using the Rapid7 InsightVM solution.

An owner at a tech services company says, "I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps."

PeerSpot user Kimeang S., Technical Consultant at Yip Intsoi, mentions, "The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at."

A Director of Information Technology at a government explains, "The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."

XM Cyber is a leading hybrid cloud security company that’s changing the way innovative organizations approach cyber risk. Our attack path management platform continuously uncovers hidden attack paths to your critical assets across cloud and on-prem environments, so you can cut them off at key junctures and eradicate risk with a fraction of the effort. This overcomes the big disconnect that security teams experience when they’re presented with endless alerts, yet can’t see which exposures impact risk the most, how they come together to be exploited by an attacker, or how to efficiently eliminate them. This approach is a complete game-changer, which is why some of the world’s largest, most complex organizations choose XM Cyber to help eradicate risk. Founded by top executives from the Israeli cyber intelligence community, XM Cyber has offices in North America, Europe, and Israel.

 

Sample Customers

ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
Hamburg Port Authority, Plymouth Rock Corporation
Buyer's Guide
Risk-Based Vulnerability Management
January 2025
Download Free Report
Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management. Updated: January 2025.
DOWNLOAD NOW
831,071 professionals have used our research since 2012.

We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.