Try our new research platform with insights from 80,000+ expert users

IBM Guardium Vulnerability Assessment vs Rapid7 InsightVM comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Average Rating
9.4
Reviews Sentiment
8.2
Number of Reviews
5
Ranking in other categories
Vulnerability Management (18th), Continuous Threat Exposure Management (CTEM) (2nd)
IBM Guardium Vulnerability ...
Average Rating
6.0
Reviews Sentiment
8.1
Number of Reviews
4
Ranking in other categories
Vulnerability Management (45th)
Rapid7 InsightVM
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
64
Ranking in other categories
Risk-Based Vulnerability Management (4th)
 

Mindshare comparison

Vulnerability Management
Risk-Based Vulnerability Management
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
SL
Improvements sought in database optimization while benefiting from robust security monitoring
We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible because it does not include the application user ID. It only includes the database user ID. To identify risky users, it does not support end users, so IBM must incorporate this feature into the built-in analytical engine of the Guardium. There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible. When you make a query in a MySQL database, it takes too much time to respond. IBM should replace this MySQL database with a more powerful internal database for the logging mechanism so that Guardium can collect logging data flexibly and ensure optimization. My overall experience with Guardium is good. The only problem is that IBM must replace the internal DB, MySQL, with a more powerful enterprise-level database because enterprises use it at an enterprise level, and MySQL does not support optimally.
Anusha Sadasivani - PeerSpot reviewer
Rapid deployment and user-friendly architecture streamline vulnerability management but customer support response needs improvement
We are still using Rapid7 InsightVM I personally still use Rapid7 InsightVM. We use Rapid7 InsightVM for vulnerability scanning. It supports both agent-based and agentless scanning, which is part of our vulnerability management strategy. The agentless scan in Rapid7 InsightVM is effective and…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"We saw benefits from Zafran Security almost immediately after deploying it."
"Zafran is an excellent tool."
"The reporting features are good and there are many built-in reports that can be quickly configured."
"The Vulnerability Assessment feature is quite stable and helps identify numerous vulnerabilities in databases."
"The most valuable feature is that it provides a simple English recommendation on actions that you need to take once a vulnerability is discovered."
"It helped with some of the regulatory requirements. It also helped with some of the security analytics and analysis. It was worthwhile from that perspective."
"The solution is very user friendly and easy to manage."
"The solution works well."
"The feature that I have found most valuable is its dashboards."
"NeXpose is a pretty good vulnerability scanner... There's a nice dashboard."
"InsightVM's best features are the vulnerability database and remediation steps."
"It is stable and scalable."
"The most valuable feature of the Rapid7 InsightVM solution is the Live Risk Score."
"It is a stable solution."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."
"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."
"There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible."
"Building policies is not that easy. There are some things that are turned off by default, for example, displaying values."
"The interface could be improved by having sub-groups of tests, ultimately making the process of collecting tests faster."
"It was not as easy to use. The user-friendliness of it was somewhat lower than what I was expecting. It was also lacking in terms of the ease of the setup. There should be an automatic agent for deployment."
"All products have room for increased security and Rapid7 InsightVM is no exception."
"The reporting is a little bit tricky because it can be difficult to exactly pinpoint some of the assets to filter them and generate a report."
"Technical support does not respond quickly."
"There are end-user needs and expectations that are being overlooked in the development that could be addressed by appointing a customer advisory board."
"There are not enough templates, and the reporting is weak with this solution."
"I would say that it improved our visibility, but it left things open."
"The solution needs to improve its vulnerability design to include CVC results."
"There was functionality present previously, however, currently, we can't integrate directly with Jira Service Desk - only the cloud version."
 

Pricing and Cost Advice

Information not available
"One thing not advantageous for it was that it was a little bit more expensive. I would rate it one out of five in terms of pricing."
"Licensing fees are paid on a yearly basis."
"InsightVM is an expensive product, especially compared to its competitors, at around a million NOK per year."
"The solution's pricing is better than Nexus which charges a high amount for very little use."
"I do not have experience with the pricing of the solution."
"Its price is too high. My only concern or issue with Rapid7 is its pricing."
"The solution is a bit more reasonably priced than other products."
"The price of the solution is less than the competitors."
"This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
859,687 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Financial Services Firm
11%
Manufacturing Company
7%
Healthcare Company
6%
Financial Services Firm
39%
Computer Software Company
8%
Manufacturing Company
8%
Insurance Company
8%
Educational Organization
17%
Financial Services Firm
11%
Computer Software Company
11%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
The current pricing of Zafran Security is fair overall. They were good to work with to accommodate our organization w...
What needs improvement with Zafran Security?
The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvement...
What is your primary use case for Zafran Security?
Zafran Security is helping reduce the amount of critical vulnerabilities in our environments that require prompt reme...
Ask a question
Earn 20 points
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. Yo...
What do you like most about Rapid7 InsightVM?
The product's initial setup phase was very easy.
What is your experience regarding pricing and costs for Rapid7 InsightVM?
The customers are mostly SMBs, though some enterprise organizations have also deployed the solution. This is neither ...
 

Also Known As

No data available
No data available
InsightVM, NeXpose
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
Find out what your peers are saying about Qualys, Wiz, Tenable and others in Vulnerability Management. Updated: June 2025.
859,687 professionals have used our research since 2012.