Rapid7 InsightVM vs. Vulcan Cyber (discontinued)

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Rapid7 InsightVM
Score 8.9 out of 10
N/A
InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also offers advanced remediation, tracking, and reporting capabilities not included in Nexpose.
$19
per GB
Vulcan Cyber (discontinued)
Score 7.5 out of 10
Mid-Size Companies (51-1,000 employees)
Vulcan Cyber was an exposure and vulnerability risk mitigation platform, acquired by Tenable in early 2025. The product is no longer available for sale, and functionality has been integrated into the Tenable One Exposure Management platform's vulnerability solution.N/A
Pricing
Rapid7 InsightVMVulcan Cyber (discontinued)
Editions & Modules
Log Management
$19
per GB
Vulnerability Management
$22
per asset
insightIDR
$52
per asset
Application Security
$2,000
per app
insignConnect
Contact sales team
No answers on this topic
Offerings
Pricing Offerings
Rapid7 InsightVMVulcan Cyber (discontinued)
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Rapid7 InsightVMVulcan Cyber (discontinued)
Considered Both Products
Rapid7 InsightVM
Chose Rapid7 InsightVM
Product functionality and performance
Financial/organizational viability
Product roadmap and future vision
Chose Rapid7 InsightVM
I think Tenable is very comparable and they are both leaders in this space. I evaluated both of them side-by-side and ultimately decided to go with Rapid7. Tenable did have a slight edge on the amount of information I was getting from the machines, but I landed on R7 because I …
Chose Rapid7 InsightVM
Rapid7 InsightVM is more cost effective than the other solution on the market. It is easy to deploy and the user interface is easy to use and intuative. We select Rapid7 InsightVM mainly because it integrates well with ServiceNow compared to the other solution that were …
Chose Rapid7 InsightVM
There is not major changes but I would like to say Remediation process is far organised then Qualys. Easy UI and Live dashboarding is add-on.
Chose Rapid7 InsightVM
Rapid7 InsightVM is a more professional tool than NESSUS because historically, it was based on metasploit which is a powerful pentesting and exploiting tool. InsightVM covers more attacking scenarios and vulnerabilities than competitors and still a leader in this domain.cloud …
Chose Rapid7 InsightVM
I personally like Qualys much better. Out of the box, and the overall configuration is more natural, and the system itself is more stable.
Chose Rapid7 InsightVM
Qualys Cloud Platform (formerly Qualysguard)
Chose Rapid7 InsightVM
Nessus Pro does scans, but does not maintain an inventory from scan to scan. There is no history for a specific device, you have to look inside the results of each scan. Search across inventory is non-existent. There are no dashboards for data analysis. This is no tracking …
Chose Rapid7 InsightVM
Tenable has a more refined look for the reporting that it provides as a result of scanning events, but Nexpose seems to have a better ability to help quantify risk and help prioritize the work needed to get the quickest security result for the team and the company. The Nessus …
Chose Rapid7 InsightVM
Selection was made by my manager. We have used Nessus before and switched to Rapid7 Nexpose.
Vulcan Cyber (discontinued)
Chose Vulcan Cyber (discontinued)
Acronis Cyber Protect
Chose Vulcan Cyber (discontinued)
I wasn't here at the time when the company compared different vulnerability management platforms so I'm not sure on the reasoning and difference between the 2. It could be that the team went through different choices and found Vulcan to be the best fit. It's hard for me to say …
Chose Vulcan Cyber (discontinued)
My role is not in charge of selecting more services or products like Vulcan. I just use them as part of my daily responsibilities. Maybe other roles can give more feedback about this.
Chose Vulcan Cyber (discontinued)
Nucleus Security was missing some connectors and was more focused on risk prioritization than ticketing automation.

Seemplicity had a different billing method that may have ended up being more expensive. Also a younger app.
Chose Vulcan Cyber (discontinued)
Vulcan Cyber has a more mature platform catered for enterprise customers compared to Nucleus. The very close support and attention to detail of the Vulcan sales and technical team also helped in answering any possible question we had about the platform or take note of our …
Chose Vulcan Cyber (discontinued)
The competitors were either more complex to implement or higher cost for similar capabilities.
Chose Vulcan Cyber (discontinued)
Vulcan was easier to implement with our existing Security environment. The UX and UI were more intuitive and user-friendly. While SOAR is a super solid product, for our business Vulcan made more sense. It was more of a natural fit for a rapidly-expanding company in a …
Features
Rapid7 InsightVMVulcan Cyber (discontinued)
Threat Intelligence
Comparison of Threat Intelligence features of Product A and Product B
Rapid7 InsightVM
7.4
Ratings
7% below category average
Vulcan Cyber (discontinued)
7.9
Ratings
0% below category average
Network Analytics5.30 Ratings7.70 Ratings
Threat Recognition7.00 Ratings00 Ratings
Vulnerability Classification9.30 Ratings8.20 Ratings
Automated Alerts and Reporting9.30 Ratings7.40 Ratings
Threat Analysis7.40 Ratings8.00 Ratings
Threat Intelligence Reporting7.00 Ratings00 Ratings
Automated Threat Identification6.70 Ratings8.00 Ratings
Vulnerability Management Tools
Comparison of Vulnerability Management Tools features of Product A and Product B
Rapid7 InsightVM
8.3
Ratings
3% above category average
Vulcan Cyber (discontinued)
7.3
Ratings
10% below category average
IT Asset Realization9.00 Ratings8.20 Ratings
Authentication8.60 Ratings00 Ratings
Configuration Monitoring8.60 Ratings6.40 Ratings
Web Scanning7.00 Ratings00 Ratings
Vulnerability Intelligence8.30 Ratings7.40 Ratings
Best Alternatives
Rapid7 InsightVMVulcan Cyber (discontinued)
Small Businesses
Action1
Action1
Score 9.5 out of 10
Action1
Action1
Score 9.5 out of 10
Medium-sized Companies
Action1
Action1
Score 9.5 out of 10
Action1
Action1
Score 9.5 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.0 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.0 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Rapid7 InsightVMVulcan Cyber (discontinued)
Likelihood to Recommend
9.0
(0 ratings)
7.2
(0 ratings)
Usability
9.0
(0 ratings)
-
(0 ratings)
Support Rating
7.2
(0 ratings)
-
(0 ratings)
Ease of integration
-
(0 ratings)
7.1
(0 ratings)
User Testimonials
Rapid7 InsightVMVulcan Cyber (discontinued)
Likelihood to Recommend
I think Rapid7 InsightVM is well suited for large enterprise customers with a lot of assets. It integrates well with a number of different ITSM solutions which I think is very good. There are not many CIS benchmarking tools on the market and Rapid7 InsightVM does a very good job at benchmarking. I think where Rapid7 InsightVM falls down a little is on false positive vulnerabilities. Sometime you there a few positive results on vulnerabily discovery. Tuning the settings for scan engines can sometimes be trick as well.
Read full review
We use Vulcan Cyber to help with the technical debt accrued over time with systems that were not maintained as well as they should be. To combat this, we use the campaign feature to keep a running tab on every system to ensure it is brought up to standards and maintained.
Read full review
Pros
  • The API is also a great tool for us to automate lots of routine procedures like scan and report of asset(s) BY EMAIL.
  • Tagging. It helps sort out results and reports for respective assets Owner for remediation without a lengthy report including unnecessary information for that particular team.
  • SQL Reporting. It provides advanced reporting and export capabilities that you can not find in the stock report template.
Read full review
  • The user interface makes it very easy to use.
  • It provides a clear picture and helps us to make decisions.
  • It offers automation and risk visibility.
Read full review
Cons
  • Devices found and scanned are never removed. Removal must be done manually with no option for automation.
  • The database can be fragile. Ours quietly corrupted and progressively degraded until we had to restore and lose 6 months of data. Still didn't fix it and had to be rebuilt again losing all data.
  • Workflow for delegating remediation is supposed to be helpful, but can also become cumbersome.
  • Scheduling can become a nightmare if not monitored closely. We found jobs had failed to run because the server had gone offline. When the server came online, it did not try to run missed jobs. Running missed jobs all at once can overload the server, but searching for and launching a large number of missed jobs manually is a pain.
Read full review
  • Deduping of assets could be better.
  • The weighting of vulnerabilities is hard to describe to non technical executives.
  • The Business Groups and Tagging needs improvement. Or at least allow tags to be removed if not needed. Now they are static from the API feed.
Read full review
Usability
While I think it is a great tool and platform, I believe it (like all tools and solutions) is always evolving and the needs for clients are changing as the industry evolves and threats are upgraded. Cost is good, and support is helpful. Some things could be more granular and others could be easier to understand
Read full review
No answers on this topic
Support Rating
I gave it a seven due to the functionality and general ease of use after the initial setup headaches, but compared to Qualys, Rapid7 Nexpose falls short on features and ease of use. Their support drags this rating down a point as well. I have gone weeks with no update on semi-critical issues and typically have to make call after call to get a semi-coherent response.
Read full review
No answers on this topic
Alternatives Considered
I think Tenable is very comparable and they are both leaders in this space. I evaluated both of them side-by-side and ultimately decided to go with Rapid7. Tenable did have a slight edge on the amount of information I was getting from the machines, but I landed on R7 because I found the features of the InsightVM tool to be more useful. They both get the job done, but I found InsightVM a better experience to use on a day-to-day basis and had better quality of life features that I was looking for.
Read full review
Vulcan was easier to implement with our existing Security environment. The UX and UI were more intuitive and user-friendly. While SOAR is a super solid product, for our business Vulcan made more sense. It was more of a natural fit for a rapidly-expanding company in a hyper-growth phase using Edge technology.
Read full review
Return on Investment
  • It certainly has a more positive impact than negative impact while performing the scans. Nexpose can find report vulnerabilities that our other scanner fails to identify during the scan because of its defined scan templates.
  • Also, even if the scan is not being performed due to some issues like reachability, whitelisting, etc. it will try to give scan results unlike QualysGuard which just marks the asset as unreachable.
Read full review
  • Allows much better prioritizing of which assets are most vulnerable
  • Allow a better understanding of what assets are actually under real threat vs. what is assumed to be vulnerable, but the real world fact is the system would be hard to reach internally, so it's not as vulnerable.
Read full review
ScreenShots