Try our new research platform with insights from 80,000+ expert users

Pentera vs XM Cyber comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Pentera
Average Rating
7.8
Reviews Sentiment
7.2
Number of Reviews
9
Ranking in other categories
Penetration Testing Services (2nd), Breach and Attack Simulation (BAS) (2nd)
XM Cyber
Average Rating
8.0
Reviews Sentiment
7.7
Number of Reviews
2
Ranking in other categories
Continuous Controls Monitoring (7th), Vulnerability Management (34th), Cloud Security Posture Management (CSPM) (26th), Continuous Threat Exposure Management (CTEM) (3rd)
 

Mindshare comparison

Pentera and XM Cyber aren’t in the same category and serve different purposes. Pentera is designed for Breach and Attack Simulation (BAS) and holds a mindshare of 29.3%, up 28.3% compared to last year.
XM Cyber, on the other hand, focuses on Continuous Threat Exposure Management (CTEM), holds 18.4% mindshare, down 26.6% since last year.
Breach and Attack Simulation (BAS)
Continuous Threat Exposure Management (CTEM)
 

Featured Reviews

Jon Medvenics - PeerSpot reviewer
Useful in vulnerability management and can automate pen tests
One of the big issues we have is that the tool has an additional license for compromised credentials. Suppose compromised credentials for any of your domains appear in leaks, dumps, or are being sold. In that case, they try to aggregate that data and highlight that, for example, ten users appeared in recent dumps as compromised credentials. However, they don't provide much information about where those compromises came from or their source information, probably to protect their sources. Also, if you have credentials and want to check if they're still valid or can still be used, and you confirm they can't be used (maybe they're from a leak or a twenty-year-old database), there's no way for you to flag that these credentials aren't a problem anymore. The solution has a sort of flat report. It's annoying to go through lots of legwork only to see the same names or credentials still there, and you can't do anything about it in their portal. We've given them feedback, but I think it's probably on their long list of feature requests to address. For me, that would be a greater user configuration of the tests performed on a granular level. As I mentioned with Cymulate, they show you every line of code they will run and what tool is being used, step by step. Pentera is more closed in that regard. If Pentera released a feature that allows you to alter the attack path or change the command, that would be incredibly useful. Pentera might use one or a few different methods to do something, but if none of those work, it will just say everything is fine and secure. If Pentera could adapt or change based on what it finds in the environment, that would be very valuable. As a customer, we understand our environments better than an automated tool, so providing context to help the tool get better results would be valuable.
Chee Young Tan - PeerSpot reviewer
Has a valuable feature for attack simulation; it highlights the vulnerability and offers recommendations for improvement
XM Cyber helps identify risk by creating a shadow environment mirroring the production system. While it doesn't directly mitigate risks, it simulates attacks across this replica, uncovering vulnerabilities and weak points within the system. Once a WISC is established, it highlights the vulnerability and offers recommendations for improvement. It provides reporting templates, making the process faster. I rate it an eight out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of Pentera is that you can do continuous vulnerability assessment, which is automated."
"The tool showed us that our ransomware protection wasn’t working on some machines."
"What I like the most about Pentera is its solution-oriented approach."
"The platform's most valuable features are credential management and vulnerability management."
"The product is easy to use."
"The vulnerability scanner, exploit achievements, and remediation actions are all great."
"Pentera has many authentic features."
"Pentera has many authentic features."
"What I personally like very much, from my experience, is that it is very reliable."
"The platform's most valuable feature is attack simulation."
 

Cons

"One area for product improvement could be the inclusion of a dashboard to cover multiple branches and subsidiaries, allowing for centralized monitoring."
"There is room for improvement in virtualization compatibility."
"The vulnerability scanner, exploit achievements, and remediation actions are all great."
"The automated penetration testing features must be improved."
"Maybe scalability. I know that the Pentera right now is high level in order to scan big deals over 500 IPs and not less, and not less. That can be more granular. This will be useful."
"The licensing and IP management need improvement. When the IP is imported into a system, we cannot withdraw or revoke the license."
"The licensing and IP management need improvement."
"The price could be improved."
"We'd like to see a cheaper price."
"XM Cyber could identify all areas of vulnerability. They could expand the identification span for different areas."
 

Pricing and Cost Advice

"It's not that expensive, but it could be more cost-effective."
"The tool is relatively cheap."
"The product's cost is reasonable. I rate the pricing a three out of ten."
"We have to pay a yearly licensing cost for Pentera."
"We have to pay standard licensing fees."
report
Use our free recommendation engine to learn which Breach and Attack Simulation (BAS) solutions are best for your needs.
860,632 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Computer Software Company
13%
Manufacturing Company
10%
Educational Organization
6%
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
11%
Retailer
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Pentera?
What I like the most about Pentera is its solution-oriented approach.
What needs improvement with Pentera?
The licensing and IP management need improvement. When the IP is imported into a system, we cannot withdraw or revoke the license.
What is your primary use case for Pentera?
I am using the OpenIntra solution for pentesting and managing candidates in my environment. I also use this solution for house customers.
What do you like most about XM Cyber?
The platform's most valuable feature is attack simulation.
What is your experience regarding pricing and costs for XM Cyber?
We have to pay standard licensing fees. There are no additional costs. It is an expensive product. I rate the pricing a seven out of ten.
What needs improvement with XM Cyber?
XM Cyber could identify all areas of vulnerability. They could expand the identification span for different areas.
 

Comparisons

 

Overview

 

Sample Customers

Blackstone Group Caterpillar Apria Healthcare Taylor Vinters Sandler Capital Management Drawbridge BNP Paribas British Red Cross
Hamburg Port Authority, Plymouth Rock Corporation
Find out what your peers are saying about Pentera vs. XM Cyber and other solutions. Updated: January 2025.
860,632 professionals have used our research since 2012.