No more typing reviews! Try our Samantha, our new voice AI agent.

Cymulate vs Rapid7 Penetration Testing Services comparison

Cymulate and Rapid7 are both solutions in the Penetration Testing Services category. Additionally, 100% of Cymulate users are willing to recommend the solution, compared to 100% of Rapid7 users who would recommend it.
Cymulate
Read 6 Cymulate reviews
  • 4,844 Views
  • 1,792 Comparison Views
100% willing to recommend
Rapid7 Penetration Testing ...
Read 1 Rapid7 Penetration Testing Services review
  • 497 Views
  • 447 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Cymulate and Rapid7 Penetration Testing Services based on real PeerSpot user reviews.

Find out what your peers are saying about Horizon3.ai, HackerOne, Bugcrowd and others in Penetration Testing Services.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Penetration Testing Services Report (Updated: March 2026).
Buyer's Guide
Penetration Testing Services
March 2026
Download the complete report
Helped 885,667 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cymulate
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
6
Ranking in other categories
Threat Intelligence Platforms (TIP) (11th), Breach and Attack Simulation (BAS) (2nd), Attack Surface Management (ASM) (10th), Continuous Threat Exposure Management (CTEM) (3rd)
Rapid7 Penetration Testing ...
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
1
Ranking in other categories
Penetration Testing Services (9th)
 

Featured Reviews

SB
SaarBar
Security Architec at Shikun & Binui
Support and integration enhance security posture over three years
I don't know if there's something that could be improved. They surprise me. As I mentioned, I returned a month ago. I haven't fully investigated the complete system yet. I must say that we have been with them for around three years. This is amazing because throughout these three years, they have supported us every week. We meet weekly to review results and fix issues together. Apart from occasional days off, this weekly support has been consistent for three years. It's remarkable because many products are sold and then the product teams forget about you, but this isn't the case with Cymulate.
Read full review
Gabriel Woolverton - PeerSpot reviewer
Gabriel Woolverton
Penetration Tester at a tech consulting company with 1-10 employees
Wide range of coverage and free
A useful improvement would be to have white papers for specific vulnerabilities readily available. It seems like they are not always linked when you are looking for a vulnerability identifier in the database. It would be useful to ensure that that information is readily available. That way, if you need to dive deeper into a vulnerability, you would have the capability to do so basically right there on the website.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature for us is the zero-day."
"The security validation feature helps my organization in assessing our security posture."
"The reporting capabilities are very good."
"Cymulate is easy to set up, install, and configure."
"With Cymulate, the best features are the capacity to test the EDR or malware, anti-malware solution."
"Cymulate has positively impacted our organization by helping us to take care of the efficacy and reviewing the policies and configuration."
"The initial setup is very straightforward. This is not a tool that you have to set up yourself. All you have to do is just access their web-based vulnerability database application, which is open source and available to pretty much anyone."
"Rapid7's wide range of coverage, in terms of vulnerabilities and exploits linked to vulnerabilities, is its most valuable feature."
 

Cons

"We have had some trouble with the agents."
"The reporting process requires significant improvement as it often takes longer than expected and the quality is lacking."
"The product must provide consultancy for initial setup."
"The cost can be quite high, and it impacts scalability as more simulations require additional expenses."
"The way Cymulate works for EDR could be improved, as it drops payload and requires action from the EDR console for remediation, which can block the whole process of Cymulate execution."
"I will be honest, we have it, but in the last year, I didn't maintain the system until a month ago."
"A useful improvement would be to have white papers for specific vulnerabilities readily available. It seems like they are not always linked when you are looking for a vulnerability identifier in the database."
"A useful improvement would be to have white papers for specific vulnerabilities readily available."
 

Pricing and Cost Advice

"The product is affordable."
"Cymulate's services are expensive."
Information not available
report
See which vendors are best for you
Use our free recommendation engine to learn which Penetration Testing Services solutions are best for your needs.
See recommendations
885,667 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
9%
Manufacturing Company
9%
Comms Service Provider
7%
Financial Services Firm
13%
University
10%
Manufacturing Company
7%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Large Enterprise3
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Cymulate?
I don't know if it's expensive. It depends on the modules that you want, or the time, because they give you a tenant. A tenant for you.
See all answers
What needs improvement with Cymulate?
I don't know if that helped with quick decision making for my security team because I am the security team and you must have a dedicated team to work with this tool. I don't use the analytics modul...
See all answers
What advice do you have for others considering Cymulate?
With Cymulate, I have experience using the vulnerability management tools. I don't know if I have used the Continuous Security Validation with Cymulate. I don't have that module licensed with Cymul...
See all answers
Ask a question
Earn 20 points
 

Comparisons

Pentera vs Cymulate Logo
Pentera vs Cymulate
Compared 14% of the time
Picus Security vs Cymulate Logo
Picus Security vs Cymulate
Compared 8% of the time
SafeBreach vs Cymulate Logo
SafeBreach vs Cymulate
Compared 7% of the time
The NodeZero Platform by Horizon3.ai vs Cymulate Logo
The NodeZero Platform by Horizon3.ai vs Cymulate
Compared 6% of the time
XM Cyber vs Cymulate Logo
XM Cyber vs Cymulate
Compared 6% of the time
More Cymulate Competitors
The NodeZero Platform by Horizon3.ai vs Rapid7 Penetration Testing Services Logo
The NodeZero Platform by Horizon3.ai vs Rapid7 Penetration Testing Services
Compared 61% of the time
Cobalt vs Rapid7 Penetration Testing Services Logo
Cobalt vs Rapid7 Penetration Testing Services
Compared 39% of the time
More Rapid7 Penetration Testing Services Competitors
 

Product Reports

Buyer's Guide
Cymulate
March 2026
Cymulate reportDownload Cymulate product report
Buyer's Guide
Penetration Testing Services
March 2026
Rapid7 Penetration Testing Services reportDownload Rapid7 Penetration Testing Services product report
 

Overview

For companies that want to manage their security posture against the evolving threat landscape: Cymulate SaaS-based Extended Security Posture Management (XSPM) deploys within an hour, enabling security professionals to continuously challenge, validate and optimize their cyber-security posture end-to-end across the MITRE ATT&CK framework.

The platform provides out-of-the-box, expert and threat intelligence-led risk assessments that are simple to deploy and use for all maturity levels, and constantly updated. It also provides an open framework to create and automate red and purple teaming by generating penetration scenarious and advanced attack campaigns tailored to their unique environments and security politices. Cymulate allowes professionals to manage, know and control their dynamic environment. 

Cymulate

In security as in life, the hardest weaknesses to pinpoint are your own. Fortunately, we have no problem thoroughly documenting all of your flaws. In fact, it’s kind of our job. And that’s a good thing: Knowing your vulnerabilities—and the ways in which attackers could exploit them—is one of the greatest insights you can get in improving your security program. With that in mind, Rapid7’s Penetration Testing Services team will simulate a real-world attack on your networks, applications, devices, and/or people to demonstrate the security level of your key systems and infrastructure and show you what it will take to strengthen it. Much like your mom, we don't highlight your failings because it bothers you—we do it because we care.

Rapid7
 

Sample Customers

Euronext, YMCA, Telit, Nemours 
Motorola, Liberty wines, Kaman Corporation
Buyer's Guide
Penetration Testing Services
March 2026
Download Free Report
Find out what your peers are saying about Horizon3.ai, HackerOne, Bugcrowd and others in Penetration Testing Services. Updated: March 2026.
DOWNLOAD NOW
885,667 professionals have used our research since 2012.
See our list of best Penetration Testing Services vendors.

We monitor all Penetration Testing Services reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.