Cisco Vulnerability Management (formerly Kenna.VM) vs Rapid7 InsightVM comparison

Cisco and Rapid7 are both solutions in the Risk-Based Vulnerability Management category. Cisco is ranked #22, while Rapid7 is ranked #5 with an average rating of 7.7. Cisco holds a 2.4% mindshare in RBVM, compared to Rapid7’s 8.8% mindshare. Additionally, 100% of Cisco users are willing to recommend the solution, compared to 87% of Rapid7 users who would recommend it.

Cisco Vulnerability Managem...

Read 1 Cisco Vulnerability Management (formerly Kenna.VM) review

1,236 Views
779 Comparison Views

100% willing to recommend

Rapid7 InsightVM

Read 66 Rapid7 InsightVM reviews

7,678 Views
3,839 Comparison Views

87% willing to recommend

Cisco Vulnerability Managem...

Rapid7 InsightVM

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Vulnerability Management (formerly Kenna.VM) and Rapid7 InsightVM based on real PeerSpot user reviews.

Find out what your peers are saying about Qualys, Horizon3.ai, Tenable and others in Risk-Based Vulnerability Management.

To learn more, read our detailed Risk-Based Vulnerability Management Report (Updated: April 2026).

Buyer's Guide

Risk-Based Vulnerability Management

April 2026

Download the complete report

Helped 893,244 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Vulnerability Managem...

Ranking in Risk-Based Vulnerability Management

22nd

Average Rating

8.0

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Cisco Security Portfolio (11th)

Rapid7 InsightVM

Ranking in Risk-Based Vulnerability Management

5th

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Vulnerability Management (12th)

Mindshare comparison

As of May 2026, in the Risk-Based Vulnerability Management category, the mindshare of Cisco Vulnerability Management (formerly Kenna.VM) is 2.4%, up from 2.2% compared to the previous year. The mindshare of Rapid7 InsightVM is 8.8%, down from 14.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Risk-Based Vulnerability Management Mindshare Distribution
Product	Mindshare (%)
Rapid7 InsightVM	8.8%
Cisco Vulnerability Management (formerly Kenna.VM)	2.4%
Other	88.8%

Risk-Based Vulnerability Management

Featured Reviews

AshishPaliwal

Self-employed at Self-employed

Offers contextual prioritization and risk-based remediation of vulnerability

An improvement would be some sort of an integration with any GRC suite. There are a lot of GRC suites available, like Archer, MetricStream, Rsam, Protiviti, for example. So how would a solution like this work if my company has already invested thousands or maybe millions in a GRC solution? Do I still need it and how does it fit into an existing SAP environment? There could be interoperability, having more data sources, integrating Splunk, Qualys, FireEye, Rapid7, Carbon Black. I'm sure all that can be done to an extent, with a little more insight and a little more accuracy on the industry numbers and trends. I'd like the solution to offer any sort of assistance in any way with the remediation part, not just identification of vulnerability risk, and that is second.

Read full review

FurqanLatif

Senior Manager - Pre-Sales at Trillium Information Security Systems

Offers robust compliance features but needs improved automation in remediation

The automation capability remediation needs improvement. The current process requires manually telling IT teams to remediate vulnerabilities, and then they update the status of these vulnerabilities in the platform. This basic feature that Rapid7 calls an automated remediation process is actually manual. We can update the status of vulnerabilities in the Rapid7 InsightVM platform and collectively see how many vulnerabilities we have identified and how many are remediated by our IT team. More automation in the remediation feature is a basic demand from many customers. The remediation part and vulnerability identification of network devices or rigid devices are not currently supported by Rapid7 InsightVM. More integration and automation are the two areas Rapid7 needs to improve in their product.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The risk context of any vulnerability is a valuable feature; that is what it is used for and then data from different sources can be fed into it, and they have good dashboards, risk meters, and virtualization."

"The risk context of any vulnerability is a valuable feature."

"We plan to keep using this tool, and we don't want to get into another scanning tool right now because it has been selected as an enterprise tool."

"Using Rapid7, we can install a scan engine, we can do our VPN connections, and we can conduct internal scans of remote sites. We prefer the web application. It's smarter and more accurate from an application perspective."

"The most valuable feature is the site scanning, where we can provide a complete subnet and what it is we need to scan on those devices."

"The risk score that they provide makes it easier to find out the biggest risks, helping the security officers understand where the biggest risks are so that they can act on them by instructing their IT teams to give them a higher priority and mitigate them."

"When you connect any new device to the network, Rapid7 has the ability to detect the new device immediately. It can scan that device to detect if it has any vulnerability. It tells you what is vulnerable and what has been misconfigured. It also tells you what is the risk of that misconfiguration or lack of patches and how to resolve the problem."

"The remediation project is a pretty effective because it allows us, as clients or countries, to choose specific assets and set limitations on them for a certain period which allows us to track and follow up on those limitations. However, when it comes to real-time monitoring and live dashboards, InsightVM doesn't quite fit the bill. It's not a real-time solution and is not instant."

"I like Rapid7's scan optimization options."

"The cost is what is most valuable, because compared to other products on the market the cost is more palatable and the solution provides a single pane of glass where I can do most things."

More Rapid7 InsightVM pros

Cons

"An improvement would be some sort of an integration with any GRC suite."

"We could always have a cheaper price, but other than that it's pretty good stuff."

"In order to be able to properly test the solution and make a decision, I would like to receive the test license code instantly and eliminate the wait time."

"There was functionality present previously, however, currently, we can't integrate directly with Jira Service Desk - only the cloud version."

"Some of our customers want to be completely cloud based, and Rapid7 doesn't offer this as an option."

"The on-premise updates could improve from Rapid7 InsightVM."

"The solution should include a tighter integration with third-party threat modeling and threat intelligence tools."

"This solution is expensive, but it's fine for us as we have an open budget for security solutions."

"The reporting has room for improvement. You cannot customize any report. If I need a specific requirement, I have to create a new report for it."

More Rapid7 InsightVM cons

Pricing and Cost Advice

"I think the pricing is based on the number of endpoints, so it's more subscription-based."

"The solution's pricing is better than Nexus which charges a high amount for very little use."

"Its price is too high. My only concern or issue with Rapid7 is its pricing."

"The price of the solution is less than the competitors."

"The licensing is asset-based and very straightforward."

"Comparing the price with the value that we receive, I am not happy with it."

"The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."

"We have an annual license to use Rapid7 InsightVM and if we want to extend it, we will possibly choose more than one year."

"The tool's price is neither too high nor too low. My company needs to pay 65,000 per year. There are no additional costs apart from the licensing fees attached to the solution."

More Rapid7 InsightVM pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.

See recommendations

893,244 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Retailer

16%

Computer Software Company

13%

Financial Services Firm

11%

Manufacturing Company

Financial Services Firm

12%

Manufacturing Company

Computer Software Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

By reviewers
Company Size	Count
Small Business	29
Midsize Enterprise	14
Large Enterprise	25

Questions from the Community

Ask a question

Earn 20 points

How would you choose between Rapid7 InsightVM and Tenable Nessus?

You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightVM?

My experience with the pricing, setup cost, and licensing is that both the setup cost and licensing are great.

See all answers

What needs improvement with Rapid7 InsightVM?

To improve Rapid7 InsightVM, I wish to have integration with patching systems, which would be useful to us. The usability of Rapid7 InsightVM is excellent, and the reporting module is one of the mo...

See all answers

Comparisons

Vulcan Cyber vs Cisco Vulnerability Management (formerly Kenna.VM)

Compared 15% of the time

Brinqa vs Cisco Vulnerability Management (formerly Kenna.VM)

Compared 10% of the time

Qualys VMDR vs Cisco Vulnerability Management (formerly Kenna.VM)

Compared 9% of the time

Cisco Secure Network Analytics vs Cisco Vulnerability Management (formerly Kenna.VM)

Compared 8% of the time

Cisco Identity Services Engine (ISE) vs Cisco Vulnerability Management (formerly Kenna.VM)

Compared 7% of the time

More Cisco Vulnerability Management (formerly Kenna.VM) Competitors

Qualys VMDR vs Rapid7 InsightVM

Compared 15% of the time

Tenable Security Center vs Rapid7 InsightVM

Compared 12% of the time

Tenable Nessus vs Rapid7 InsightVM

Compared 12% of the time

Microsoft Defender Vulnerability Management vs Rapid7 InsightVM

Compared 4% of the time

Pentera vs Rapid7 InsightVM

Compared 1% of the time

More Rapid7 InsightVM Competitors

Product Reports

Buyer's Guide

Risk-Based Vulnerability Management

April 2026

Cisco Vulnerability Management (formerly Kenna.VM) report

Download Cisco Vulnerability Management (formerly Kenna.VM) product report

Buyer's Guide

Rapid7 InsightVM

April 2026

Download Rapid7 InsightVM product report

Also Known As

Kenna.VM, Kenna Security, Kenna, Kenna Security Platform

InsightVM, NeXpose

Overview

Cisco Vulnerability Management (formerly Kenna.VM) provides a comprehensive approach to identifying, prioritizing, and mitigating vulnerabilities in IT environments, helping organizations to manage risk effectively.

Designed with advanced analytics, Cisco Vulnerability Management supports risk-based vulnerability management, enabling IT teams to focus on the most critical threats. This platform integrates seamlessly with existing security tools, offering a centralized solution for prioritizing vulnerabilities based on risk level. By aligning security efforts with business objectives, it ensures that resources are directed towards the most impactful areas of risk reduction.

What are the key features of Cisco Vulnerability Management?

Risk Scoring: Assesses vulnerability severity with contextual risk metrics, aiding prioritization.
Integration Capabilities: Connects with existing security architecture for streamlined workflow.
Data-Driven Insights: Offers actionable intelligence on security posture improvements.
Dynamic Dashboards: Provides real-time visibility into threat landscape and mitigation efforts.

What benefits can users expect from Cisco Vulnerability Management?

Improved Risk Prioritization: Focuses on high-impact vulnerabilities, optimizing remediation efforts.
Efficient Resource Allocation: Directs IT resources to the most pressing security threats.
Increased Security Posture: Enhances organization-wide security through informed decision-making.

In industries like finance and healthcare, Cisco Vulnerability Management is crucial for maintaining stringent compliance standards. Its ability to integrate within complex IT ecosystems allows for flexible adaptation across sectors, ensuring that industry-specific vulnerabilities are effectively managed and mitigated.

Cisco

Rapid7 InsightVM provides advanced vulnerability scanning and remediation tracking with real-time data integration. Its intuitive interface supports both agent and agentless modes, enhancing cybersecurity by reducing exploitable vulnerabilities.

Rapid7 InsightVM integrates smoothly with existing security infrastructure, supporting detailed dashboards and reporting features for efficient risk scoring and vulnerability management. Users value its comprehensive asset tagging and the ability to prioritize vulnerabilities, appreciating host discovery capabilities. While InsightVM requires enhancements in reporting flexibility and patch management integration, and users seek improved support response times and extended security measures. Desired improvements also include greater integration with other tools and expanded dashboard customization.

What are the key features of Rapid7 InsightVM?

Vulnerability Scanning: Delivers detailed assessments of network vulnerabilities.
Risk Scoring: Provides efficient risk prioritization guided by detailed analytics.
Dashboards: Offers customizable, comprehensive metrics for insightful reporting.
Asset Tagging: Supports efficient asset management with intuitive tagging capabilities.
Host Discovery: Features robust host discovery for enhanced security coverage.

What benefits should reviews highlight?

Real-Time Data: Enables timely and accurate vulnerability management.
Intuitive Interface: Facilitates easier user interaction and quick access to vital functions.
Integration Capabilities: Seamlessly works with existing systems for enhanced security.
False Positives Reduction: Improves accuracy, minimizing reporting errors.
Comprehensive Insight: Provides valuable insights that aid in prioritization and remediation.

InsightVM's implementation spans several industries, offering robust solutions in vulnerability management, patch management, and cybersecurity compliance facilitation. Organizations leverage its capacity for comprehensive network monitoring and critical vulnerability visibility to enhance their cybersecurity posture.

Rapid7

Sample Customers

TransUnion

ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM

Buyer's Guide

Risk-Based Vulnerability Management

April 2026

Download Free Report

Find out what your peers are saying about Qualys, Horizon3.ai, Tenable and others in Risk-Based Vulnerability Management. Updated: April 2026.

DOWNLOAD NOW

893,244 professionals have used our research since 2012.

See our list of best Risk-Based Vulnerability Management vendors.

We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.