The Forrester Wave™: Vulnerability Risk Management, Q4 2019

Rapid7 named a leader, receiving the highest score possible in nine criteria.

Read the Report

What you'll learn: Forrester cites 14 key areas buyers should consider when evaluating VRM solutions. Our own customers tell us that the following 5 capabilities are especially critical...

5 Capabilities Your Vulnerability Risk Management Solution Needs:

1
Visibility of your complete IT environment
Identify all of your externally-facing, internet-connected assets—including those that may be undiscoverable with other tools—to get a complete view of your risk. InsightVM received the highest possible scores for this capability in the Digital Footprinting criteria.
2
Extensibility & integration
Your VRM solution must enable integration, orchestration, and automation of the tools and processes across your stack. InsightVM also received the highest possible scores for its extensibility and Partner Ecosystem.
3
Reporting for the progress that matters most
Tracking the goals and metrics most relevant and impactful to your team is critical; so is communicating those milestones to peers and leadership. InsightVM is designed to track your progress and drive alignment across the organization.
4
Simple pricing
Pricing and budgeting should be simple. InsightVM makes this easier with a price per asset model—no fine print needed.
5
Prioritization for your business
Identify and prioritize risk with complete coverage of your environment and the addition of business criticality to assets. InsightVM also received the highest possible score in the criteria of Vulnerability Enumeration and Risk-Based Prioritization.

Download Report

Rapid7 named a leader in the 2019 Forrester Wave for Vulnerability Risk Management

Rapid7's Insight Platform trusted by 7,800+ organizations & 120+ countries.

“You name it, I’ve used it. I wanted something that gave a more complete view of the risk in our organization.”
Jeffrey Gardner
Director of Information Security at Landmark Health
Watch Now
4:31

What Else Should You Expect from Your VRM Vendor?

In addition to the key areas covered by the Forrester Wave, we’ve rounded up some additional considerations for vendor selection that we’ve heard from our customers:

A unified security platform
In addition to offering our full vulnerability risk management feature set for all InsightVM users, the Rapid7 Insight cloud supports you across the entire security lifecycle, from prevention to detection and response.
Visibility across the organization
Identifying and prioritizing risk is table stakes, but proving the effectiveness of your program is key. Your solution should help you work in tandem with IT operations and communicate how you’ve tangibly reduced risk for your organization both within your team and to leadership.
Commitment to service and success
We guarantee 99.95% uptime. On the off-chance our system availability drops, only Rapid7 offers up to a 100% service credit of the prorated monthly fee paid. Other vendors cap service credits at a mere 10% or less.
Demonstrable ROI
In an exclusive case study from Forrester, Rapid7 customers offer visibility into the ROI of their programs, featuring a significant decrease in incidents and spend when switching to Rapid7 from another VRM vendor. Request early access to the report >
Since using InsightVM, we’ve cut down vulnerability detection and remediation time to under a week, added real-time progress tracking, and more easily reported metrics to the C-suite.”
James Cairns
Bow Valley College
James Cairns