Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightVM vs Recorded Future comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Average Rating
9.6
Reviews Sentiment
7.8
Number of Reviews
6
Ranking in other categories
Vulnerability Management (17th), Continuous Threat Exposure Management (CTEM) (1st)
Rapid7 InsightVM
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
64
Ranking in other categories
Risk-Based Vulnerability Management (4th)
Recorded Future
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
13
Ranking in other categories
Threat Intelligence Platforms (TIP) (2nd), Digital Risk Protection (1st)
 

Mindshare comparison

Risk-Based Vulnerability Management Market Share Distribution
ProductMarket Share (%)
Rapid7 InsightVM13.8%
Qualys VMDR16.1%
Microsoft Defender Vulnerability Management9.7%
Other60.4%
Risk-Based Vulnerability Management
Threat Intelligence Platforms (TIP) Market Share Distribution
ProductMarket Share (%)
Recorded Future14.6%
CrowdStrike Falcon7.9%
ThreatConnect Threat Intelligence Platform (TIP)5.6%
Other71.9%
Threat Intelligence Platforms (TIP)
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Anusha Sadasivani - PeerSpot reviewer
Rapid deployment and user-friendly architecture streamline vulnerability management but customer support response needs improvement
We are still using Rapid7 InsightVM I personally still use Rapid7 InsightVM. We use Rapid7 InsightVM for vulnerability scanning. It supports both agent-based and agentless scanning, which is part of our vulnerability management strategy. The agentless scan in Rapid7 InsightVM is effective and…
Dr. Merrick Watchorn - PeerSpot reviewer
Traceless online searches, stable, and scalable
There is a semantic oncology dynamic relationship between how the MIGR Tech framework needs more data infusion enrichment capabilities. To be clear, what the vendor is doing is of a high standard, and my only critique is that they need to make new enhancements. I am aware that the vendor is making a concerted effort to add additional information to their repository, and it is something they actively do. The vendor has publicly stated that they will work on this, and I always pay attention to make sure they adhere to that. This does not change over time. The export feature of the recording needs to stop being so restricted. When they record in order to save themselves by operations, I would expect that as a super user, if I asked to download the dataset I'm looking for, I would not be limited in my data downloads. One of the cool things is, let's say we do our entire research and we want to save all of the materials that were returned, and that special custom search that we made, we can export that into a CSV file. The problem is it gets restricted. So sometimes when I say it's restricted, we don't get all the data that we saw online. So then we have to go and manually search for the specific thing we're looking for. I would like to have the URI and whatever value set that I search off, and for the NLP package to not be stripped out. It's like saying I want to do a Pcap analysis. Don't strip out the Pcap when I asked to see Pcap. That's what they're doing. They do this for many different reasons. One of them is, imagine if everyone downloaded datasets that are very large and it brings the whole system down.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Zafran is an excellent tool."
"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."
"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"We saw benefits from Zafran Security almost immediately after deploying it."
"It's a relevant management tool."
"I like Rapid7's scan optimization options."
"The pricing is reasonable."
"The feature that I have found most valuable is its dashboards."
"Using Rapid7, we can install a scan engine, we can do our VPN connections, and we can conduct internal scans of remote sites. We prefer the web application. It's smarter and more accurate from an application perspective."
"This solution's most useful feature is that it is entirely a single-page application."
"most valuable features of Rapid7 InsightVM for me are creating dynamic asset tags, generating reports, and deploying the agent. The agent scans assets every four hours, providing real-time data on any devices. Although there weren't any significant new features compared to our previous tool, having both SIEM and vulnerability management handled by one tool made things easier. We could gather logs from different devices and cloud sources, and perform detailed investigations without switching tools. I haven't worked with the automation capabilities of InsightVM. For remediation prioritization, we check the vulnerability, search for solutions on open platforms, and work with different teams to apply patches after proper testing. Currently, we don’t have any AI or ASM projects assisted by InsightVM"
"The solution scales well."
"It can collect data from various sources, including social media and the dark web."
"The most valuable feature of Recorded Future is how it detects everything regarding our domain."
"The most valuable feature is Recorded Future's protection of exposed customer data on the hardware side."
"As a threat intelligence tool, it's very helpful."
"The solution is diverse and provides me with a lot of different mechanisms for evaluation."
"The tool is helpful in vulnerability assessment of zero-day vulnerabilities and phishing domains. The solution provides information on any domains of the organization that has undergone phishing or any other cyberattacks."
"Has the ability to conduct and build any query without limitations."
"The tool can integrate with a lot of security control and proactive protection devices."
 

Cons

"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."
"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."
"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"I’d like to see Rapid7 InsightVM improve by adding a knowledge base similar to what Qualys offers. This would help us easily check and search for vulnerabilities using Rapid7 IDs associated with CVs or CVSS. From a features perspective, everything was fine at the time, and the security features of Rapid7 InsightVM were effective."
"The platform could be more intuitive and user-friendly."
"The authentication scan is not working."
"Rapid7 InsightVM, has impressive capabilities, especially when it comes to managing video equipment. However, we've noticed that Rapid7 also offers a cloud solution called CloudSec, and we don't have that. We think it would be better if InsightVM had all the features for both on-premise and cloud management."
"Customer service needs significant improvement. There are delays in support response times, and support is not available promptly, especially when issues are escalated to another region."
"Technical support does not respond quickly."
"The team needs to improve the speed and focus on the new bandwidth feed. Sometimes, it takes a while to scan, especially with new updates."
"Rapid7 could be easier to manage."
"Recorded Future is a very expensive solution, and its pricing could be improved."
"The customer support is frustrating and not efficient. They always request logs and screenshots that seem irrelevant."
"The tool should improve its third-party supply chain risks because there is a lack of visibility."
"We can get the data of different malware active throughout the globe, but it would be good if we can do sandboxing of a file. For example, on Any Run, we can perform sandboxing of malware along with their intel about a particular file or hash. It would be great if they have a feature like that."
"Lacks sufficient visibility of malware and international APT attacks."
"The product gives many false positives. If someone talks about the brand or organization name in the public domain over chats or blocks, it gets highlighted. It may not necessarily be a threat but still gets highlighted which increases the false positive count."
"There is a semantic oncology dynamic relationship between how the MIGR Tech framework needs more data infusion enrichment capabilities."
"At present, my clients need to be trained by me or another organization on how to use Recorded Future and how to get the best out of it as an analyst, engineer, and administrator. It would be better if clients could directly learn these things without having to go through me or other organizations."
 

Pricing and Cost Advice

Information not available
"Our licensing costs are somewhere around $40,000 annually. There are no additional fees."
"This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important."
"We purchase annual licenses."
"Licensing fees are paid on a yearly basis."
"The licensing is asset-based and very straightforward."
"We have an annual license to use Rapid7 InsightVM and if we want to extend it, we will possibly choose more than one year."
"In some cases, we procure the licenses. In some cases, the customers directly buy the license from Rapid7."
"The solution is a bit more reasonably priced than other products."
"The price of the solution is worth it. The overall performance of the solution outweighs the cost."
"The biggest disadvantage of Recorded Future is the cost here in Eastern Europe. The solution is correctly priced for big companies who have the money to invest in such solutions. Also, the solution is useless on its own, which means that you have to invest in other solutions with which Recorded Future can be integrated. At present, Recorded Future can cost 60,000 euros per year. I am able to offer my clients a 5% to 10% discount, but in this region, the cost is still prohibitive even with the discount. If Recorded Future were more flexible in terms of price, there would be better sales opportunities in Europe and Eastern Europe, in particular, because we have more small- and medium-sized companies here."
"There appear to be up to five different levels, with the most expensive version costing around $95,000 to $105,000 a year for subscription services."
"I would rate the solution’s pricing a seven out of ten."
report
Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
871,358 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
11%
Computer Software Company
9%
Manufacturing Company
8%
Government
6%
Financial Services Firm
13%
Computer Software Company
11%
Manufacturing Company
10%
Government
6%
Financial Services Firm
14%
Computer Software Company
13%
Government
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business29
Midsize Enterprise13
Large Enterprise23
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise3
Large Enterprise9
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
Since we stood Zafran Security up in our private cloud, we handle the maintenance on our side. As we opted not to use...
What needs improvement with Zafran Security?
In terms of areas for improvement, Zafran Security is doing a really great job as a new and emerging company. Oftenti...
What is your primary use case for Zafran Security?
My use cases for Zafran Security revolve around two primary areas. One is around vulnerability management and priorit...
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. Yo...
What do you like most about Rapid7 InsightVM?
The product's initial setup phase was very easy.
What is your experience regarding pricing and costs for Rapid7 InsightVM?
The customers are mostly SMBs, though some enterprise organizations have also deployed the solution. This is neither ...
What do you like most about Recorded Future?
The most valuable feature of Recorded Future is how it detects everything regarding our domain.
What is your experience regarding pricing and costs for Recorded Future?
I am not the person responsible for purchases, but it's known that Recorded Future is expensive, with a personal rati...
What needs improvement with Recorded Future?
Their research capabilities and the human aspect should be more effective. The Insikt Group covers a narrow range of ...
 

Also Known As

No data available
InsightVM, NeXpose
No data available
 

Overview

 

Sample Customers

Information Not Available
ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
Fujitsu, Regions, SITA, St. Jude Medical, Accenture, T-Mobile, TIAA, Intel Security, Armor, Alert Logic, NTT, Splunk
Find out what your peers are saying about Qualys, Tenable, Rapid7 and others in Risk-Based Vulnerability Management. Updated: September 2025.
871,358 professionals have used our research since 2012.