Patch Manager Plus is an automated patch management software that provides enterprises with a single interface for all patch management tasks. The vendor claims it works across platforms, helping users patch Windows, Mac, Linux & 300+ third-party applications. With Automated Patch Deployments, users can automate the entire process of patch management:…
$245
50 endpoints
Rapid7 InsightVM
Score 8.9 out of 10
N/A
InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also offers advanced remediation, tracking, and reporting capabilities not included in Nexpose.
$19
per GB
Pricing
ManageEngine Patch Manager Plus
Rapid7 InsightVM
Editions & Modules
Professional
$245.00
50 endpoints
Enterprise
$345.00
50 endpoints
Professional
$345.00
50 endpoints
Enterprise
$445.00
50 endpoints
Log Management
$19
per GB
Vulnerability Management
$22
per asset
insightIDR
$52
per asset
Application Security
$2,000
per app
insignConnect
Contact sales team
Offerings
Pricing Offerings
ManageEngine Patch Manager Plus
Rapid7 InsightVM
Free Trial
Yes
No
Free/Freemium Version
Yes
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
Optional
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
ManageEngine Patch Manager Plus
Rapid7 InsightVM
Features
ManageEngine Patch Manager Plus
Rapid7 InsightVM
Threat Intelligence
Comparison of Threat Intelligence features of Product A and Product B
ManageEngine Patch Manager Plus
-
Ratings
Rapid7 InsightVM
7.4
Ratings
7% below category average
Network Analytics
00 Ratings
5.30 Ratings
Threat Recognition
00 Ratings
7.00 Ratings
Vulnerability Classification
00 Ratings
9.30 Ratings
Automated Alerts and Reporting
00 Ratings
9.30 Ratings
Threat Analysis
00 Ratings
7.40 Ratings
Threat Intelligence Reporting
00 Ratings
7.00 Ratings
Automated Threat Identification
00 Ratings
6.70 Ratings
Vulnerability Management Tools
Comparison of Vulnerability Management Tools features of Product A and Product B
Its a best tool for managing and patching an corporate environment, specially the dashboards and the UI which is relatively easy to adapt for someone without prior knowledge of Patching as well. If a company has Secure Gateway Server, then the remote deployment is a plus, it helps to even remotely deploy patches to the remote employees.
I think Rapid7 InsightVM is well suited for large enterprise customers with a lot of assets. It integrates well with a number of different ITSM solutions which I think is very good. There are not many CIS benchmarking tools on the market and Rapid7 InsightVM does a very good job at benchmarking. I think where Rapid7 InsightVM falls down a little is on false positive vulnerabilities. Sometime you there a few positive results on vulnerabily discovery. Tuning the settings for scan engines can sometimes be trick as well.
The API is also a great tool for us to automate lots of routine procedures like scan and report of asset(s) BY EMAIL.
Tagging. It helps sort out results and reports for respective assets Owner for remediation without a lengthy report including unnecessary information for that particular team.
SQL Reporting. It provides advanced reporting and export capabilities that you can not find in the stock report template.
Devices found and scanned are never removed. Removal must be done manually with no option for automation.
The database can be fragile. Ours quietly corrupted and progressively degraded until we had to restore and lose 6 months of data. Still didn't fix it and had to be rebuilt again losing all data.
Workflow for delegating remediation is supposed to be helpful, but can also become cumbersome.
Scheduling can become a nightmare if not monitored closely. We found jobs had failed to run because the server had gone offline. When the server came online, it did not try to run missed jobs. Running missed jobs all at once can overload the server, but searching for and launching a large number of missed jobs manually is a pain.
Very easy to use once you get used to it. It can be a little overwhelming at first since there is so many thing you can do. But as soon as you get use to it, it works like a charm.
While I think it is a great tool and platform, I believe it (like all tools and solutions) is always evolving and the needs for clients are changing as the industry evolves and threats are upgraded. Cost is good, and support is helpful. Some things could be more granular and others could be easier to understand
The support team at Patch Manager Plus has been awesome. Very responsive and knowledgeable. There are times when there is confusion between different tickets but there is still good service.
I gave it a seven due to the functionality and general ease of use after the initial setup headaches, but compared to Qualys, Rapid7 Nexpose falls short on features and ease of use. Their support drags this rating down a point as well. I have gone weeks with no update on semi-critical issues and typically have to make call after call to get a semi-coherent response.
SolarWinds was not selected because it runs on top of SCCM which in itself is problematic and unreliable. We need an application that runs in standalone mode and does not rely on any other application. SolarWinds is also one of the most expensive. Kaseya and GFI LanGuard are overkill as they contain functionality that we do not need or already have. GFI LanGuard for instance does security auditing the same as Qualys that we already have. Kaseya is a full management and automation solution.
I think Tenable is very comparable and they are both leaders in this space. I evaluated both of them side-by-side and ultimately decided to go with Rapid7. Tenable did have a slight edge on the amount of information I was getting from the machines, but I landed on R7 because I found the features of the InsightVM tool to be more useful. They both get the job done, but I found InsightVM a better experience to use on a day-to-day basis and had better quality of life features that I was looking for.
It certainly has a more positive impact than negative impact while performing the scans. Nexpose can find report vulnerabilities that our other scanner fails to identify during the scan because of its defined scan templates.
Also, even if the scan is not being performed due to some issues like reachability, whitelisting, etc. it will try to give scan results unlike QualysGuard which just marks the asset as unreachable.