We performed a comparison between BMC TrueSight Vulnerability Management, Rapid7 Metasploit, and Skybox Security Suite based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."Takes reports from other vulnerabilities."
"It contains almost all the available exploits and payloads."
"It's not possible to do penetration testing without being very proficient in Metasploit."
"Stability-wise, I rate the solution a nine out of ten...Scalability-wise, I rate the solution a nine out of ten."
"The most valuable features of the solution are the scripts, the modules, and the tools that the Rapid7 Metasploit framework has."
"The reporting on the solution is good."
"The most valuable feature for us is the support for testing Linux-based web server components."
"I don't have any other tools like it, and I always use it when I'm doing a pen test. Metasploit is a great solution for penetration testing,"
"Technical support has been helpful and responsive."
"The way that it's built with three-tier architecture, it makes it very horizontally scalable, so I can have multiple fallbacks. If one machine does fall offline, there are four other machines that are doing the exact same job to pick it up"
"The most valuable features are the rule compliance and the OS vulnerability checks."
"The performance could be good because we chose it at the time, but it is too complex for us to appreciate its performance because we lack the necessary skills."
"It's very supportive and very user-friendly."
"It can be integrated with a vulnerability management solution. When a client comes, apart from pitching network and firewall change management, we are recommending having vulnerability management. So, rather than just having the audit of the firewall, they can integrate it with their vulnerability management solution, which could be Rapid7, Qualys, or any other solution. This provides them the most value out of the platform. That is the way we are approaching our customer base."
"Aside from Firewall Assurance, we are using Network Assurance and Change Manager for an overview of the whole network and for documenting requests and the recertification of the ruleset."
"When you import all the assets that you have, like desktops, servers, networks, devices, routers, and then firewalls, and other products, then Skybox makes like, a model of the network, but with context. So, it is not just a model in VIZIO. Or something like it like that. You get the model with context, and, like, it looks like a real network in a real-time. So you can check your network and the security of your network on that model."
"I am impressed with the tool's change management, firewall and network assurance."
"No third-party applications or integrations with additional software solutions."
"Metasploit cannot be installed on a machine with an antivirus."
"The initial setup was a bit "tweaky" for the open-source version."
"Advanced Infrastructure should be implemented in the next release for better orchestration."
"The open-source version has reporting limitations. You need to develop these capabilities yourself. Built-in reporting is an excellent feature for penetration testing, but it isn't a must-have. The solution could also cover more vulnerabilities. Metasploit has around 10,000 exploits in its library, but more is always better."
"I would like to see more capabilities, more functions, and more features. More types of attack vectors."
"At the time I was using it, the graphical user interface needed some improvements."
"The solution is not very scalable, it does not provide any automation to be able to scale it."
"I think areas with shortcomings that need improvement are more integration and automation."
"The most recent update was not tested with all of the vendors before it was released, so some of the features are misbehaving."
"The solution needs improvement in firewall configuration checks. I would also like to see more configuration checks for Forcepoint and for other non-supported firewalls."
"They are not satisfied with the complexity of the solution and the price."
"The cloud site could be better. They should provide some use cases to help users."
"Skybox Security Suite's attack surface management feature needs improvement."
"It's expensive."
"The setup documentation needs a lot of improvement."
"I've had issues with licensing where, when they were expiring and I asked for the updated licenses, I would the wrong ones. I think their process needs to be straightened out a little bit - I don't know if they fixed it already, it has been awhile. It wasn't as straightforward as it could have been."
Earn 20 points