"Rapid7 Metasploit is a useful product."
"The reporting on the solution is good."
"The solution is open source and has many small targetted penetration tests that have been written by many people that are useful. You can choose different subjects for the test, such as Oracle databases or Apache servers."
"The most valuable feature for us is the support for testing Linux-based web server components."
"All of the features are great."
"The scans are the most valuable aspect of this solution."
"The feature we've liked most recently was being able to take the YARA rules from FireEye and put them into Tenable's scan for the most recent SolarWinds exploit. That was really useful."
"Compliance and vulnerability scans are most valuable. Compliance scan helps in validating how our teams are complying, and vulnerability scan helps in future-proofing. Its vulnerability detection is accurate."
"This product has the best results in terms of the lowest number of false-positives and false-negatives."
"The solution is one of the most, if not the most, stable product available."
"Their overall cost of service is pretty good."
"It's a very useful tool."
"I found the dashboard features very useful. It made it easy to track remediation progress. I could publish dashboards to remediation teams and track the progress on the dashboards."
"At the time I was using it, the graphical user interface needed some improvements."
"The solution should improve the responsiveness of its live technical support."
"Rapid7 Metasploit can add a GUI feature because it is only available online."
"The solution is not very scalable, it does not provide any automation to be able to scale it."
"Better automation capabilities would be an improvement."
"There is not much room for improvement. However, there should be a guide that describes the step-by-step procedures for doing tasks. Otherwise, training is required from a senior guy to a junior guy."
"The biggest issue I have with the solution is when I'm using the scanning it picks up the original DNS of that device. That means, before we image it and actually change the DNS to something within our company structure, it'll just be random numbers and letters and Tenable will stick to that DNS for a long time."
"Current web page needs improvement, slows down processes."
"The GUI could be improved to have all concerns and priorities use the same GUI, allowing them to see all tickets, assign vulnerabilities, and assign variation failures to each member of their team."
"I will say it's a lot slower compared to an MS scan. It takes so much longer, so the performance could definitely be worked on."
"The reporting side can be improved. The dashboards are nice, but exporting things out for reports for management was a little tough."
"Its reporting can be improved. It is not easy to generate a scan report the way we want. The data is okay, but we can't easily change the template to make it look the way we want."
"The integration is very good, although it still needs to improve."
Rapid7 Metasploit is ranked 10th in Vulnerability Management with 5 reviews while Tenable SC is ranked 4th in Vulnerability Management with 10 reviews. Rapid7 Metasploit is rated 7.6, while Tenable SC is rated 8.2. The top reviewer of Rapid7 Metasploit writes "Straightforward to set up, and helpful for moving from development to production". On the other hand, the top reviewer of Tenable SC writes "Good dashboards, reporting, and technical support, with a low rate of errors". Rapid7 Metasploit is most compared with Tenable Nessus, Rapid7 InsightVM, Wireshark, Darktrace and Arctic Wolf Managed Risk, whereas Tenable SC is most compared with Tenable.io Vulnerability Management, Tenable Nessus, Qualys VM, Rapid7 InsightVM and SecPoint Penetrator Vulnerability Scanner. See our Rapid7 Metasploit vs. Tenable SC report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
