Try our new research platform with insights from 80,000+ expert users

Rapid7 Metasploit vs Tenable Security Center comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024
 

Categories and Ranking

Rapid7 Metasploit
Ranking in Vulnerability Management
19th
Average Rating
7.6
Number of Reviews
18
Ranking in other categories
No ranking in other categories
Tenable Security Center
Ranking in Vulnerability Management
4th
Average Rating
8.2
Reviews Sentiment
7.5
Number of Reviews
51
Ranking in other categories
Cloud Security Posture Management (CSPM) (13th), Risk-Based Vulnerability Management (1st)
 

Mindshare comparison

As of November 2024, in the Vulnerability Management category, the mindshare of Rapid7 Metasploit is 1.9%, down from 1.9% compared to the previous year. The mindshare of Tenable Security Center is 8.6%, down from 14.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management
 

Featured Reviews

Aqeel Junaid - PeerSpot reviewer
Mar 14, 2024
Helps find vulnerabilities in a system to determine whether the system needs to be upgraded
I've been using Rapid7 Metasploit to create vulnerabilities and test exploits. I can create malicious Word documents through the Rapid7 Metasploit framework for testing purposes. I can create a backdoor through the solution to test a web server or a vulnerable machine The most valuable features…
Md. Shahriar Hussain - PeerSpot reviewer
Feb 23, 2024
A security solution for vulnerability assessment with automated scans
Additional costs are associated with using the solution, as additional scanners are required for different endpoints connected to the Tenable Security Center. If Tenable Security Center could extract information from these scanners automatically rather than manually, it would enhance user-friendliness for customers. For example, suppose I manually conducted CIS hardening or compliance scoring in a separate data centre. These scores should also be reflected in the Tenable Security Center dashboard. Since the scanner is connected to the Tenable Security Center, the dashboard should display the direct scan results from the general security centre and the connected scanners. There could be unusual activities or attacks with the rising AI-related issues or threats that the Tenable Security Center could track in the future.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Stability-wise, I rate the solution a nine out of ten...Scalability-wise, I rate the solution a nine out of ten."
"It's not possible to do penetration testing without being very proficient in Metasploit."
"The most valuable features of the solution are the scripts, the modules, and the tools that the Rapid7 Metasploit framework has."
"The Search Engineering feature is good."
"I use Rapid7 Metasploit for payload generation and Post-Exploitation."
"Technical support has been helpful and responsive."
"I don't have any other tools like it, and I always use it when I'm doing a pen test. Metasploit is a great solution for penetration testing,"
"Rapid7 Metasploit is a useful product."
"This solution has a much lower rate of false positives compared to competing products."
"The predictive prioritization features are pretty good. They do a lot of research and we trust the research that they do internally. They have knowledge of what's going on with many companies, where we only get a view into what's going on here. So the ability to get best practices out of them as part of this solution, is valuable to us."
"The tool provides us insight into the happens of the network and its hosts. It provides me with a list of hosts."
"One of the most valuable features is their distributed scan model for allotting engines to work together as a pool and handle multiple scans at once, across multiple environments. Automatic scanning distribution is a distinguishing feature of their toolset."
"Tenable Security Center scans networks and gives reports."
"The most valuable features in Tenable SC are scanning and analysis."
"I find Tenable SC to be a very scalable product."
"Compliance and vulnerability scans are most valuable. Compliance scan helps in validating how our teams are complying, and vulnerability scan helps in future-proofing. Its vulnerability detection is accurate."
 

Cons

"It is necessary to add some training materials and a tutorial for beginners."
"Rapid7 Metasploit could be made easier for new users to learn."
"Rapid7 Metasploit can add a GUI feature because it is only available online."
"Better automation capabilities would be an improvement."
"I would like to see more capabilities, more functions, and more features. More types of attack vectors."
"The solution is not very scalable, it does not provide any automation to be able to scale it."
"The open-source version has reporting limitations. You need to develop these capabilities yourself. Built-in reporting is an excellent feature for penetration testing, but it isn't a must-have. The solution could also cover more vulnerabilities. Metasploit has around 10,000 exploits in its library, but more is always better."
"Advanced Infrastructure should be implemented in the next release for better orchestration."
"It's good at creating information, it's good creating dashboards, it's good at creating reports, but if you want to take that reporting metadata and put it into another tool, that is a little bit lacking."
"Tenable's reporting engine needs improvement. It needs to be more efficient and add more features."
"Though the solution's technical support is responsive, they do take a lot of time, making it one of the solution's shortcomings that needs improvement."
"Security can always be improved."
"Tenable SC can improve by adding more integrations with HCI-type tools and more accurate vulnerability detection."
"We are facing some challenges related to our channel."
"Support could be faster."
"I will say it's a lot slower compared to an MS scan. It takes so much longer, so the performance could definitely be worked on."
 

Pricing and Cost Advice

"I use the open-source version of this product. Pricing is not relevant."
"Rapid7 Metasploit is an open-source solution."
"I have used the free version of Rapid7 Metasploit."
"It is expensive. Our license expired, and our company is not thinking to renew because of our budget."
"Rapid7 Metasploit is cheaper than Tenable.io Vulnerability Management."
"It is a reasonably priced solution. I would rate it from five out of ten."
"The great advantage with Rapid7 Metasploit, of course, is that it's free."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the product's pricing a six. So it's fairly priced."
"Costing is pretty reasonable compared to the competition."
"It is a bit expensive. Everything is included in the license."
"The tool costs around 15,000 Saudi riyals monthly."
"We're happy with the licensing cost and find it affordable."
"This solution's price is quite high."
"We pay around 60,000 on a yearly basis."
"Tenable SC is priced per asset, with the basic solution starting around US$12,000 for 500 assets."
"For 500 users the licensing fee is roughly $100,000."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
10%
Manufacturing Company
10%
University
7%
Educational Organization
20%
Computer Software Company
11%
Government
11%
Financial Services Firm
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Rapid7 Metasploit?
I use Rapid7 Metasploit for payload generation and Post-Exploitation.
What needs improvement with Rapid7 Metasploit?
Rapid7 Metasploit could be made easier for new users to learn.
What do you like most about Tenable SC?
The tool's dashboard and reporting capabilities match our company's needs since we are able to modify the basic view to create a new dashboard, and it works out very well for our needs.
What is your experience regarding pricing and costs for Tenable SC?
For enterprise customers, it's acceptable. However, for smaller enterprises or businesses, the budget may be too restrictive to consider such extensive solutions. When proposing to small-scale indu...
What needs improvement with Tenable SC?
They are not currently handling call flows properly. Some call flows are being deleted from the registry but still show as active. Support is also lacking in onboarding properly in this area. This ...
 

Also Known As

Metasploit
Tenable.sc, Tenable Unified Security, Tenable SecurityCenter
 

Learn More

 

Overview

 

Sample Customers

City of Corpus Christi, Diebold, Lumenate, Nebraska Public Power District, Prairie North Regional Health, Apptio, Automation Direct, Bob's Stores, Cardinal Innovations Healthcare Solutions, Carnegie Mellon University
IBM, Sempra Energy, Microsoft, Apple, Adidas, Union Pacific
Find out what your peers are saying about Rapid7 Metasploit vs. Tenable Security Center and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.