Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightVM vs Recorded Future comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Average Rating
9.4
Reviews Sentiment
8.2
Number of Reviews
5
Ranking in other categories
Vulnerability Management (18th), Continuous Threat Exposure Management (CTEM) (2nd)
Rapid7 InsightVM
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
64
Ranking in other categories
Risk-Based Vulnerability Management (4th)
Recorded Future
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
13
Ranking in other categories
Threat Intelligence Platforms (2nd), Digital Risk Protection (1st)
 

Mindshare comparison

Risk-Based Vulnerability Management
Threat Intelligence Platforms
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Anusha Sadasivani - PeerSpot reviewer
Rapid deployment and user-friendly architecture streamline vulnerability management but customer support response needs improvement
We are still using Rapid7 InsightVM I personally still use Rapid7 InsightVM. We use Rapid7 InsightVM for vulnerability scanning. It supports both agent-based and agentless scanning, which is part of our vulnerability management strategy. The agentless scan in Rapid7 InsightVM is effective and…
Dr. Merrick Watchorn - PeerSpot reviewer
Traceless online searches, stable, and scalable
There is a semantic oncology dynamic relationship between how the MIGR Tech framework needs more data infusion enrichment capabilities. To be clear, what the vendor is doing is of a high standard, and my only critique is that they need to make new enhancements. I am aware that the vendor is making a concerted effort to add additional information to their repository, and it is something they actively do. The vendor has publicly stated that they will work on this, and I always pay attention to make sure they adhere to that. This does not change over time. The export feature of the recording needs to stop being so restricted. When they record in order to save themselves by operations, I would expect that as a super user, if I asked to download the dataset I'm looking for, I would not be limited in my data downloads. One of the cool things is, let's say we do our entire research and we want to save all of the materials that were returned, and that special custom search that we made, we can export that into a CSV file. The problem is it gets restricted. So sometimes when I say it's restricted, we don't get all the data that we saw online. So then we have to go and manually search for the specific thing we're looking for. I would like to have the URI and whatever value set that I search off, and for the NLP package to not be stripped out. It's like saying I want to do a Pcap analysis. Don't strip out the Pcap when I asked to see Pcap. That's what they're doing. They do this for many different reasons. One of them is, imagine if everyone downloaded datasets that are very large and it brings the whole system down.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."
"Zafran is an excellent tool."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"We saw benefits from Zafran Security almost immediately after deploying it."
"The solution is very user friendly and easy to manage."
"The stability of Rapid7 InsightVM is excellent."
"We can create our own templates."
"You can bring in and get online to do reports fairly quickly,"
"It's a relevant management tool."
"The most valuable features of the solution are the agent and the scanning."
"InsightVM's best features are the vulnerability database and remediation steps."
"The most valuable feature of the Rapid7 InsightVM solution is the Live Risk Score."
"The tool is helpful in vulnerability assessment of zero-day vulnerabilities and phishing domains. The solution provides information on any domains of the organization that has undergone phishing or any other cyberattacks."
"Recorded Future has some important strengths. It has a long history of success in the market and is known for excellent threat intelligence. Its team is skilled at using AI to search for and report on threats. For many years, it was seen as the best in the industry."
"The solution is diverse and provides me with a lot of different mechanisms for evaluation."
"Has the ability to conduct and build any query without limitations."
"The intel that they were providing us over the emails was very good. If it found any hashtag in our organization's name on the dark web, a rogue IP, or a marketplace, it would send us an email and notify us that this is being mentioned, and if we want, they can take some action."
"The tool can integrate with a lot of security control and proactive protection devices."
"The most valuable feature of Recorded Future is how it detects everything regarding our domain."
"It can collect data from various sources, including social media and the dark web."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."
"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."
"There are certain limitations because of the product being used on a hybrid model. Rapid7 InsightVM doesn't offer a solution purely in the cloud."
"There is room for improvement on its cloud side. In the next release I would like to see better reporting."
"There is a significant learning curve, that non-technical individuals, especially those not specialized in computer science or the information security industry, might face."
"Within InsightVM, there is no feature to assign a ticket. If we can have more API calls, we can do that from InsightVM."
"Patch management is the only missing feature I can think of. Rapid7 detects vulnerabilities, but it should also help you manage patches."
"All products have room for increased security and Rapid7 InsightVM is no exception."
"The team needs to improve the speed and focus on the new bandwidth feed. Sometimes, it takes a while to scan, especially with new updates."
"Technical support does not respond quickly."
"The customer support is frustrating and not efficient. They always request logs and screenshots that seem irrelevant."
"Lacks sufficient visibility of malware and international APT attacks."
"The product gives many false positives. If someone talks about the brand or organization name in the public domain over chats or blocks, it gets highlighted. It may not necessarily be a threat but still gets highlighted which increases the false positive count."
"The tool should improve its third-party supply chain risks because there is a lack of visibility."
"When you add one website to Recorded Future, it should automatically call all other websites and social media platforms."
"At present, my clients need to be trained by me or another organization on how to use Recorded Future and how to get the best out of it as an analyst, engineer, and administrator. It would be better if clients could directly learn these things without having to go through me or other organizations."
"The solution could improve in reducing the false positives. However, most of the other tools on the market have false positives. If they enhance their data algorithm, it could improve the accuracy of results and minimize false positives. Identifying patterns of false possibilities can aid in developing better reporting features that could potentially eliminate them in the future. This recording feature tool could benefit from adopting similar techniques utilized by other tools to enhance its functionality. By doing so, it could minimize the need for manual efforts in distinguishing true positives from false positives, ultimately reducing the workload."
"There is a semantic oncology dynamic relationship between how the MIGR Tech framework needs more data infusion enrichment capabilities."
 

Pricing and Cost Advice

Information not available
"The product is cheaper than the other similar tools available in the market."
"Pricing is reasonable because we pay according to asset usage. We can define our assets and sites according to our preference."
"Our licensing costs are somewhere around $40,000 annually. There are no additional fees."
"In some cases, we procure the licenses. In some cases, the customers directly buy the license from Rapid7."
"Comparing the price with the value that we receive, I am not happy with it."
"Its price is too high. My only concern or issue with Rapid7 is its pricing."
"I do not have experience with the pricing of the solution."
"The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."
"I would rate the solution’s pricing a seven out of ten."
"There appear to be up to five different levels, with the most expensive version costing around $95,000 to $105,000 a year for subscription services."
"The biggest disadvantage of Recorded Future is the cost here in Eastern Europe. The solution is correctly priced for big companies who have the money to invest in such solutions. Also, the solution is useless on its own, which means that you have to invest in other solutions with which Recorded Future can be integrated. At present, Recorded Future can cost 60,000 euros per year. I am able to offer my clients a 5% to 10% discount, but in this region, the cost is still prohibitive even with the discount. If Recorded Future were more flexible in terms of price, there would be better sales opportunities in Europe and Eastern Europe, in particular, because we have more small- and medium-sized companies here."
"The price of the solution is worth it. The overall performance of the solution outweighs the cost."
report
Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
859,957 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Financial Services Firm
11%
Manufacturing Company
7%
Healthcare Company
6%
Educational Organization
17%
Computer Software Company
11%
Financial Services Firm
11%
Manufacturing Company
8%
Computer Software Company
15%
Financial Services Firm
14%
Government
8%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
The current pricing of Zafran Security is fair overall. They were good to work with to accommodate our organization w...
What needs improvement with Zafran Security?
The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvement...
What is your primary use case for Zafran Security?
Zafran Security is helping reduce the amount of critical vulnerabilities in our environments that require prompt reme...
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. Yo...
What do you like most about Rapid7 InsightVM?
The product's initial setup phase was very easy.
What is your experience regarding pricing and costs for Rapid7 InsightVM?
The customers are mostly SMBs, though some enterprise organizations have also deployed the solution. This is neither ...
What do you like most about Recorded Future?
The most valuable feature of Recorded Future is how it detects everything regarding our domain.
What is your experience regarding pricing and costs for Recorded Future?
I am not the person responsible for purchases, but it's known that Recorded Future is expensive, with a personal rati...
What needs improvement with Recorded Future?
Their research capabilities and the human aspect should be more effective. The Insikt Group covers a narrow range of ...
 

Also Known As

No data available
InsightVM, NeXpose
No data available
 

Overview

 

Sample Customers

Information Not Available
ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
Fujitsu, Regions, SITA, St. Jude Medical, Accenture, T-Mobile, TIAA, Intel Security, Armor, Alert Logic, NTT, Splunk
Find out what your peers are saying about Qualys, Tenable, Rapid7 and others in Risk-Based Vulnerability Management. Updated: June 2025.
859,957 professionals have used our research since 2012.