Rapid7 InsightVM vs. SecurityScorecard

Rapid7 InsightVM

SecurityScorecard

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
Rapid7 InsightVM	Score 8.2 out of 10	N/A	InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also offers advanced remediation, tracking, and reporting capabilities not included in Nexpose.	$19 per GB
SecurityScorecard	Score 8.5 out of 10	N/A	SecurityScorecard provides A-F graded security rating scorecards, to drive improved communication, effective compliance reporting, and more informed decision making. These enable enterprises to rate, understand, and continuously monitor the security posture of any organization worldwide, as well as gain visibility of any organization’s security-control weaknesses and vulnerabilities throughout the supplier ecosystem.	N/A

Pricing

Rapid7 InsightVM

SecurityScorecard

Editions & Modules

Log Management: $19
per GB
Vulnerability Management: $22
per asset
insightIDR: $52
per asset
Application Security: $2,000
per app
insignConnect: Contact sales team

No answers on this topic

Offerings

Pricing Offerings
Rapid7 InsightVM	SecurityScorecard
Free Trial
No	No
Free/Freemium Version
No	No
Premium Consulting/Integration Services
No	No

Entry-level Setup Fee

No setup fee

Additional Details

—

More Pricing Information

Community Pulse
	Rapid7 InsightVM	SecurityScorecard
Top Pros	Pro Easy to use Pro Generate reports Pro Easy and useful	Pro Near real time Pro Full view Pro Good reports
Top Cons	Minus False positives Minus Ticketing system Minus Higher level	Minus Specific industries

Features

Rapid7 InsightVM

SecurityScorecard

Threat Intelligence

Comparison of Threat Intelligence features of Product A and Product B
	Rapid7 InsightVM 8.4 3 Ratings 3% above category average	SecurityScorecard - Ratings
Network Analytics	8.33 Ratings	00 Ratings
Threat Recognition	8.03 Ratings	00 Ratings
Vulnerability Classification	8.33 Ratings	00 Ratings
Automated Alerts and Reporting	8.73 Ratings	00 Ratings
Threat Analysis	8.33 Ratings	00 Ratings
Threat Intelligence Reporting	8.52 Ratings	00 Ratings
Automated Threat Identification	8.33 Ratings	00 Ratings

Vulnerability Management Tools

Comparison of Vulnerability Management Tools features of Product A and Product B
	Rapid7 InsightVM 8.3 3 Ratings 1% below category average	SecurityScorecard - Ratings
IT Asset Realization	8.03 Ratings	00 Ratings
Authentication	8.33 Ratings	00 Ratings
Configuration Monitoring	8.73 Ratings	00 Ratings
Web Scanning	8.33 Ratings	00 Ratings
Vulnerability Intelligence	8.33 Ratings	00 Ratings

Best Alternatives
	Rapid7 InsightVM	SecurityScorecard
Small Businesses	ThreatDown, powered by Malwarebytes Score 8.7 out of 10	No answers on this topic
Medium-sized Companies	CrowdStrike Falcon Score 9.1 out of 10	No answers on this topic
Enterprises	CrowdStrike Falcon Score 9.1 out of 10	SAP Ariba Score 7.9 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	Rapid7 InsightVM	SecurityScorecard
Likelihood to Recommend	8.7 (11 ratings)	9.0 (3 ratings)
Support Rating	7.2 (2 ratings)	- (0 ratings)

User Testimonials
	Rapid7 InsightVM	SecurityScorecard
Likelihood to Recommend	Rapid7 Rapid7 InsightVM is perfect for a scenario where IT admin or CISO wants to scan its infrastructure to be sure that there is no vulnerability that could be exploited from outside or inside the company. It also could be used to automate patching and dealing with vulnerabilities. It's also adapted for users that need cloud security management Incentivized Verified User Anonymous Read full review	SecurityScorecard Good: * Initial recognition of perimeter * Discovery of shadow IT assets * Get nice reports to set baselines and objectives for your customers Bad * Does not provide threat intel as another tool * Not enough documentation for the API or to automate scenarios Incentivized Randy Varela Red Team Lead Read full review
Pros	Rapid7 Being a vulnerability scanner tool, its purpose is to scan the systems to find the vulnerabilities. We can define the assets like IP address for the scans and it also allows to either schedule the scan at a preferred time or start the scan immediately. Upon completion of the scan, this tool can result provide the details like host type, OS information, hardware address, along with the vulnerabilities. Rapid7 Nexpose has a list of templates to perform the scan. Once the templates are defined then the scans are performed accordingly. It also contains an option to add credentials/authentication using passwords, usernames, private keys to perform the credential-based scans which I think is a great feature. Incentivized Verified User Anonymous Read full review	SecurityScorecard Security Ratings Security Assessments Reporting Center Incentivized TH Toño Herrera Information Security Governance & Compliance Manager Read full review
Cons	Rapid7 In comparison to Tenable SecurityCenter we saw it didn't exactly find the same vulnerabilities which we would assume it should have We rely on a ticketing system and not our VM tool to assign tasks so wasn't too useful having that in there Filtering capabilities aren't as good as its competitors Incentivized Verified User Anonymous Read full review	SecurityScorecard Pricing could be reviewed for specific industries which were more impacted by the pandemic situation. Incentivized Antonio Carlos Scola - MSc Owner & Entrepreneur Read full review
Support Rating	Rapid7 I gave it a seven due to the functionality and general ease of use after the initial setup headaches, but compared to Qualys, Rapid7 Nexpose falls short on features and ease of use. Their support drags this rating down a point as well. I have gone weeks with no update on semi-critical issues and typically have to make call after call to get a semi-coherent response. Incentivized Verified User Anonymous Read full review	SecurityScorecard No answers on this topic
Alternatives Considered	Rapid7 Nessus Pro does scans, but does not maintain an inventory from scan to scan. There is no history for a specific device, you have to look inside the results of each scan. Search across inventory is non-existent. There are no dashboards for data analysis. This is no tracking for remediation Incentivized Verified User Anonymous Read full review	SecurityScorecard n/a Incentivized Randy Varela Red Team Lead Read full review
Return on Investment	Rapid7 Can reduce time to patch most critical vulnerabilities Can help to identify who is spending time patching things of lower risk thus keeping the organization in a more vulnerable position Easily provides the patch team with a work plan to enhance security more quickly Incentivized Verified User Anonymous Read full review	SecurityScorecard Get insights about our external security posture Actionable tasks to solve Incentivized TH Toño Herrera Information Security Governance & Compliance Manager Read full review
ScreenShots