• Home
  • Rapid7 InsightVM vs. Splunk Enterprise Security

Rapid7 InsightVM vs Splunk Enterprise Security comparison

Cancel
You must select at least 2 products to compare!
Rapid7 Logo

Rapid7 InsightVM

Read 55 Rapid7 InsightVM reviews
6,391 views|4,159 comparisons
89% willing to recommend
Splunk Logo

Splunk Enterprise Security

Read 228 Splunk Enterprise Security reviews
25,711 views|20,955 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Risk-Based Vulnerability Management
April 2024
Executive Summary

We performed a comparison between Rapid7 InsightVM and Splunk Enterprise Security based on real PeerSpot user reviews.

Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management.
To learn more, read our detailed Risk-Based Vulnerability Management Report (Updated: April 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Christian Kyony
A vulnerability management solution that is great for managing video equipment
Rapid7 InsightVM is more focused on proactive liability management. However, when there's an incident, our team can handle it, but it's not a top... Read more →
Niranjan N
The solution has improved our operations by giving us access to more information and allowing us to deploy more use...
Splunk has improved our operations by giving us access to more information and allowing us to deploy more use cases. We have integrated Splunk with... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Has great reporting features.""The reports in Rapid7 InsightVM are useful when compared to competitors.""I really love the new platform. It is really easy to understand, use, and deploy.""We are very satisfied with the reports, as they provide us with the information that is required for our management.""The most valuable feature is the vulnerability scan.""This solution's most useful feature is that it is entirely a single-page application.""The solution is automatically scheduled so it runs by itself.""Rapid7 have a good distribution network with good support and market presence."

More Rapid7 InsightVM Pros →

"Splunk's visualizations make it easy for users to understand the data.""The solution has plenty of features that are good.""Splunk would be my choice for the presentation layer because it comes with inbuilt reports and a dashboard that you can customize.""The initial setup is really straightforward. It's one of the easiest installations.""I like the ease with which dashboards can be created.""It scales better in the cloud than on-premise.""The correlation searches are most valuable just because we are able to do things like RBA.""The ability to digest any information and then correlate it in accordance with what you need is valuable. The ability to connect to pretty much everything and bring the information in the same format is also valuable. On top of that, we can use their language in order to create and customize the dashboards, correlations, or analytics that we want to incorporate."

More Splunk Enterprise Security Pros →

Cons
"Reporting could be expanded.""The solution needs to improve its vulnerability design to include CVC results.""We found that after you passed an endpoint, it didn't always reflect it in the next scan. I'm not sure if it was a glitch or some issue with the product's software. That was never clear. That was always an issue and something that definitely needed improvement.""There are not enough templates, and the reporting is weak with this solution.""There should be containerization within the VM.""The reporting is a little bit tricky because it can be difficult to exactly pinpoint some of the assets to filter them and generate a report.""It is still not a fully cloud-based solution. It will be helpful for customers if it is a complete cloud solution. It is a hybrid solution at the moment.""We are a registered reseller and a trusted partner. However, for us to get any support from them I can't log a call directly with Rapid7 InsightVM. I have to work with the distributor to log the call for me."

More Rapid7 InsightVM Cons →

"I would like to see an updated dashboard. The dashboard is a little out-of-date. It could be made prettier.""The solution could use a different licensing model.""Search head clustering is often temperamental in its current state and should be improved, replaced by something better, or be reverted to search head pooling.""Splunk is query-based, which is not the case with most cybersecurity tools. It is based on search queries and can be difficult to use. It would be good if they can make it easier to understand how to create search queries. They can improve the knowledge base for better understanding. To create your dashboard, you need to have a search query. We have multiple firewalls in our company, and we need a dashboard for them. It would be helpful if a default firewall dashboard is included in Splunk to make monitoring easier. If a dashboard is available for a security device, the operation part will be more efficient. We won't have to follow a manual process for this.""The setup time is quite long.""I would like some additional AI capabilities to provide additional information about things going wrong and things going well.""The product could be cheaper.""Splunk is not very user-friendly. It has a complex architecture in comparison to other solutions on the market."

More Splunk Enterprise Security Cons →

Pricing and Cost Advice
  • "The price of the solution is less than the competitors."
  • "I do not have experience with the pricing of the solution."
  • "This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important."
  • "The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."
  • "Our licensing costs are somewhere around $40,000 annually. There are no additional fees."
  • "The licensing is asset-based and very straightforward."
  • "Its price is too high. My only concern or issue with Rapid7 is its pricing."
  • "Comparing the price with the value that we receive, I am not happy with it."

    • More Rapid7 InsightVM Pricing and Cost Advice →

  • "Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."
  • "Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."
  • "It is not cheap."
  • "Splunk Enterprise becomes extremely expensive after the 20GB/month license."
  • "You will eat up whatever you purchase quickly. The level of insights that Splunk empowers is addictive."
  • "Splunk licensing model might seem expensive but with all the gain in functionalities you will have compared to traditional SIEM solutions I think it’s worth the price."
  • "Pricing is pretty fair."
  • "While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."

    • More Splunk Enterprise Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    How would you choose between Rapid7 InsightVM and Tenable Nessus?
    Top Answer:You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid7… more »
    Read all 2 answers   →
    What do you like most about Rapid7 InsightVM?
    Top Answer:InsightVM offers a robust platform for identifying, prioritizing, and addressing vulnerabilities across an organization's IT infrastructure.
    Read all 40 answers   →
    What is your experience regarding pricing and costs for Rapid7 InsightVM?
    Top Answer:The solution’s pricing is good because the value proposition delivers a report box. It is not very costly.
    Read all 30 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Read all 12 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    How does Splunk compare with Azure Monitor?
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we… more »
    Read all 2 answers   →
    Ranking
    4th
    out of 37 in Risk-Based Vulnerability Management
    Views
    6,391
    Comparisons
    4,159
    Reviews
    21
    Average Words per Review
    374
    Rating
    8.1
    2nd
    out of 80 in Security Information and Event Management (SIEM)
    Views
    25,711
    Comparisons
    20,955
    Reviews
    63
    Average Words per Review
    958
    Rating
    8.4
    Comparisons
    Also Known As
    InsightVM, NeXpose
    Learn More
    Rapid7
    Splunk
    Overview

    Rapid7 InsightVM is a comprehensive vulnerability management platform that protects your systems from attackers and is easy to scale. The solution provides easy access to vulnerability management, application security, detection and response, external threat intelligence, orchestration and automation, and more. Rapid7 InsightVM is ideal for security, IT, and DevOps teams, helping them reduce risk by enabling them to detect and respond to attacks quickly.

    Rapid7 InsightVM Features

    Rapid7 InsightVM has many valuable key features. Some of the most useful ones include:

    • Automated containment: With this feature, you can decrease exposure from vulnerabilities by automatically implementing temporary (or permanent) compensating controls via your network access control (NAC) systems, firewalls, and endpoint detection and response tools.
    • Policy assessment: Rapid7 InsightVM offers pre-built scan templates for common compliance requirements. The solution helps you take clear, actionable steps to compliance once you have assessed your risk posture. In addition, Rapid7 InsightVM’s Custom Policy Builder allows you to modify existing benchmarks or create new policies from scratch.
    • REST API: Rapid7 InsightVM REST API is easy to use and was built to easily automate virtually any aspect of vulnerability management, from data collection to risk analysis.
    • Live dashboards: Rapid7 InsightVM includes dashboards that are live and interactive by nature. The live dashboards enable you to create custom cards and full dashboards for anyone in your organization and allow you to track progress of your security program.
    • Automation-assisted patching: Rapid7 InsightVM’s automation-assisted patching gives you the autonomy to make key decisions in your patching process, such as your approval to apply certain patches to certain vulnerabilities.
    • Real risk prioritization: Rapid7 InsightVM makes it simple to know which vulnerabilities need to be prioritized and where your riskiest assets lie.
    • Goals and SLA’s: This feature enables you to make and track progress toward your goals and service level agreements (SLAs) at an appropriate pace.

    Rapid7 InsightVM Benefits

    There are many benefits to implementing Rapid7 InsightVM. Some of the biggest advantages the solution offers include:

    • Attack surface monitoring for maintained visibility: By leveraging attack surface monitoring with Project Sonar (a Rapid7 research project that regularly scans the internet to gain insights into global exposure to common vulnerabilities), you can gain more control of all of your external-facing assets, both known and unknown.
    • Container security: Rapid7 InsightVM integrates with your CI/CD tools, public container repositories, and private repositories to assess container images for vulnerabilities during the build process even before they are deployed.
    • Lightweight endpoint agent: Rapid7 InsightVM unifies data so you only need to install a single agent for continuous vulnerability assessment, incident detection, and log data collection.
    • Easily assign and track remediation duties: Using Rapid7 InsightVM, IT and security teams can assign as well as track remediation duties without having to deal with remediation reports, complex spreadsheets, or back-and-forth email tags.
    • Integration with cloud services and virtual infrastructure: Rapid7 InsightVM provides full visibility into risk across your physical, virtual, and cloud infrastructure.
    • Integrated threat feeds: Rapid7 InsightVM is designed with integrated threat feeds, giving you a dynamic view that shows you which threats are most relevant to your environment, enabling you to better protect against current, impending threats so you can react quickly to critical vulnerabilities.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Rapid7 InsightVM solution.

    An owner at a tech services company says, "I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps."

    PeerSpot user Kimeang S., Technical Consultant at Yip Intsoi, mentions, "The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at."

    A Director of Information Technology at a government explains, "The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."

    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    Sample Customers
    ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Top Industries
    REVIEWERS
    Computer Software Company17%
    Financial Services Firm13%
    Comms Service Provider13%
    Security Firm10%
    VISITORS READING REVIEWS
    Educational Organization33%
    Computer Software Company11%
    Financial Services Firm7%
    Manufacturing Company6%
    REVIEWERS
    Computer Software Company19%
    Financial Services Firm15%
    Government10%
    Energy/Utilities Company7%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company14%
    Government9%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business47%
    Midsize Enterprise20%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise43%
    Large Enterprise41%
    REVIEWERS
    Small Business31%
    Midsize Enterprise12%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    Buyer's Guide
    Risk-Based Vulnerability Management
    April 2024
    Download Free Report
    Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management. Updated: April 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    Rapid7 InsightVM is ranked 4th in Risk-Based Vulnerability Management with 55 reviews while Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 228 reviews. Rapid7 InsightVM is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Rapid7 InsightVM writes "You can scan a network, and receive recommendations to address vulnerabilities with the click of a button". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Rapid7 InsightVM is most compared with Tenable Nessus, Qualys VMDR, Tenable Security Center, Microsoft Defender Vulnerability Management and Rapid7 InsightIDR, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security.

    We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.