No more typing reviews! Try our Samantha, our new voice AI agent.

Cloudify vs Rapid7 InsightCloudSec comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 17, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudify
Ranking in Cloud Management
40th
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
12
Ranking in other categories
No ranking in other categories
Rapid7 InsightCloudSec
Ranking in Cloud Management
13th
Average Rating
7.8
Reviews Sentiment
6.3
Number of Reviews
13
Ranking in other categories
Cloud Security Posture Management (CSPM) (13th), Cloud-Native Application Protection Platforms (CNAPP) (11th), AI Observability (9th)
 

Mindshare comparison

As of July 2026, in the Cloud Management category, the mindshare of Cloudify is 1.5%, down from 1.9% compared to the previous year. The mindshare of Rapid7 InsightCloudSec is 1.0%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Management Mindshare Distribution
ProductMindshare (%)
Rapid7 InsightCloudSec1.0%
Cloudify1.5%
Other97.5%
Cloud Management
 

Featured Reviews

Mark Wittling - PeerSpot reviewer
Cloud Architect at Cox communications
Works very well for advanced service chaining requirements and has extremely advanced engineers for support
We had a manager who thought that Cloudify could be used as a replacement for Horizon in OpenStack, but we found that Cloudify lacked the user interface or GUI for doing multitenancy and basic platform management tasks. Cloudify was really good at launching, for example, firewalls and configuring them and doing service chaining and rather advanced things like that, but it didn't meet the requirements for a basic platform management solution. It is something that seems to work better as a bolt-on or an augmented solution. It is a bit mis-marketed as a Cloud Management solution. It is not that. It is more of a service orchestration and automation tool. It is very good at doing that, but it fails to meet basic platform management requirements. Once you have it running, you can't really do anything with it without writing code and scripts. It requires a full-time DevOps person to use it. We deployed a Palo Alto firewall with it. That's basically what the project was for us, and it worked flawlessly once we got it finished, but it took another 12 weeks to get all of the automation and everything else coded, tested, and working. There is certainly a place for this technology, but when we got rid of OpenStack and moved to VMware, we either had to go with the vRealize Automation Suite to do this kind of automation, or we had to find an alternative solution to manage the private cloud. So, we put Cloudify in, but we really couldn't find it useful for basic platform administration tasks.
Arun Babu - PeerSpot reviewer
SOC analyst at a media company with 1,001-5,000 employees
Daily endpoint monitoring has improved investigations and saved time but detection rules still need tuning
It is important to note that Rapid7 InsightCloudSec's features are not 100% precise, but I find about 70% of the time it is satisfactory. I would like to suggest that you improve it to be more precise, ideally making it 100% if possible. Some cases in Rapid7 InsightCloudSec indicate that the log is not enough, as they mostly just generate alerts, and the synchronization between data connectors is often problematic, particularly in terms of not being in sync always, especially between the AD and Rapid7 alerts, which generates numerous false positives. Additionally, the traditional rules should be updated, as this is a main point worth mentioning since we spend a lot of time fine-tuning these traditional rules. I suggest improving the legacy detection rules. If there are any authentication cases, such as impossible travel activity where a user has their SharePoint hosted in a different location, Rapid7 can often trigger alerts, creating confusion as we cannot fine-tune it properly. Another issue is with honeypot access. We sometimes lack necessary logs because Defender's advanced threat protection scanning gets detected as honeypot activity by Rapid7, leading to annoying and noisy alerts that we need to constantly close. If you can improve the traditional detection rules to reflect current detection rules, it would make it significantly easier for us to manage, as we constantly need to check legacy rules to update or possibly turn them off. Updating the legacy rules should be a priority.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cloudify provides the infrastructure-as-code, as well as operational action capabilities (orchestrated startups or upgrades, and more)."
"Even with the learning curve, the solution is an interesting concept and reminds me of Vagrant Terraform with its own difficulties and easiness."
"TOSCA model allows modeling the application rather than the automation. It is a machine-readable representation of the application and its infrastructure, which can be used for other things too, not just for the orchestration (e.g. enterprise architecture big picture, who connects to whom)."
"We have been able to realize ROI for our customers in the form of reduced cost, higher top line and increased valuation through improved profitability."
"We have found that this is not an undue burden, and the extra work gives immense flexibility and portability."
"Valuable features are auto-scaling and load balancing."
"Cloudify works in cases where you have very advanced service chaining requirements. It really works well there, and it fits the best. They have a standardized markup that's based on TOSCA, which is a standard. I like the fact that they're standards-based. Their solution works extremely well if you have the talent and the manpower to write TOSCA descriptors to deploy and interchange services or to automate the configuration and turn up of services."
"The solution includes the option to run background scripts and processes from a connected API."
"The tool provides centralized visibility through dashboards and alerts, allowing customers to receive reports on cloud vulnerabilities and security posture. Rapid7 InsightCloudSec provides customers with a robust understanding of cloud security."
"The best features Rapid7 InsightCloudSec offers include more automation remediation, compliance reporting for auditing, improvement on multi-cloud governance, and cost visibility, which really stand out to me."
"It runs every hour and has been reliable since I started."
"Rapid7 InsightCloudSec has positively impacted my organization because we are using Microsoft Defender for endpoint protection alongside Rapid7."
"The tool's most valuable feature is workload protection for Kubernetes and container security. It has agents that identify bugs or lack of security on runtime containers."
"Rapid7 InsightCloudSec has helped us save thirty percent time in our log retrievals, and it completely changed log searching, making it really fast when we search for logs, with no prior knowledge required."
"The fastest scanning is the best feature Rapid7 InsightCloudSec offers, helping me respond to threats quickly in my daily operations."
"Agentless scanning is a possible use with Rapid7 InsightCloudSec."
 

Cons

"It lacked the user interface for multitenancy and basic platform management tasks. It is a leader in the niche area that they like to perform in, but it only does about 30% of top-tier advanced functions of platform management. It doesn't meet about 70% of what you need to manage a private cloud platform."
"There were some issues with deploying the solution on OpenStack Mitaka."
"It lacked the user interface for multitenancy and basic platform management tasks."
"The upgrading process could be simplified."
"We'd like to see the maturity of the plugins continue, including Amazon EMR and others."
"I did encounter any issues with scalability."
"More of the debug functionality is needed; hopefully, we can pause during the server building process."
"The solution could be improved with respect to error handling. If we want to troubleshoot further and deep dive, we don't have access to admin privileges to extract those errors."
"Improvements could include providing better human-readable report formats with thorough explanations of CVEs and threats, detailing what can be done to eliminate malicious activities."
"The platform could be improved with more customizable dashboards and reporting."
"Rapid7 InsightCloudSec needs to provide more granular search capabilities, such as the ability to search back the last three months."
"The login piece needs improvement."
"Rapid7 InsightCloudSec can be improved by seeing reductions and improvements in prioritization, tuning findings, suppressing low-value alerts, and better prioritizing the most critical risks."
"A couple of modules are missing when compared to other providers, specifically related to some IAM, and the login piece needs improvement."
"I would say that because Rapid7 InsightCloudSec does not have automatic patching capabilities, it provides recommendations, but it does not execute anything from within Rapid7 InsightCloudSec."
"Some cases in Rapid7 InsightCloudSec indicate that the log is not enough, as they mostly just generate alerts, and the synchronization between data connectors is often problematic, particularly in terms of not being in sync always, especially between the AD and Rapid7 alerts, which generates numerous false positives."
 

Pricing and Cost Advice

"I wasn't involved in the pricing of it because we were just doing prototype work with it, but I was told by the upper management team that it was quite expensive. That was another reason we switched to Morpheus."
"Companies generally buy this tool because the pricing is not that high."
"We're doing an annual subscription. There are additional expenses, but not within the confines of this platform."
report
Use our free recommendation engine to learn which Cloud Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
13%
Comms Service Provider
12%
Outsourcing Company
11%
Financial Services Firm
8%
Financial Services Firm
10%
Manufacturing Company
9%
Comms Service Provider
9%
Insurance Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business3
Large Enterprise6
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise4
Large Enterprise8
 

Questions from the Community

Ask a question
Earn 20 points
What is your experience regarding pricing and costs for Rapid7 InsightCloudSec?
The pricing, setup cost, and licensing for Rapid7 InsightCloudSec are reasonable, and since our organization is growing, I have observed that the more numbers you have, the less costly the product ...
What needs improvement with Rapid7 InsightCloudSec?
I would say that because Rapid7 InsightCloudSec does not have automatic patching capabilities, it provides recommendations, but it does not execute anything from within Rapid7 InsightCloudSec. It h...
What is your primary use case for Rapid7 InsightCloudSec?
In my role, my main use case for Rapid7 InsightCloudSec is for vulnerability management, where I scan my machines to see zero-day vulnerabilities and receive remediation tactics recommended by Rapi...
 

Also Known As

No data available
DivvyCloud
 

Overview

 

Sample Customers

Proximus Partner Communications (Israel) VMware NTT Data Metaswitch Spirent Communications Lumina Networks Atos Fortinet
Fannie Mae, 3M, PizzaHut, Spotify, Autodesk, Discovery
Find out what your peers are saying about Cloudify vs. Rapid7 InsightCloudSec and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.