SOLUTION COMPARISON BRIEF

Building a More Effective

Vulnerability Scanning Program:
Rapid7 InsightVM Enterprise vs. Tenable SecurityCenter
Continuous View

These days, every vulnerability management tool does a good job of finding vulnerabilities; it’s how you use that data
that matters. Rapid7 InsightVM is used by customers to scan millions of assets, and it focuses on making it easy for
organizations big and small to take the vulnerability results they find and quickly figure out what needs to be fixed first,
and by whom.

The breakdown below is intended to help you better understand how InsightVM tackles your vulnerability management
challenges compared to Tenable SCCV. For additional questions, please contact your Rapid7 Account Executive.

CHALLENGE HOW TENABLE SCCV DOES IT HOW INSIGHTVM DOES IT

Many pre-built dashboards that require

Liveboards that update as soon as
deployment of additional software (LCE),
InsightVM gets new information and are
which are difficult to customize and
fully customizable, allowing you to create
take ~15 minutes to refresh. A multi-step
dashboards for any user, as well as easily
process to create filters and apply them
query your vulnerability and asset data.
to dashboards.

Adaptive Security lets you detect new

Passive Vulnerability Scanner (PVS), devices and vulnerabilities as they join
which requires additional infrastructure to the network without requiring additional
deploy, contains many false positives (and hardware. Lightweight cloud agents feed
Collecting can’t see encrypted traffic), and duplicates live information on known and unknown
information and your existing IDS. Agents require heavy assets into custom dashboards, giving you
gaining visibility resources and act as a local Nessus intuitive tools to assess your environment
into program scanner. with minimal deployment and few false
success positives.

Direct integrations with VMWare,

AWS, and Azure enables InsightVM to
Ability to scan cloud services and automatically discover and scan new
VMWare, but no direct integration to devices as they join the network, import
manage new and deleted assets. Agent tags, and delete old assets as they’re
difficult to clone and requires additional spun down. Lightweight agent can be
scripting to call back to console. embedded in any cloud or virtual image
and automatically clones itself to provide
continuous monitoring on new assets.
082117
 CHALLENGE HOW TENABLE SCCV DOES IT HOW INSIGHTVM DOES IT

Risk Score is calculated using malware

CVSS-based scoring gives you a “Critical, exposure, exploit availability, and age to
High, Medium” rating. Often left with give you a granular 1-1000 scale. Some
thousands of “Critical” vulnerabilities Tenable customers save 40+ man hours
and no guidance on which ones to start per week on prioritizing results after
with. Includes available exploits, but no switching to InsightVM. Threat feeds
algorithm that factors them into risk score. from Rapid7 research and public sources
No threat feeds showing vulnerabilities automatically correlate to vulnerabilities
actively being exploited in the wild. found in your environment, letting you
easily prioritize your riskiest assets.

Prioritizing what’s Integration with Metasploit lets you

important to your No way of testing which vulnerabilities validate which vulnerabilities can be
business can be actively exploited, and no way to exploited live, helping you focus on the
use the vulnerability data for prioritization assets most open to attack and helping
and remediation planning. you ensure controls you’ve put in place
are working correctly.

Tag assets that are more important than

No automated way of testing which others to amplify their risk score, and
vulnerabilities can be actively exploited, they will automatically filter to the top
and no way to use the exploited of remediation reporting. Create and
vulnerability data for prioritization and monitor remediation tasks from within
remediation planning. InsightVM to gain visibility into what’s
actually being fixed.

Remediation Workflows let you assign and

track remediation from within InsightVM,
Several integrations with ticketing ensuring you understand your progress in
vendors, but no way to track remediation between scheduled scans. Remediation
natively in Security Center. Remediation advice is based on strategic planning
advice is based on fixing individual tickets, of remediation projects. Two-way
not strategic view. integration with JIRA and ServiceNow to
Streamlining easily fold remediation into your IT team’s
remediation existing workflows.

Remediation plans filled with Remediation plans focused on which

“informational” vulnerabilities and often individual actions reduce the most risk,
lacking clear step-by-step instructions/ in simple language with everything you
links to patches. need to apply the fix.
InsightVM excels in the areas that are most important to your vulnerability management program:
easy setup and management, risk prioritization, reporting, remediation, and support for your compliance efforts.

KEY INSIGHTVM STRENGTHS TENABLE SCCV RAPID7

Setup & Management

Agent-based and Agent-less Scanning

Scalable to Millions

Automated Actions / Event-driven Scans (Infoblox, AWS, Sonar,

and more)

Intuitive Vulnerability Exception Workflow

50+ Supported Integrations

Risk Prioritization

Advanced Risk Scoring and Contextualization

Metasploit Validation and Prioritization

Reporting & Remediation

Custom Reporting

Real-time Customizable Dashboards

Continuous Live Monitoring

Remediation Workflow and Planning

Query Vulnerability Data Live

Compliance

Templates (CIS, DISA, PCI, Audit, and more)

Policy Editor within UI

SEE THE BENEFITS OF INSIGHTVM FOR YOURSELF.

CONTACT US TO REQUEST A DEMO TODAY:
+1–866–7RAPID7 (Toll Free)
+1–617–247–1717
sales@rapid7.com
www.rapid7.com/insightVM