Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightCloudSec vs Spacelift comparison

Rapid7 and Spacelift are both solutions in the Cloud Management category. Rapid7 is ranked #13 with an average rating of 7.8, while Spacelift is ranked #20 with an average rating of 8.0. Rapid7 holds a 0.7% mindshare in CM, compared to Spacelift’s 1.2% mindshare. Additionally, 87% of Rapid7 users are willing to recommend the solution, compared to 100% of Spacelift users who would recommend it.
Rapid7 InsightCloudSec
Read 13 Rapid7 InsightCloudSec reviews
  • 1,819 Views
  • 309 Comparison Views
87% willing to recommend
Spacelift
Read 5 Spacelift reviews
  • 605 Views
  • 490 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 17, 2024

Rapid7 InsightCloudSec and Spacelift are products competing in cloud security management and infrastructure automation. Spacelift has an advantage due to its extensive features, which justify its price despite Rapid7's favorable pricing and support metrics.

Features: Rapid7 InsightCloudSec provides comprehensive cloud security tools focusing on compliance, vulnerability management, and agentless scanning. It offers centralized visibility through dashboards and alerts, providing customers with reports on cloud vulnerabilities and security posture. Spacelift offers management and Drift Detection, Spacelift policies for compliance, and seamless integration with Terraform.

Room for Improvement: Rapid7 InsightCloudSec could further enhance deployment flexibility, improve API integration, and enhance real-time threat detection. Spacelift could improve by offering more hands-on support, expanding its compliance capabilities, and enhancing its cost management features.

Ease of Deployment and Customer Service: Rapid7 InsightCloudSec is known for straightforward deployment and responsive support, facilitating quick adaptation in complex environments. Spacelift provides a streamlined deployment model with strong self-service features, suitable for environments prioritizing automation.

Pricing and ROI: Rapid7 InsightCloudSec appeals to budget-conscious enterprises, delivering a high ROI in security management improvements. Spacelift, while having higher initial costs, provides a strong ROI with increased automation efficiency and reduced manual intervention.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Rapid7 InsightCloudSec vs. Spacelift Report (Updated: December 2025).
Buyer's Guide
Rapid7 InsightCloudSec vs. Spacelift
December 2025
Download the complete report
Helped 881,082 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Rapid7 InsightCloudSec
Ranking in Cloud Management
13th
Average Rating
7.8
Reviews Sentiment
6.3
Number of Reviews
13
Ranking in other categories
Cloud Security Posture Management (CSPM) (14th), Cloud-Native Application Protection Platforms (CNAPP) (10th), AI Observability (6th)
Spacelift
Ranking in Cloud Management
20th
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
5
Ranking in other categories
AI Software Development (18th)
 

Mindshare comparison

As of January 2026, in the Cloud Management category, the mindshare of Rapid7 InsightCloudSec is 0.7%, up from 0.4% compared to the previous year. The mindshare of Spacelift is 1.2%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Management Market Share Distribution
ProductMarket Share (%)
Rapid7 InsightCloudSec0.7%
Spacelift1.2%
Other98.1%
Cloud Management
 

Featured Reviews

Arun Babu - PeerSpot reviewer
Arun Babu
SOC analyst at a media company with 1,001-5,000 employees
Daily endpoint monitoring has improved investigations and saved time but detection rules still need tuning
It is important to note that Rapid7 InsightCloudSec's features are not 100% precise, but I find about 70% of the time it is satisfactory. I would like to suggest that you improve it to be more precise, ideally making it 100% if possible. Some cases in Rapid7 InsightCloudSec indicate that the log is not enough, as they mostly just generate alerts, and the synchronization between data connectors is often problematic, particularly in terms of not being in sync always, especially between the AD and Rapid7 alerts, which generates numerous false positives. Additionally, the traditional rules should be updated, as this is a main point worth mentioning since we spend a lot of time fine-tuning these traditional rules. I suggest improving the legacy detection rules. If there are any authentication cases, such as impossible travel activity where a user has their SharePoint hosted in a different location, Rapid7 can often trigger alerts, creating confusion as we cannot fine-tune it properly. Another issue is with honeypot access. We sometimes lack necessary logs because Defender's advanced threat protection scanning gets detected as honeypot activity by Rapid7, leading to annoying and noisy alerts that we need to constantly close. If you can improve the traditional detection rules to reflect current detection rules, it would make it significantly easier for us to manage, as we constantly need to check legacy rules to update or possibly turn them off. Updating the legacy rules should be a priority.
Read full review
Sudheer Kumar Jamjam - PeerSpot reviewer
Sudheer Kumar Jamjam
Technical Lead Cloud DevOps Engineer at Deloitte
Everything can be visibly managed, scheduling and state management features are pretty good
We've integrated it with source control management tools like GitLab and Bitbucket. The scheduling and state management features are pretty good using Spacelift. It integrates with tools like Terraform and Kubernetes for policies, but we haven't worked on the compliance part. Spacelift streamlines collaboration among our development and operations teams. We use it for CI/CD as well. It can handle automation strategies. Whenever you put your YAML files and integrate them with Spacelift, it will scan the code and show where you need to make changes.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It runs every hour and has been reliable since I started."
"ICSE is cheaper compared to other tools and has a pleasant user experience with good support."
"The tool's most valuable feature is workload protection for Kubernetes and container security. It has agents that identify bugs or lack of security on runtime containers."
"The best features Rapid7 InsightCloudSec offers include more automation remediation, compliance reporting for auditing, improvement on multi-cloud governance, and cost visibility, which really stand out to me."
"After implementing Rapid7 InsightCloudSec, we increased our CIS benchmark score from 48 to around 88 after addressing missing patches on some VM instances, indicating a significant positive impact."
"Rapid7 InsightCloudSec has positively impacted my organization because we are using Microsoft Defender for endpoint protection alongside Rapid7."
"Rapid7 InsightCloudSec impacts the organization positively by acting as a shield against hackers and ransomware, providing effective protection to data and infrastructure."
"The tool provides centralized visibility through dashboards and alerts, allowing customers to receive reports on cloud vulnerabilities and security posture. Rapid7 InsightCloudSec provides customers with a robust understanding of cloud security."
More Rapid7 InsightCloudSec pros
"One key feature is the Spacelift policies, which we can attach to deployments to ensure compliance with our standards."
"Spacelift is like an extension of Terraform, where everything can be visibly managed."
"I appreciate that I just have to connect to my AWS account with my credentials, and Spacelift handles the rest."
"A valuable feature of Spacelift is that you can attach labels, and it is a modernized tool for infrastructure deployments. It is pull request-based, and you can see all the Terraform plan and apply logs on the pull request itself, which is not available across any other CI/CD tools."
"Knowing the HashiCorp Configuration Language (HCL) makes it easier to use without issues."
 

Cons

"Technical support could be better. It could also be easier, more user-friendly, and intuitive. The API keys aren't easy to understand, and the cloud layouts aren't intuitive and user-friendly. We should be able to integrate IM governance and APIs into non-compliant workloads like legacy solutions."
"The tool needs to improve its documentation."
"The login piece needs improvement."
"Improvements could include providing better human-readable report formats with thorough explanations of CVEs and threats, detailing what can be done to eliminate malicious activities."
"A couple of modules are missing when compared to other providers, specifically related to some IAM, and the login piece needs improvement."
"I would say that because Rapid7 InsightCloudSec does not have automatic patching capabilities, it provides recommendations, but it does not execute anything from within Rapid7 InsightCloudSec."
"Some cases in Rapid7 InsightCloudSec indicate that the log is not enough, as they mostly just generate alerts, and the synchronization between data connectors is often problematic, particularly in terms of not being in sync always, especially between the AD and Rapid7 alerts, which generates numerous false positives."
"For a first-time user who starts using Rapid7 InsightCloudSec, it is somewhat complicated to navigate through the UI and search for logs or vulnerabilities, so this is one aspect that could be improved."
More Rapid7 InsightCloudSec cons
"Spacelift currently lacks features that can help with complex type deployments and coordination for major deployments."
"If you are a small enterprise organization, below 500 people, I would not recommend it."
"Synchronization can be difficult when using older and newer versions with Kubernetes and HashiCorp."
"In the free version, there's no straightforward way to be notified once a deployment is finished."
"The self-hosted version does not have a lot of features compared to the SaaS version, such as cloud integrations for Azure and GCP."
 

Pricing and Cost Advice

"Companies generally buy this tool because the pricing is not that high."
"We're doing an annual subscription. There are additional expenses, but not within the confines of this platform."
"It is a bit expensive product."
report
See which vendors are best for you
Use our free recommendation engine to learn which Cloud Management solutions are best for your needs.
See recommendations
881,082 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Insurance Company
10%
Manufacturing Company
9%
Financial Services Firm
8%
Computer Software Company
8%
Financial Services Firm
13%
Manufacturing Company
11%
Computer Software Company
9%
Educational Organization
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise5
Large Enterprise8
No data available
 

Questions from the Community

What do you like most about Rapid7 InsightCloudSec?
The tool provides centralized visibility through dashboards and alerts, allowing customers to receive reports on cloud vulnerabilities and security posture. Rapid7 InsightCloudSec provides customer...
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightCloudSec?
The pricing, setup cost, and licensing for Rapid7 InsightCloudSec are reasonable, and since our organization is growing, I have observed that the more numbers you have, the less costly the product ...
See all answers
What needs improvement with Rapid7 InsightCloudSec?
I would say that because Rapid7 InsightCloudSec does not have automatic patching capabilities, it provides recommendations, but it does not execute anything from within Rapid7 InsightCloudSec. It h...
See all answers
What is your experience regarding pricing and costs for Spacelift?
I've never checked the pricing because I enjoy using it for free. Besides the notification feature, I haven't needed any paid features.
See all answers
What needs improvement with Spacelift?
There are a few areas for improvement. For instance, getting notification webhooks is not easy. In the free version, there's no straightforward way to be notified once a deployment is finished. Spa...
See all answers
What is your primary use case for Spacelift?
I use Spacelift to deploy my applications, particularly AWS applications and infrastructure to my personal AWS account.
See all answers
 

Comparisons

Wiz vs Rapid7 InsightCloudSec Logo
Wiz vs Rapid7 InsightCloudSec
Compared 24% of the time
Microsoft Defender for Cloud vs Rapid7 InsightCloudSec Logo
Microsoft Defender for Cloud vs Rapid7 InsightCloudSec
Compared 15% of the time
CrowdStrike Falcon Cloud Security vs Rapid7 InsightCloudSec Logo
CrowdStrike Falcon Cloud Security vs Rapid7 InsightCloudSec
Compared 13% of the time
AWS Security Hub vs Rapid7 InsightCloudSec Logo
AWS Security Hub vs Rapid7 InsightCloudSec
Compared 6% of the time
FortiCNAPP vs Rapid7 InsightCloudSec Logo
FortiCNAPP vs Rapid7 InsightCloudSec
Compared 6% of the time
More Rapid7 InsightCloudSec Competitors
env zero vs Spacelift Logo
env zero vs Spacelift
Compared 50% of the time
Scalr vs Spacelift Logo
Scalr vs Spacelift
Compared 32% of the time
HPE OneSphere vs Spacelift Logo
HPE OneSphere vs Spacelift
Compared 9% of the time
Morpheus vs Spacelift Logo
Morpheus vs Spacelift
Compared 9% of the time
More Spacelift Competitors
 

Product Reports

Buyer's Guide
Rapid7 InsightCloudSec
January 2026
Rapid7 InsightCloudSec reportDownload Rapid7 InsightCloudSec product report
Buyer's Guide
Spacelift
January 2026
Spacelift reportDownload Spacelift product report
 

Also Known As

DivvyCloud
No data available
 

Overview

Rapid7 InsightCloudSec is a comprehensive CSPM tool catering to cloud security across Docker and Kubernetes workloads, ensuring rigorous data classification and protection, focusing on AWS and Azure platforms.

Organizations leverage Rapid7 InsightCloudSec for securing cloud environments, integrating smoothly into Kubernetes settings for extensive security oversight. This tool addresses data protection with governance and access controls, providing centralized visibility and alert mechanisms. Users depend on its threat detection capabilities, easing data security management on AWS and Azure. The platform integrates automated processes and agentless scanning to foster an understanding of cloud security dynamics. Enhancements in CNAPP management and more intuitive interfaces could further streamline its use.

What are the most important features of Rapid7 InsightCloudSec?
  • Security Frameworks: Offers structured systems to enforce security policies across cloud environments.
  • Agentless Scanning: Provides insights without deploying agents, simplifying operations.
  • Automation: Streamlines routine security tasks, enhancing efficiency.
  • Centralized Visibility: Uses dashboards and alerts for comprehensive monitoring.
  • Vulnerability Management: Identifies threats with a comprehensive database.
What ROI should users look for in reviews?
  • Improved Data Security: Enhanced protection across multiple cloud platforms.
  • Compliance Facilitation: Helps meet regulatory standards effortlessly.
  • Operational Efficiency: Reduces workload with automation and intuitive tools.
  • Threat Prevention: Proactively manages vulnerabilities.

In financial sectors, Rapid7 InsightCloudSec is critical for safeguarding sensitive information and ensuring compliance. Healthcare industries use it to protect patient data, adhering to strict regulatory standards. E-commerce businesses appreciate its ability to secure transaction data while maintaining service availability through reliable threat detection and mitigation strategies.

Rapid7

Spacelift provides a sophisticated infrastructure management platform with key features such as Drift Detection and Terraform integration, simplifying complex deployments and enhancing user workflows through an intuitive interface.

Spacelift excels in modernizing infrastructure management by integrating smoothly with Terraform, using a pull request-based approach for visibility into logs. It automates change detection using GitOps from GitHub and supports AWS connectivity with credential management. Despite its strengths, some users find room for improvement in supporting smaller enterprises and offering more seamless cloud integrations with self-hosted versions. Handling of HashiCorp Vault secrets and cumbersome notification webhooks may require additional setup effort.

What are the most valuable features?
  • Drift Detection: Ensures user edits are managed effectively, reducing configuration discrepancies.
  • Terraform Integration: Seamless compatibility with Terraform for robust infrastructure management.
  • GitOps: Automates change detection from GitHub, ensuring efficient workflows.
  • Compliance Policies: Helps maintain infrastructure within regulatory guidelines.
  • Stack Execution: Enables runs with label attachments for organized operations.
What benefits or ROI can users expect?
  • Improved Deployment Control: Default plan prompts support structured and controlled deployments.
  • Streamlined Terraform Management: Enhanced visibility into logs aids in transparent and efficient operations.
  • Efficient AWS Interactions: Credential management simplifies connections, making operations more fluid.
  • Dynamic Infrastructure Handling: Supports significant projects by replacing tools like Terraform Enterprise.

In specific industries, Spacelift is primarily utilized for infrastructure management and deployment across platforms like AWS, Azure, and GCP. In banking architecture, it replaces Terraform Enterprise, ensuring secure and efficient operations. Projects like Google Fiber benefit from its capability to import and manage data effectively, engaging users with HashiCorp Language and GitHub for CI/CD integration.

Spacelift
 

Sample Customers

Fannie Mae, 3M, PizzaHut, Spotify, Autodesk, Discovery
Information Not Available
Buyer's Guide
Rapid7 InsightCloudSec vs. Spacelift
December 2025
Free Report: Rapid7 InsightCloudSec vs. Spacelift
Find out what your peers are saying about Rapid7 InsightCloudSec vs. Spacelift and other solutions. Updated: December 2025.
DOWNLOAD NOW
881,082 professionals have used our research since 2012.
See our Rapid7 InsightCloudSec vs. Spacelift report.
See our list of best Cloud Management vendors.

We monitor all Cloud Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.