IT Central Station is now PeerSpot: Here's why

Rapid7 InsightVM vs Tenable SC comparison

You must select at least 2 products to compare!
Rapid7 Logo
14,353 views|10,504 comparisons
Tenable Network Security Logo
21,216 views|16,899 comparisons
Featured Review
Buyer's Guide
Rapid7 InsightVM vs. Tenable SC
July 2022
Find out what your peers are saying about Rapid7 InsightVM vs. Tenable SC and other solutions. Updated: July 2022.
620,319 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
"When you connect any new device to the network, Rapid7 has the ability to detect the new device immediately. It can scan that device to detect if it has any vulnerability. It tells you what is vulnerable and what has been misconfigured. It also tells you what is the risk of that misconfiguration or lack of patches and how to resolve the problem.""We are very satisfied with the reports, as they provide us with the information that is required for our management.""I have been in contact with technical support and they are not bad.""The reports in Rapid7 InsightVM are useful when compared to competitors.""The product is scalable.""It's very scalable.""It's a relevant management tool.""The solution is good because it has a lot of options."

More Rapid7 InsightVM Pros →

"The most valuable features of Tenable SC are the reports and the dashboards.""Tenable SC is good for reporting and alerting. The filtering feature is also very valuable. Its integration with multiple vendors is quite good. It can be integrated with SIEM solutions and PAM solutions such as Thycotic, which is very helpful.""The solution is one of the most, if not the most, stable product available.""The usability is really good. It's very easy to use and a good platform. It is scalable and very stable. The technical support is fine and the setup is super easy.""The feature we've liked most recently was being able to take the YARA rules from FireEye and put them into Tenable's scan for the most recent SolarWinds exploit. That was really useful.""I find Tenable SC to be a very scalable product.""We use Tenable to scan all of our environments and plugins for vulnerabilities. Tenable helps us discover network vulnerabilities to threats and piracy.""Their overall cost of service is pretty good."

More Tenable SC Pros →

"The product does not have the capability to do dynamic scanning of non-web applications.""There are end-user needs and expectations that are being overlooked in the development that could be addressed by appointing a customer advisory board.""The reporting could be better.""The solution could improve by being more secure.""In terms of improvements, its price could be better. Our main issue with Rapid7 is that it is too expensive. You can only sell it to enterprise accounts. In terms of new features, Rapid7 came up with a product called InsightIDR a couple of years ago, which is a good SIEM solution. We expect that Rapid7 will work on some sort of integration between InsightVM and InsightIDR, where vulnerability or anomaly detected by InsightVM can be reported in InsightIDR in some sort of real-time. Rapid7 doesn't patch. For example, if you have a vulnerability, some products can scan and also do the patching, but Rapid7 does not do the patching. It would be nice if it can also patch.""We'd like the agent to cover more compliance issues.""I would say that it improved our visibility, but it left things open.""Rapid7 InsightVM could be easier to use for those who are using it for the first time."

More Rapid7 InsightVM Cons →

"Tenable SC can improve by making it easier to create complicated reports and have more effectiveness in the remediation area for comparison between the scans.""Tenable SC could improve by making the creation of the initial reports easier that correspond to our network.""The biggest issue I have with the solution is when I'm using the scanning it picks up the original DNS of that device. That means, before we image it and actually change the DNS to something within our company structure, it'll just be random numbers and letters and Tenable will stick to that DNS for a long time.""For downloading reports, we have to go to the scan and then we have to go to the reports and download the Excel or CSV or PDF. I think these menus and clicks can be minimized.""Tenable's reporting engine needs improvement. It needs to be more efficient and add more features.""Current web page needs improvement, slows down processes.""I think the vendor training provided for could be a lower price. It's quite expensive for the training.""There is not much room for improvement. However, there should be a guide that describes the step-by-step procedures for doing tasks. Otherwise, training is required from a senior guy to a junior guy."

More Tenable SC Cons →

Pricing and Cost Advice
  • "The licensing is asset-based and very straightforward."
  • "Its price is too high. My only concern or issue with Rapid7 is its pricing."
  • "Comparing the price with the value that we receive, I am not happy with it."
  • "The license is annual and this is the optimal approach when it comes to most software."
  • "In some cases, we procure the licenses. In some cases, the customers directly buy the license from Rapid7."
  • "Licensing fees are paid on a yearly basis."
  • "We have an annual license to use Rapid7 InsightVM and if we want to extend it, we will possibly choose more than one year."
  • "Pricing is reasonable because we pay according to asset usage. We can define our assets and sites according to our preference."
  • More Rapid7 InsightVM Pricing and Cost Advice →

  • "I use a local license to perform penetration testing and I'm pretty happy with everything when it comes to pricing and licensing."
  • "Though reasonable, the main competitor of Tenable SC, Rapid7, offers a more aggressive and better priced product."
  • "It is a bit expensive. Everything is included in the license."
  • "The price of Tenable SC is expensive, we pay approximately €70,000 for the license annually. We have to pay for each IP test. The cost of other solutions is far less, such as Nessus Professional, which is €3,000 annually."
  • "Compared to other companies or other products it could maybe be a little bit less, but the price is okay. I would say it's not very expensive."
  • More Tenable SC Pricing and Cost Advice →

    Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
    620,319 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid7… more »
    Top Answer:InsightVM's most valuable feature is risk scoring, a formula based on different vectors like the ease of exploitation and the availability of the machine.
    Top Answer:InsightVM's licensing starts at a minimum of 128 IPs and can scale up to over 1,000.
    Top Answer:The most valuable features in Tenable SC are scanning and analysis.
    Top Answer:Compared to other companies or other products it could maybe be a little bit less, but the price is okay. I would say it's not very expensive.
    Top Answer:Tenable SC can improve by making it easier to create complicated reports and have more effectiveness in the remediation area for comparison between the scans.
    Average Words per Review
    Average Words per Review
    Also Known As
    InsightVM, NeXpose
    Tenable Unified Security, Tenable SecurityCenter
    Learn More

    Rapid7 InsightVM is a comprehensive vulnerability management platform that protects your systems from attackers and is easy to scale. The solution provides easy access to vulnerability management, application security, detection and response, external threat intelligence, orchestration and automation, and more. Rapid7 InsightVM is ideal for security, IT, and DevOps teams, helping them reduce risk by enabling them to detect and respond to attacks quickly.

    Rapid7 InsightVM Features

    Rapid7 InsightVM has many valuable key features. Some of the most useful ones include:

    • Automated containment: With this feature, you can decrease exposure from vulnerabilities by automatically implementing temporary (or permanent) compensating controls via your network access control (NAC) systems, firewalls, and endpoint detection and response tools.
    • Policy assessment: Rapid7 InsightVM offers pre-built scan templates for common compliance requirements. The solution helps you take clear, actionable steps to compliance once you have assessed your risk posture. In addition, Rapid7 InsightVM’s Custom Policy Builder allows you to modify existing benchmarks or create new policies from scratch.
    • REST API: Rapid7 InsightVM REST API is easy to use and was built to easily automate virtually any aspect of vulnerability management, from data collection to risk analysis.
    • Live dashboards: Rapid7 InsightVM includes dashboards that are live and interactive by nature. The live dashboards enable you to create custom cards and full dashboards for anyone in your organization and allow you to track progress of your security program.
    • Automation-assisted patching: Rapid7 InsightVM’s automation-assisted patching gives you the autonomy to make key decisions in your patching process, such as your approval to apply certain patches to certain vulnerabilities.
    • Real risk prioritization: Rapid7 InsightVM makes it simple to know which vulnerabilities need to be prioritized and where your riskiest assets lie.
    • Goals and SLA’s: This feature enables you to make and track progress toward your goals and service level agreements (SLAs) at an appropriate pace.

    Rapid7 InsightVM Benefits

    There are many benefits to implementing Rapid7 InsightVM. Some of the biggest advantages the solution offers include:

    • Attack surface monitoring for maintained visibility: By leveraging attack surface monitoring with Project Sonar (a Rapid7 research project that regularly scans the internet to gain insights into global exposure to common vulnerabilities), you can gain more control of all of your external-facing assets, both known and unknown.
    • Container security: Rapid7 InsightVM integrates with your CI/CD tools, public container repositories, and private repositories to assess container images for vulnerabilities during the build process even before they are deployed.
    • Lightweight endpoint agent: Rapid7 InsightVM unifies data so you only need to install a single agent for continuous vulnerability assessment, incident detection, and log data collection.
    • Easily assign and track remediation duties: Using Rapid7 InsightVM, IT and security teams can assign as well as track remediation duties without having to deal with remediation reports, complex spreadsheets, or back-and-forth email tags.
    • Integration with cloud services and virtual infrastructure: Rapid7 InsightVM provides full visibility into risk across your physical, virtual, and cloud infrastructure.
    • Integrated threat feeds: Rapid7 InsightVM is designed with integrated threat feeds, giving you a dynamic view that shows you which threats are most relevant to your environment, enabling you to better protect against current, impending threats so you can react quickly to critical vulnerabilities.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Rapid7 InsightVM solution.

    An owner at a tech services company says, "I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps."

    PeerSpot user Kimeang S., Technical Consultant at Yip Intsoi, mentions, "The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at."

    A Director of Information Technology at a government explains, "The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."

    Tenable SC is an on-premises vulnerability management solution that offers complete visibility into the security measures of your complex IT infrastructure. Tenable SC also works by assessing risks and clearing vulnerability trends. By implementing Tenable SC, you can see all your vulnerabilities and continuously assess all assets the moment they join the network, including transient devices that aren’t regularly connected. In addition, Tenable SC can predict what matters by understanding vulnerabilities in the context of business risk, as well as the criticality of affected assets.

    Tenable SC Features

    Tenable SC has several features that sets it apart from its competitors' vulnerability management tools including:

    • Continuous and consistent monitoring of applications, cloud infrastructure, and users
    • Compliance with industry standard
    • Full visibility of IT environments (all networks, systems, and applications)
    • Pre-built dashboards and reports that are customizable
    • VPR (Vulnerability Priority Rating) to help identify and prioritize vulnerabilities
    • ARC (Assurance Report Cards) that are used to measure, visualize, and analyze your security programs’ effectiveness
    • Alerts and notifications provided in real time that detect network irregularities
    • Automated scans, perimeter scanning, and vulnerability scanning
    • Risk prioritization, risk scoring, and risk reporting

    Tenable SC Benefits

    Some of the benefits of using Tenable SC include:

    Full vulnerability assessment coverage: Tenable SC helps eliminate blind spots in your IT infrastructure by providing complete visibility of network-connected assets, activity, and events.

    • Immediate insights: Because Tenable SC provides clear, actionable dashboards and reports, it enables you to quickly measure and analyze safety effectiveness and risks.

    • Boosts productivity: By allowing you to adjust reports and spreadsheets, Tenable SC increases productivity and improves efficiency as well.

    • Identify threats and unexpected changes in the network: With Tenable SC, you can easily address identified threats and can also obtain specific alerts to quickly begin remediation efforts.

    • Prioritize Tasks: Tenable SC enables security teams to focus on the vulnerabilities and assets that matter most, so they can address a company’s true business risk instead of spending valuable time on vulnerabilities that have a low likelihood of being exploited.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Tenable SC users who are currently using the solution.

    PeerSpot user Joao M., who is a CIO / IT Consultant at RedShift, reports that the solution has good dashboards, reporting, and technical support, with a low rate of errors. He specifically points out that "This product has the best results in terms of the lowest number of false positives and false negatives."

    Another PeerSpot user who is a program manager at a tech services company comments on how the solution successfully monitors their whole environment in real time and makes everything more secure. He mentions "The feature we've liked most recently was being able to take the YARA rules from FireEye and put them into Tenable’s scan for the most recent SolarWinds exploit. That was really useful."

    An information security analyst at a retailer says that besides the fact that the overall price for the product is pretty good, the solution is “intuitive with excellent technical support and good stability.

    Learn more about Rapid7 InsightVM
    Learn more about Tenable SC
    Sample Customers
    ACS, Acosta, AllianceData,, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
    IBM, Sempra Energy, Microsoft, Apple, Adidas, Union Pacific
    Top Industries
    Financial Services Firm16%
    Computer Software Company16%
    Insurance Company11%
    Energy/Utilities Company11%
    Computer Software Company22%
    Comms Service Provider16%
    Insurance Company7%
    Financial Services Firm29%
    Manufacturing Company18%
    Comms Service Provider12%
    Healthcare Company12%
    Computer Software Company22%
    Comms Service Provider14%
    Financial Services Firm8%
    Company Size
    Small Business39%
    Midsize Enterprise22%
    Large Enterprise39%
    Small Business21%
    Midsize Enterprise18%
    Large Enterprise61%
    Small Business31%
    Midsize Enterprise10%
    Large Enterprise59%
    Small Business18%
    Midsize Enterprise16%
    Large Enterprise65%
    Buyer's Guide
    Rapid7 InsightVM vs. Tenable SC
    July 2022
    Find out what your peers are saying about Rapid7 InsightVM vs. Tenable SC and other solutions. Updated: July 2022.
    620,319 professionals have used our research since 2012.

    Rapid7 InsightVM is ranked 5th in Vulnerability Management with 22 reviews while Tenable SC is ranked 2nd in Vulnerability Management with 13 reviews. Rapid7 InsightVM is rated 7.4, while Tenable SC is rated 8.2. The top reviewer of Rapid7 InsightVM writes "Broad capabilities make this scanning solution able to cover a lot of ground". On the other hand, the top reviewer of Tenable SC writes "Monitors our whole environment in real time and makes everything more secure". Rapid7 InsightVM is most compared with Tenable Nessus, Qualys VM, Vulnerability Management, Microsoft Intune and Rapid7 InsightIDR, whereas Tenable SC is most compared with Vulnerability Management, Tenable Nessus, Qualys VM, Forescout Platform and Cisco ISE (Identity Services Engine). See our Rapid7 InsightVM vs. Tenable SC report.

    See our list of best Vulnerability Management vendors.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.