Qualys VM and Rapid7 InsightVM: Which is the best vulnerability management solution?

IT Central Station users review two top vulnerability management programs: Qualys VM and Rapid7 InsightVM.

Businesses today must monitor complex, dynamic computing environments, and respond immediately to new issues as they develop. In order to effectively overcome these challenges organizations are having to rethink their vulnerability management programs, as traditional programs are too limited and too slow to keep pace. However, choosing the right solution isn't easy - every business is different, and there is no ‘one size fits all' solution.

Over 388,000 professionals have used IT Central Station research to inform their purchasing decisions. Its latest paper looks at Qualys VM and Rapid7 InsightVM, two of the highest reviewed solutions in the vulnerability management market.

Below is a brief summary of the report, highlighting what real IT Central Station users think of each solution - from their most valuable features, to how they've improved individual businesses, as well as what each solution could do better.

Qualys VM

A cloud-based service that gives immediate, global visibility into where your IT systems may be vulnerable

With an average rating of 8.6 from nine reviews, Qualys VM is a very popular option for those considering a vulnerability management solution. This is reflected in its use across multiple industries, with comms service providers, financial services firms, and healthcare organisations all making use of the solution in their organisations. And although 68% of organisations who utilise the solution are from larger companies with workforces of over 1000 employee companies, Qualys VM still enjoys a healthy presence at smaller organisations.

Users believe that the solution's most valuable features are its vulnerability detection and scanning capabilities which make it easy to identify vulnerabilities across different business networks. It also offers a low false positive rate and easy implementation.  

However, whilst the solution boasts many benefits, its customer support and reporting let the solution down and prevent it from receiving full marks from its users.

Rapid7 InsightVM

Combines complete ecosystem visibility and the agility of SecOps so you can act before impact

Achieving an average rating of 8.1 from nine reviews, Rapid7 InsightVM is also an excellent choice for users considering a vulnerability management solution. Like Qualys VM, Rapid7 InsightVM appeals to a range of industries, from financial services firms, to government organisations and non-tech companies. It also interests organisations of all sizes, with smaller companies making up 17% of reviews and larger organisations accounting for 58%.

Reviewers believe that the solution is very easy to use and install, and they appreciate that it provides different types of reporting which can meet a multitude of different business needs. Where the solution could be improved is with ad-hoc scans, critics argue that it should be made easier to run them without needing to assign the asset to a site or group.