Rapid7 InsightVM vs. Wiz

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Rapid7 InsightVM
Score 8.9 out of 10
N/A
InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also offers advanced remediation, tracking, and reporting capabilities not included in Nexpose.
$19
per GB
Wiz
Score 8.1 out of 10
N/A
Wiz is a Tel Aviv based, cloud risk visibility solution for enterprise security. It provides a 360° view of security risks across clouds, containers and workloads.N/A
Pricing
Rapid7 InsightVMWiz
Editions & Modules
Log Management
$19
per GB
Vulnerability Management
$22
per asset
insightIDR
$52
per asset
Application Security
$2,000
per app
insignConnect
Contact sales team
No answers on this topic
Offerings
Pricing Offerings
Rapid7 InsightVMWiz
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Rapid7 InsightVMWiz
Considered Both Products
Rapid7 InsightVM
Chose Rapid7 InsightVM
Product functionality and performance
Financial/organizational viability
Product roadmap and future vision
Chose Rapid7 InsightVM
I think Tenable is very comparable and they are both leaders in this space. I evaluated both of them side-by-side and ultimately decided to go with Rapid7. Tenable did have a slight edge on the amount of information I was getting from the machines, but I landed on R7 because I …
Chose Rapid7 InsightVM
Rapid7 InsightVM is more cost effective than the other solution on the market. It is easy to deploy and the user interface is easy to use and intuative. We select Rapid7 InsightVM mainly because it integrates well with ServiceNow compared to the other solution that were …
Chose Rapid7 InsightVM
There is not major changes but I would like to say Remediation process is far organised then Qualys. Easy UI and Live dashboarding is add-on.
Chose Rapid7 InsightVM
Rapid7 InsightVM is a more professional tool than NESSUS because historically, it was based on metasploit which is a powerful pentesting and exploiting tool. InsightVM covers more attacking scenarios and vulnerabilities than competitors and still a leader in this domain.cloud …
Chose Rapid7 InsightVM
I personally like Qualys much better. Out of the box, and the overall configuration is more natural, and the system itself is more stable.
Chose Rapid7 InsightVM
Qualys Cloud Platform (formerly Qualysguard)
Chose Rapid7 InsightVM
Nessus Pro does scans, but does not maintain an inventory from scan to scan. There is no history for a specific device, you have to look inside the results of each scan. Search across inventory is non-existent. There are no dashboards for data analysis. This is no tracking …
Chose Rapid7 InsightVM
Tenable has a more refined look for the reporting that it provides as a result of scanning events, but Nexpose seems to have a better ability to help quantify risk and help prioritize the work needed to get the quickest security result for the team and the company. The Nessus …
Chose Rapid7 InsightVM
Selection was made by my manager. We have used Nessus before and switched to Rapid7 Nexpose.
Wiz
Chose Wiz
Prior to Wiz, I have used mostly AWS security services such as security hub for CSPM and GuardDuty for threat intel. Although these services are great, it makes it hard to centralize this information in a multi-cloud deployment. It is understandable that AWS native services may …
Chose Wiz
Better UI/UX , Adoption rate on development greater the others
Chose Wiz
None. Last time we evaluated this area was years ago. There are none that stack up to Wiz.
Chose Wiz
Wiz aggregates date the best showing you the full attack path to remediate your issue and catch it from the roots.
Chose Wiz
Wiz excelled in a robust real-time assessment held against all platforms and came out on top in a sophisticated scoring system.
Chose Wiz
After previously utilizing Orca and testing Tenable, we preferred Wiz over the competition. The reporting, usability, and feature-rich platform enabled us to investigate security risks and issues simultaneously.
Chose Wiz
As someone relatively new to the security space, coming from a software engineering background in identity, I don’t have deep experience across a wide range of security tools. That said, based on the products I have used—such as Palo Alto’s Cortex XDR, Panorama, GlobalProtect, …
Chose Wiz
Wiz is a solid solution over these other products, it has capabilities in all clouds that we utilize that others didn't have at the time. Its much easier to segment access than CrowdStrike as an example. Engineers quickly because familiar with the tool to help reduce the …
Chose Wiz
We chose Wiz over Tenable.io due to its agentless deployment, holistic security graph, and cloud-native focus. Wiz’s quick setup, intuitive interface, and advanced risk prioritisation provided actionable insights faster, making it a better fit for our multi-cloud environment.
Chose Wiz
We previously used Lacework but transitioned to Wiz as part of our effort to improve cloud security visibility and streamline risk management. While Lacework provided useful insights, we found that Wiz offered a clearer, more intuitive interface and better collaboration …
Chose Wiz
Wiz was better than anything else we looked at.
Chose Wiz
After the evaluation, Wiz performed the best due to the information gathered and the ability to share the data.
Chose Wiz
Tenable.io and Qualys are good just for vulnerability management. Wiz has very good capability to show all issues on single console and also it has provision to show them in different dashboards in different category. It shows cloud configuration gap, AWS cis benchmark gap and …
Features
Rapid7 InsightVMWiz
Threat Intelligence
Comparison of Threat Intelligence features of Product A and Product B
Rapid7 InsightVM
7.4
Ratings
7% below category average
Wiz
-
Ratings
Network Analytics5.30 Ratings00 Ratings
Threat Recognition7.00 Ratings00 Ratings
Vulnerability Classification9.30 Ratings00 Ratings
Automated Alerts and Reporting9.30 Ratings00 Ratings
Threat Analysis7.40 Ratings00 Ratings
Threat Intelligence Reporting7.00 Ratings00 Ratings
Automated Threat Identification6.70 Ratings00 Ratings
Vulnerability Management Tools
Comparison of Vulnerability Management Tools features of Product A and Product B
Rapid7 InsightVM
8.3
Ratings
3% above category average
Wiz
-
Ratings
IT Asset Realization9.00 Ratings00 Ratings
Authentication8.60 Ratings00 Ratings
Configuration Monitoring8.60 Ratings00 Ratings
Web Scanning7.00 Ratings00 Ratings
Vulnerability Intelligence8.30 Ratings00 Ratings
Cloud Computing Security Features
Comparison of Cloud Computing Security Features features of Product A and Product B
Rapid7 InsightVM
-
Ratings
Wiz
7.5
Ratings
4% below category average
Automated Data Backup and Recovery00 Ratings7.30 Ratings
Intrusion Detection and Prevention:00 Ratings8.10 Ratings
Regular Vulnerability Management00 Ratings7.80 Ratings
Identity and Access Management00 Ratings7.60 Ratings
Secure Data Transfer00 Ratings7.30 Ratings
Security Incident Response00 Ratings6.30 Ratings
Compliance and Auditing00 Ratings8.30 Ratings
Best Alternatives
Rapid7 InsightVMWiz
Small Businesses
Action1
Action1
Score 9.5 out of 10
Armor
Armor
Score 6.0 out of 10
Medium-sized Companies
Action1
Action1
Score 9.5 out of 10
Druva Security Cloud
Druva Security Cloud
Score 9.7 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.0 out of 10
Druva Security Cloud
Druva Security Cloud
Score 9.7 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Rapid7 InsightVMWiz
Likelihood to Recommend
9.0
(0 ratings)
8.1
(0 ratings)
Usability
9.0
(0 ratings)
7.9
(0 ratings)
Support Rating
7.2
(0 ratings)
-
(0 ratings)
User Testimonials
Rapid7 InsightVMWiz
Likelihood to Recommend
I think Rapid7 InsightVM is well suited for large enterprise customers with a lot of assets. It integrates well with a number of different ITSM solutions which I think is very good. There are not many CIS benchmarking tools on the market and Rapid7 InsightVM does a very good job at benchmarking. I think where Rapid7 InsightVM falls down a little is on false positive vulnerabilities. Sometime you there a few positive results on vulnerabily discovery. Tuning the settings for scan engines can sometimes be trick as well.
Read full review
Wiz is well-suited if you want to run real-time scans against resources that were recently patched or configured. It is good to keep track of vulnerabilities found and what can be done to resolve the issues without having to open up multiple tabs. Overall, it is good to keep an eye on how well cloud teams or cloud security teams are doing.
Read full review
Pros
  • The API is also a great tool for us to automate lots of routine procedures like scan and report of asset(s) BY EMAIL.
  • Tagging. It helps sort out results and reports for respective assets Owner for remediation without a lengthy report including unnecessary information for that particular team.
  • SQL Reporting. It provides advanced reporting and export capabilities that you can not find in the stock report template.
Read full review
  • Getting started with Wiz was quick and painless. The onboarding process was well-structured, and their team provided solid support to help us integrate Wiz into our cloud environments with minimal effort. Documentation is clear, and their customer success team is always on hand to help with any questions, making the adoption process seamless
  • One of Wiz’s biggest strengths is how clearly it presents security risks. It provides a well organised view of issues, making it easy to see where action is needed. The AI-powered Remediation Wizard is a great feature, offering guided fixes and automation options that speed up resolution, reducing the time spent manually investigating and fixing issues.
  • The Wiz interface is intuitive and easy to navigate, which is a big plus when dealing with complex environments. Everything is laid out in a way that makes it simple to drill down into issues
Read full review
Cons
  • Devices found and scanned are never removed. Removal must be done manually with no option for automation.
  • The database can be fragile. Ours quietly corrupted and progressively degraded until we had to restore and lose 6 months of data. Still didn't fix it and had to be rebuilt again losing all data.
  • Workflow for delegating remediation is supposed to be helpful, but can also become cumbersome.
  • Scheduling can become a nightmare if not monitored closely. We found jobs had failed to run because the server had gone offline. When the server came online, it did not try to run missed jobs. Running missed jobs all at once can overload the server, but searching for and launching a large number of missed jobs manually is a pain.
Read full review
  • Wiz scanning doesn't detect risks in real time. New sensors are now included and these capabilities are growing. I believe that within a year Wiz will get good real time capabilities
  • Wiz can generate a lot of alerts, which can be overwhelming, especially if you have a very dynamic environment. It's important to set up filters so that you only receive alerts for the risks that are most important to you.
  • Wiz can improve the way it augments the vulnerability data with additional data on Technologies. It sometimes has missing technologies but updated its inventory as soon as we opened a case on that.
Read full review
Usability
While I think it is a great tool and platform, I believe it (like all tools and solutions) is always evolving and the needs for clients are changing as the industry evolves and threats are upgraded. Cost is good, and support is helpful. Some things could be more granular and others could be easier to understand
Read full review
The UI is very user-friendly, with documentation available on every page of the application. New users can learn about the product features as they navigate through several different pages, using the instructions at the top of each page, making it quite easy to use.
Read full review
Reliability and Availability
No answers on this topic
Never experience issue yet
Read full review
Performance
No answers on this topic
No issues
Read full review
Support Rating
I gave it a seven due to the functionality and general ease of use after the initial setup headaches, but compared to Qualys, Rapid7 Nexpose falls short on features and ease of use. Their support drags this rating down a point as well. I have gone weeks with no update on semi-critical issues and typically have to make call after call to get a semi-coherent response.
Read full review
it great support very responsive up to the point
Read full review
Implementation Rating
No answers on this topic
Multiple option with automation features as well
Read full review
Alternatives Considered
I think Tenable is very comparable and they are both leaders in this space. I evaluated both of them side-by-side and ultimately decided to go with Rapid7. Tenable did have a slight edge on the amount of information I was getting from the machines, but I landed on R7 because I found the features of the InsightVM tool to be more useful. They both get the job done, but I found InsightVM a better experience to use on a day-to-day basis and had better quality of life features that I was looking for.
Read full review
Prior to Wiz, I have used mostly AWS security services such as security HUB for CSPM and GuardDuty for threat intel. Although these services are great, it makes it hard to centralize this information in a multi-cloud deployment. It is understandable that AWS native services may provide more info and realtime security analysis of its services, but does not scale well with a growing organization looking to leverage amazing tools from other CSPs. Wiz may not have real time analysis or the most relevant vulnerability findings for cloud platforms compared to their native solutions, but Wiz scales extremely well, which in cases is a more valuable asset.
Read full review
Scalability
No answers on this topic
Robots front end API and ment for developer to use
Read full review
Return on Investment
  • It certainly has a more positive impact than negative impact while performing the scans. Nexpose can find report vulnerabilities that our other scanner fails to identify during the scan because of its defined scan templates.
  • Also, even if the scan is not being performed due to some issues like reachability, whitelisting, etc. it will try to give scan results unlike QualysGuard which just marks the asset as unreachable.
Read full review
  • We haven't completed a full rollout yet, but the goal is to shift left security to all of our product teams so that security is a shared effort across the organization.
  • We want to be able to demonstrate fast remediations, corrective action plans with tangibles from Wiz in response to audits or red team findings.
  • We would like to also use information from Wiz to substantiate answers to security questionnaires that customers requires us to fill out in order to do business with them.
Read full review
ScreenShots