Rapid7 InsightVM vs Tenable SC comparison

Rapid7 InsightVM is a comprehensive vulnerability management platform that protects your systems from attackers and is easy to scale. The solution provides easy access to vulnerability management, application security, detection and response, external threat intelligence, orchestration and automation, and more. Rapid7 InsightVM is ideal for security, IT, and DevOps teams, helping them reduce risk by enabling them to detect and respond to attacks quickly.

Rapid7 InsightVM Features

Rapid7 InsightVM has many valuable key features. Some of the most useful ones include:

• Automated containment: With this feature, you can decrease exposure from vulnerabilities by automatically implementing temporary (or permanent) compensating controls via your network access control (NAC) systems, firewalls, and endpoint detection and response tools.

• Policy assessment: Rapid7 InsightVM offers pre-built scan templates for common compliance requirements. The solution helps you take clear, actionable steps to compliance once you have assessed your risk posture. In addition, Rapid7 InsightVM’s Custom Policy Builder allows you to modify existing benchmarks or create new policies from scratch.

• REST API: Rapid7 InsightVM REST API is easy to use and was built to easily automate virtually any aspect of vulnerability management, from data collection to risk analysis.

• Live dashboards: Rapid7 InsightVM includes dashboards that are live and interactive by nature. The live dashboards enable you to create custom cards and full dashboards for anyone in your organization and allow you to track progress of your security program.

• Automation-assisted patching: Rapid7 InsightVM’s automation-assisted patching gives you the autonomy to make key decisions in your patching process, such as your approval to apply certain patches to certain vulnerabilities.

• Real risk prioritization: Rapid7 InsightVM makes it simple to know which vulnerabilities need to be prioritized and where your riskiest assets lie.

• Goals and SLA’s: This feature enables you to make and track progress toward your goals and service level agreements (SLAs) at an appropriate pace.

Rapid7 InsightVM Benefits

There are many benefits to implementing Rapid7 InsightVM. Some of the biggest advantages the solution offers include:

• Attack surface monitoring for maintained visibility: By leveraging attack surface monitoring with Project Sonar (a Rapid7 research project that regularly scans the internet to gain insights into global exposure to common vulnerabilities), you can gain more control of all of your external-facing assets, both known and unknown.

• Container security: Rapid7 InsightVM integrates with your CI/CD tools, public container repositories, and private repositories to assess container images for vulnerabilities during the build process even before they are deployed.

• Lightweight endpoint agent: Rapid7 InsightVM unifies data so you only need to install a single agent for continuous vulnerability assessment, incident detection, and log data collection.

• Easily assign and track remediation duties: Using Rapid7 InsightVM, IT and security teams can assign as well as track remediation duties without having to deal with remediation reports, complex spreadsheets, or back-and-forth email tags.

• Integration with cloud services and virtual infrastructure: Rapid7 InsightVM provides full visibility into risk across your physical, virtual, and cloud infrastructure.

• Integrated threat feeds: Rapid7 InsightVM is designed with integrated threat feeds, giving you a dynamic view that shows you which threats are most relevant to your environment, enabling you to better protect against current, impending threats so you can react quickly to critical vulnerabilities.

Reviews from Real Users

Below are some reviews and helpful feedback written by PeerSpot users currently using the Rapid7 InsightVM solution.

An owner at a tech services company says, "I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps."

PeerSpot user Kimeang S., Technical Consultant at Yip Intsoi, mentions, "The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at."

A Director of Information Technology at a government explains, "The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."

Tenable SC is an on-premises vulnerability management solution that offers complete visibility into the security measures of your complex IT infrastructure. Tenable SC also works by assessing risks and clearing vulnerability trends. By implementing Tenable SC, you can see all your vulnerabilities and continuously assess all assets the moment they join the network, including transient devices that aren’t regularly connected. In addition, Tenable SC can predict what matters by understanding vulnerabilities in the context of business risk, as well as the criticality of affected assets.

Tenable SC Features

Tenable SC has several features that sets it apart from its competitors' vulnerability management tools including:

• Continuous and consistent monitoring of applications, cloud infrastructure, and users
• Compliance with industry standard
• Full visibility of IT environments (all networks, systems, and applications)
• Pre-built dashboards and reports that are customizable
• VPR (Vulnerability Priority Rating) to help identify and prioritize vulnerabilities
• ARC (Assurance Report Cards) that are used to measure, visualize, and analyze your security programs’ effectiveness
• Alerts and notifications provided in real time that detect network irregularities
• Automated scans, perimeter scanning, and vulnerability scanning
• Risk prioritization, risk scoring, and risk reporting

Tenable SC Benefits

Some of the benefits of using Tenable SC include:

Full vulnerability assessment coverage: Tenable SC helps eliminate blind spots in your IT infrastructure by providing complete visibility of network-connected assets, activity, and events.

• Immediate insights: Because Tenable SC provides clear, actionable dashboards and reports, it enables you to quickly measure and analyze safety effectiveness and risks.
  
  
• Boosts productivity: By allowing you to adjust reports and spreadsheets, Tenable SC increases productivity and improves efficiency as well.
  
  
• Identify threats and unexpected changes in the network: With Tenable SC, you can easily address identified threats and can also obtain specific alerts to quickly begin remediation efforts.
  
  
• Prioritize Tasks: Tenable SC enables security teams to focus on the vulnerabilities and assets that matter most, so they can address a company’s true business risk instead of spending valuable time on vulnerabilities that have a low likelihood of being exploited.

Reviews from Real Users

Below are some reviews and helpful feedback written by Tenable SC users who are currently using the solution.

PeerSpot user Joao M., who is a CIO / IT Consultant at RedShift, reports that the solution has good dashboards, reporting, and technical support, with a low rate of errors. He specifically points out that "This product has the best results in terms of the lowest number of false positives and false negatives."

Another PeerSpot user who is a program manager at a tech services company comments on how the solution successfully monitors their whole environment in real time and makes everything more secure. He mentions "The feature we've liked most recently was being able to take the YARA rules from FireEye and put them into Tenable’s scan for the most recent SolarWinds exploit. That was really useful."

An information security analyst at a retailer says that besides the fact that the overall price for the product is pretty good, the solution is “intuitive with excellent technical support and good stability.”