Rapid7 InsightVM vs. Tenable Security Center

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Rapid7 InsightVM
Score 8.9 out of 10
N/A
InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also offers advanced remediation, tracking, and reporting capabilities not included in Nexpose.
$19
per GB
Tenable Security Center
Score 8.1 out of 10
N/A
Tenable Security Center (formerly Tenable.sc) from Tenable Network Security in Baltimore, presents a vulnerabiliy management option used to identify and prioritize vulnerabilities based on risk to businesses. It is managed on premises.N/A
Pricing
Rapid7 InsightVMTenable Security Center
Editions & Modules
Log Management
$19
per GB
Vulnerability Management
$22
per asset
insightIDR
$52
per asset
Application Security
$2,000
per app
insignConnect
Contact sales team
No answers on this topic
Offerings
Pricing Offerings
Rapid7 InsightVMTenable Security Center
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Rapid7 InsightVMTenable Security Center
Considered Both Products
Rapid7 InsightVM
Chose Rapid7 InsightVM
Product functionality and performance
Financial/organizational viability
Product roadmap and future vision
Chose Rapid7 InsightVM
I think Tenable is very comparable and they are both leaders in this space. I evaluated both of them side-by-side and ultimately decided to go with Rapid7. Tenable did have a slight edge on the amount of information I was getting from the machines, but I landed on R7 because I …
Chose Rapid7 InsightVM
Rapid7 InsightVM is more cost effective than the other solution on the market. It is easy to deploy and the user interface is easy to use and intuative. We select Rapid7 InsightVM mainly because it integrates well with ServiceNow compared to the other solution that were …
Chose Rapid7 InsightVM
There is not major changes but I would like to say Remediation process is far organised then Qualys. Easy UI and Live dashboarding is add-on.
Chose Rapid7 InsightVM
Rapid7 InsightVM is a more professional tool than NESSUS because historically, it was based on metasploit which is a powerful pentesting and exploiting tool. InsightVM covers more attacking scenarios and vulnerabilities than competitors and still a leader in this domain.cloud …
Chose Rapid7 InsightVM
I personally like Qualys much better. Out of the box, and the overall configuration is more natural, and the system itself is more stable.
Chose Rapid7 InsightVM
Qualys Cloud Platform (formerly Qualysguard)
Chose Rapid7 InsightVM
Nessus Pro does scans, but does not maintain an inventory from scan to scan. There is no history for a specific device, you have to look inside the results of each scan. Search across inventory is non-existent. There are no dashboards for data analysis. This is no tracking …
Chose Rapid7 InsightVM
Tenable has a more refined look for the reporting that it provides as a result of scanning events, but Nexpose seems to have a better ability to help quantify risk and help prioritize the work needed to get the quickest security result for the team and the company. The Nessus …
Chose Rapid7 InsightVM
Selection was made by my manager. We have used Nessus before and switched to Rapid7 Nexpose.
Tenable Security Center
Chose Tenable Security Center
Tenable.sc [(formerly SecurityCenter)] has been around for a long time and in our opinion offered the easiest configuration for compliance scanning and it's rating system was more impressive than Rapid 7's.
Chose Tenable Security Center
Tenable.sc can be installed so easily within an hour or so and it has user-friendly GUI with inbuilt industry-based customizable reports i.e. HIPAA, GDPR, ISO standards, etc. It also includes a configurable workflow engine that helps to speed up response and remediation, reduce …
Chose Tenable Security Center
My organization is strictly prohibited from using cloud services. Tenable.sc offers cloud service but we needed on-premises services. Therefore, Tenable.io was eliminated by Tenable.sc.
Chose Tenable Security Center
We decided to go with Tenable due to its robust reporting capabilities and competitive pricing vs its competitors. While all tools are very similar in regards to scanning capabilities we prefer Tenable SC's user interface. We also like the option to have both on-prem and cloud …
Chose Tenable Security Center
We selected Tenable because is one of the best solution at the moment. Tenable is a powerful tool that we use for validation of our patching methodology. This is very helpful if you are only patching what the vendor deems as critical and then with this external validation you …
Features
Rapid7 InsightVMTenable Security Center
Threat Intelligence
Comparison of Threat Intelligence features of Product A and Product B
Rapid7 InsightVM
7.4
Ratings
7% below category average
Tenable Security Center
9.6
Ratings
19% above category average
Network Analytics5.30 Ratings10.00 Ratings
Threat Recognition7.00 Ratings10.00 Ratings
Vulnerability Classification9.30 Ratings9.00 Ratings
Automated Alerts and Reporting9.30 Ratings10.00 Ratings
Threat Analysis7.40 Ratings10.00 Ratings
Threat Intelligence Reporting7.00 Ratings10.00 Ratings
Automated Threat Identification6.70 Ratings8.00 Ratings
Vulnerability Management Tools
Comparison of Vulnerability Management Tools features of Product A and Product B
Rapid7 InsightVM
8.3
Ratings
3% above category average
Tenable Security Center
9.6
Ratings
17% above category average
IT Asset Realization9.00 Ratings10.00 Ratings
Authentication8.60 Ratings8.00 Ratings
Configuration Monitoring8.60 Ratings10.00 Ratings
Web Scanning7.00 Ratings10.00 Ratings
Vulnerability Intelligence8.30 Ratings10.00 Ratings
Best Alternatives
Rapid7 InsightVMTenable Security Center
Small Businesses
Action1
Action1
Score 9.5 out of 10
Action1
Action1
Score 9.5 out of 10
Medium-sized Companies
Action1
Action1
Score 9.5 out of 10
Action1
Action1
Score 9.5 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.0 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.0 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Rapid7 InsightVMTenable Security Center
Likelihood to Recommend
9.0
(0 ratings)
8.0
(0 ratings)
Usability
9.0
(0 ratings)
9.0
(0 ratings)
Support Rating
7.2
(0 ratings)
9.4
(0 ratings)
User Testimonials
Rapid7 InsightVMTenable Security Center
Likelihood to Recommend
I think Rapid7 InsightVM is well suited for large enterprise customers with a lot of assets. It integrates well with a number of different ITSM solutions which I think is very good. There are not many CIS benchmarking tools on the market and Rapid7 InsightVM does a very good job at benchmarking. I think where Rapid7 InsightVM falls down a little is on false positive vulnerabilities. Sometime you there a few positive results on vulnerabily discovery. Tuning the settings for scan engines can sometimes be trick as well.
Read full review
Tenable.sc is best suited for those organizations who are not very comfortable with Cloud and want an on-premises solution. If any organization has to follow some guidelines that no data should go to the cloud, in this case, Tenable.sc is a perfect fit as it's installed in the infra Datacenter and no data goes to Cloud. Tenable.sc won't be appropriate for those who have their infra setup on cloud.
Read full review
Pros
  • The API is also a great tool for us to automate lots of routine procedures like scan and report of asset(s) BY EMAIL.
  • Tagging. It helps sort out results and reports for respective assets Owner for remediation without a lengthy report including unnecessary information for that particular team.
  • SQL Reporting. It provides advanced reporting and export capabilities that you can not find in the stock report template.
Read full review
  • Vulnerability management from one place
  • Maximum endpoint visibility
  • Easy to set up and plan the structure
  • Support desk quickly responses
  • Well-prepared documentation
  • Broad scanning type
  • Supports various compliance standards
  • User groups allows coordination between teams
Read full review
Cons
  • Devices found and scanned are never removed. Removal must be done manually with no option for automation.
  • The database can be fragile. Ours quietly corrupted and progressively degraded until we had to restore and lose 6 months of data. Still didn't fix it and had to be rebuilt again losing all data.
  • Workflow for delegating remediation is supposed to be helpful, but can also become cumbersome.
  • Scheduling can become a nightmare if not monitored closely. We found jobs had failed to run because the server had gone offline. When the server came online, it did not try to run missed jobs. Running missed jobs all at once can overload the server, but searching for and launching a large number of missed jobs manually is a pain.
Read full review
  • Tenable could make it easier to report on missing reg key.
  • Tenable can also make it easier to report on os level patches vs application patches.
Read full review
Usability
While I think it is a great tool and platform, I believe it (like all tools and solutions) is always evolving and the needs for clients are changing as the industry evolves and threats are upgraded. Cost is good, and support is helpful. Some things could be more granular and others could be easier to understand
Read full review
based on product capabilities and usage
Read full review
Support Rating
I gave it a seven due to the functionality and general ease of use after the initial setup headaches, but compared to Qualys, Rapid7 Nexpose falls short on features and ease of use. Their support drags this rating down a point as well. I have gone weeks with no update on semi-critical issues and typically have to make call after call to get a semi-coherent response.
Read full review
On all of the occasions that I have had to reach out to Tenable for assistance, they have been extremely helpful and knowledgeable. Solutions and support are provided quickly, and they work on the issue until it is resolved.
Read full review
Alternatives Considered
I think Tenable is very comparable and they are both leaders in this space. I evaluated both of them side-by-side and ultimately decided to go with Rapid7. Tenable did have a slight edge on the amount of information I was getting from the machines, but I landed on R7 because I found the features of the InsightVM tool to be more useful. They both get the job done, but I found InsightVM a better experience to use on a day-to-day basis and had better quality of life features that I was looking for.
Read full review
Tenable.sc [(formerly SecurityCenter)] has been around for a long time and in our opinion offered the easiest configuration for compliance scanning and it's rating system was more impressive than Rapid 7's.
Read full review
Return on Investment
  • It certainly has a more positive impact than negative impact while performing the scans. Nexpose can find report vulnerabilities that our other scanner fails to identify during the scan because of its defined scan templates.
  • Also, even if the scan is not being performed due to some issues like reachability, whitelisting, etc. it will try to give scan results unlike QualysGuard which just marks the asset as unreachable.
Read full review
  • Create internal/operational efficiencies
  • Improve compliance & risk management
  • Cost management
  • Solid vulnerability scanner
  • Ease, of use, and capabilities when it comes to analyzing vulnerabilities is what makes this product stand out
Read full review
ScreenShots