We performed a comparison between BMC TrueSight Vulnerability Management, Qualys VMDR, and Rapid7 Metasploit based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."Takes reports from other vulnerabilities."
"Intuitive and easy to use."
"Qualys VM had a recent upgrade and the newer version is supporting the cloud."
"Tech support is helpful."
"The most valuable feature is the certificate management."
"It is a stable solution."
"Qualys VM's best feature is vulnerability management."
"The most valuable feature of the solution is the external channel."
"The most valuable feature is that this solution is very lightweight."
"The solution is open source and has many small targetted penetration tests that have been written by many people that are useful. You can choose different subjects for the test, such as Oracle databases or Apache servers."
"Rapid7 Metasploit is a useful product."
"I use Rapid7 Metasploit for payload generation and Post-Exploitation."
"All of the features are great."
"I don't have any other tools like it, and I always use it when I'm doing a pen test. Metasploit is a great solution for penetration testing,"
"It allows us to concentrate solely on identified vulnerabilities without the hassle of additional setup."
"The option to generate phishing emails has proven to be very valuable in understanding the behavior of users."
"The most valuable feature for us is the support for testing Linux-based web server components."
"No third-party applications or integrations with additional software solutions."
"The ability to manage user accounts and give rights to the operator to know about abnormalities of applications is something that needs improvement."
"Improve the user interface."
"Qualys could improve the inbuilt dashboards."
"Certain integration factors between different options could be improved."
"The price could be better. Asset view is still a legacy feature. I'm not able to extract the information about the asset with complete details. It would be better if they fixed that in the next release. I know Qualys is already working on it, so I'm hopeful it will be available in the next five or six months. That would be something that's changed where I seek improvement."
"I would like to see more accuracy in detections, better reporting capabilities, and better dashboard download capabilities."
"The customer support is very bad."
"The reporting and dashboards could improve in Qualys VM. However, they have improved since the previous versions."
"The solution is not user-friendly and has room for improvement."
"Rapid7 Metasploit can add a GUI feature because it is only available online."
"At the time I was using it, the graphical user interface needed some improvements."
"The solution should improve the responsiveness of its live technical support."
"I would like to see more capabilities, more functions, and more features. More types of attack vectors."
"Metasploit cannot be installed on a machine with an antivirus."
"Advanced Infrastructure should be implemented in the next release for better orchestration."
"The open-source version has reporting limitations. You need to develop these capabilities yourself. Built-in reporting is an excellent feature for penetration testing, but it isn't a must-have. The solution could also cover more vulnerabilities. Metasploit has around 10,000 exploits in its library, but more is always better."
Earn 20 points
