AWS CloudTrail vs. Rapid7 InsightVM

Rapid7 InsightVM

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
AWS CloudTrail	Score 9.0 out of 10	N/A	AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of an AWS account. With CloudTrail, users can log, continuously monitor, and retain account activity related to actions across AWS infrastructure. CloudTrail provides event history of AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking,…	N/A
Rapid7 InsightVM	Score 8.6 out of 10	N/A	InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also offers advanced remediation, tracking, and reporting capabilities not included in Nexpose.	$19 per GB

Pricing

AWS CloudTrail

Rapid7 InsightVM

Editions & Modules

No answers on this topic

Log Management: $19
per GB
Vulnerability Management: $22
per asset
insightIDR: $52
per asset
Application Security: $2,000
per app
insignConnect: Contact sales team

Offerings

Pricing Offerings
AWS CloudTrail	Rapid7 InsightVM
Free Trial
Yes	No
Free/Freemium Version
Yes	No
Premium Consulting/Integration Services
Yes	No

Entry-level Setup Fee

No setup fee

Additional Details

You can view, filter, and download the most recent 90 days of your account activity for all management events in supported AWS services free of charge. You can set up a trail that delivers a single copy of management events in each region free of charge. Once a CloudTrail trail is set up, Amazon S3 charges apply based on your usage. You will be charged for any data events or additional copies of management events recorded in that region. In addition, you can choose CloudTrail Insights by enabling Insights events in your trails. CloudTrail Insights analyzes write management events, and you are charged based on the number of events that are analyzed in that region.

—

More Pricing Information

Community Pulse
	AWS CloudTrail	Rapid7 InsightVM

Features

AWS CloudTrail

Rapid7 InsightVM

Threat Intelligence

Comparison of Threat Intelligence features of Product A and Product B
	AWS CloudTrail - Ratings	Rapid7 InsightVM 7.4 6 Ratings 8% below category average
Network Analytics	00 Ratings	5.36 Ratings
Threat Recognition	00 Ratings	7.06 Ratings
Vulnerability Classification	00 Ratings	9.36 Ratings
Automated Alerts and Reporting	00 Ratings	9.36 Ratings
Threat Analysis	00 Ratings	7.36 Ratings
Threat Intelligence Reporting	00 Ratings	7.05 Ratings
Automated Threat Identification	00 Ratings	6.76 Ratings

Vulnerability Management Tools

Comparison of Vulnerability Management Tools features of Product A and Product B
	AWS CloudTrail - Ratings	Rapid7 InsightVM 8.3 6 Ratings 1% above category average
IT Asset Realization	00 Ratings	9.06 Ratings
Authentication	00 Ratings	8.76 Ratings
Configuration Monitoring	00 Ratings	8.76 Ratings
Web Scanning	00 Ratings	7.05 Ratings
Vulnerability Intelligence	00 Ratings	8.36 Ratings

Best Alternatives
	AWS CloudTrail	Rapid7 InsightVM
Small Businesses	Armor Score 6.0 out of 10	Action1 Score 9.5 out of 10
Medium-sized Companies	Druva Security Cloud Score 9.5 out of 10	Action1 Score 9.5 out of 10
Enterprises	Druva Security Cloud Score 9.5 out of 10	CrowdStrike Falcon Score 9.1 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	AWS CloudTrail	Rapid7 InsightVM
Likelihood to Recommend	8.0 (4 ratings)	9.0 (13 ratings)
Usability	- (0 ratings)	9.0 (3 ratings)
Support Rating	- (0 ratings)	7.2 (2 ratings)

User Testimonials
	AWS CloudTrail	Rapid7 InsightVM
Likelihood to Recommend	Amazon AWS It is necessary to enable [AWS] Cloudtrail when using AWS in a production environment, otherwise you will not have any idea what is happening within your accounts. Third party monitoring applications will all require [AWS] CloudTrail to be enabled as well. I would not recommend it solely as a monitoring tool, to get the most out of it you must send the logs elsewhere. Either to Cloudwatch logs or a third party product. Incentivized Verified User Anonymous Read full review	Rapid7 InsightVM is great for finding all devices on your network and where the misconfigurations exist. We all have to patch our systems and applications, but it can be difficult to keep track of which systems are up to date. This tool is very helpful in filling in this gap and helping you organize that information. It is easy to get a big picture view of how your organization is doing from a vulnerability perspective, and it is equally as easy to drill down and get specific details that you need. Prioritization is crucial when it comes to this space, because you can never address every vulnerability, so you need to make sure the highest priority items are being remediated. R7's tool excels in this area and highlights items you weren't even aware of. Incentivized MK Mark Knutson Manager of Information Security Read full review
Pros	Amazon AWS API Log User activity tracking Real-time alerts Incentivized AS Anton Smyslov Product Owner Read full review	Rapid7 Rapid7 InsightVM is good at agentless scanning. Rapid7 InsightVM integration with ServiceNow works very well. Rapid7 InsightVM scales very well with deploying scan engines. It can be used in large organizations. The user interface of Rapid7 InsightVM is very intuitive and user friendly. It is easy to use. Incentivized Verified User Anonymous Read full review
Cons	Amazon AWS [In my experience] Cost can easily get out of control with multiple trails on full logging Logs can be difficult to decipher Incentivized Verified User Anonymous Read full review	Rapid7 From my experience of using this tool, sometimes it gives more false positives. A few times I had performed the scan on the same IP address using QualysGuard and Nexpose, but after comparing the scan results I had found that QualysGuard had provided more accurate vulnerability information. Incentivized Verified User Anonymous Read full review
Usability	Amazon AWS No answers on this topic	Rapid7 While I think it is a great tool and platform, I believe it (like all tools and solutions) is always evolving and the needs for clients are changing as the industry evolves and threats are upgraded. Cost is good, and support is helpful. Some things could be more granular and others could be easier to understand Incentivized Verified User Anonymous Read full review
Support Rating	Amazon AWS No answers on this topic	Rapid7 I gave it a seven due to the functionality and general ease of use after the initial setup headaches, but compared to Qualys, Rapid7 Nexpose falls short on features and ease of use. Their support drags this rating down a point as well. I have gone weeks with no update on semi-critical issues and typically have to make call after call to get a semi-coherent response. Incentivized Verified User Anonymous Read full review
Alternatives Considered	Amazon AWS I think in the end, CloudTrail has more features and you can dive deeper inside the logs so it depends on your usage and what you expect in the end to make the right choice, I would say that both tools are really useful and bring a lot of benefits to I.T. companies. Incentivized Verified User Anonymous Read full review	Rapid7 Rapid7 InsightVM is a more professional tool than Nessus because historically, it was based on metasploit which is a powerful pentesting and exploiting tool. InsightVM covers more attacking scenarios and vulnerabilities than competitors and still a leader in this domain.cloud capability is also not available forNesuus and some other products. Rapid7 InsightVM is a way better as a pentesting tool in my opinion Incentivized Verified User Anonymous Read full review
Return on Investment	Amazon AWS Allows us to investigate any strange api actions Increases security Audit trail of changes made in AWS Incentivized Verified User Anonymous Read full review	Rapid7 After spending 2 years configuring, tuning, troubleshooting, and ultimately having nothing but regrets, we migrated away from the tool and accepted the loss. Support had a variety of opinions, none of them consistent. No best practices. Lots of secret tricks known by support, none documented or shared until after problems are found. Consulting services are available to come out and do a health check of your deployment, for a fee. Incentivized Verified User Anonymous Read full review
ScreenShots	AWS CloudTrail Screenshots