Core Security vs Rapid7 for Continuous Security

Posted by UpGuard

Core Security vs. Rapid7

Despite espousing a common, layered approach to security these days, most enterprise security suites have taken markedly divergent paths to essentially arrive at the same location. For example, some solutions started out as intrusion detection and protection systems (IDPS) and gradually added on vulnerability detection and security information and event management (SIEM). Others began as penetration testing (pentesting) tools—or have built their offerings around pen testing—and similarly expanded their solutions to include other security mechanisms like endpoint protection and anomaly detection. Core Security and Rapid7 are two such enterprise security suites; let's see how they stack up in this comparison.

Organizations taking a vigilant stance against cyber attackers will often institute regular pentesting routines to test the security of their systems, applications, and infrastructures/environments. Pentesting allows firms to discover and exploit existing vulnerabilities for the purposes of identifying at-risk routes, failing security policy controls, and previously unknown security flaws.

Top 10 Red Hat Enterprise Linux 5 Security Checks

Generally speaking, Core Security and Rapid7's offerings revolve around two core competencies: pentesting and vulnerability assessment/management. Both firms have built comprehensive security suites around these competencies, to include capabilities such as access management and security information and event management (SIEM), among others.

Core Security

Core Security was founded in Argentina two decades ago as a provider of pentesting and vulnerability assessment services. Its flagship pentesting product, Core Impact, has become an industry leading platform for vulnerability testing. Additionally, its Core Vulnerability Insight allows enterprises to unify, regulate, and prioritize vulnerability management initiatives.

Core Impact UIThe Core Impact user interface. Source: blog.coreimpact.com.

Rapid7

You've perhaps heard of the open source Metasploit Framework—purportedly the the world’s leading pentesting tool. Released in 2004, the project features an advanced platform for developing, testing, and using exploit code. Rapid7 acquired Metasploit back in 2009 and is the project's current owner. The project finds itself integrated into many of the company's solutions, including the Nexpose vulnerability management platform and the InsightIDR incident detection and response/SIEM platform, among others.

Rapid7 UIThe Rapid7 user interface. Source: rapid7.com.

Side-by-Side Scoring: Core Security vs. Rapid7

1. Capability Set

Both Core Impact and Rapid 7 are powerful tools for exploitation and vulnerability assessment, but Rapid7's Nexpose supports the complete vulnerability management lifecycle management, from discovery to mitigation—on top of the popular Metasploit for vulnerability exploitation. That said, Core Security does offer extended capabilities through other offerings like Access Insight and the Access Assurance Suite for user identity and access management.

Capability Set

Core Security score_4.png
Rapid7 score_3.png

2. Ease of Use

Rapid7's clean web interface—coupled with the ubiquity of Metasploit—gives Core Security the win in this category. In contrast, Core Security's dated interface is less intuitive and certainly not as pleasant to look at as Rapid7's.

Ease of Use

Core Security score_5.png
Rapid7 score_4.png

3. Community Support

Both feature several community-based support options, but Rapid7's resources are certainly more numerous and varied—in large part no doubt to the popularity of its open source Metasploit framework. Additionally, Core Security's Force.com-based community portal pales in comparison to Rapid7's robust community site.

Core Security score_4.png
Rapid7 score_5.png

4. Release Rate

Both platforms have seen regular releases over the years, though Rapid7's open source Metasploit Framework is the most actively maintained. Additionally, Core Security's rebranding and product renaming efforts over the years makes it difficult to track product releases.

Release Rate

Core Security score_570-2-1.png
Rapid7 score_570-2-1.png

5. Pricing and Support

The Metasploit Framework remains free and open source, despite being acquired by Rapid7. Express versions of Nexpose and Metasploit start at $2,000 and $5,000, respectively, with a full-featured pro edition starting at $15,000 per year. In contrast, Core Impact costs almost twice as much—upwards of $30,000. Both vendors offer the standard range of support options.

Pricing and Support

Core Security score_570-2-1.png
Rapid7

score_570-2-1.png

6. API and Extensibility

Rapid7's Nexpose features an XML-based API while its Metasploit Framework offers a REST API for integrating custom applications with its services. In contrast, Core Security does not offer an API for any of its products.

API and Extensibility

Core Security score_570-2-1.png
Rapid7 score_570-2-1.png

7. 3rd Party Integrations

Core Impact integrates with leading vulnerability scanners like QualysGuard, NESSUS, and even Rapid7's own Metasploit. Rapid7 is also strong in this category, featuring integrations with leading vendors/platforms like AWS, ForeScout, Jenkins, Okta, VMware, and Splunk, among others.

3rd Party Integrations

Core Security score_570.png
Rapid7 score_570.png

8. Companies that Use It

Core Security is in use by global enterprises including EMC, Experian, Mastercard, and Credit Suisse, to name a few. Similarly, Rapid7's customer list is equally impressive: Adobe, Amazon.com, Ingram Micro, Johnson & Johnson, and Microsoft, among others.

Companies that Use It

Core Security score_570.png
Rapid7 score_570.png

9. Learning Curve

For most pen testers, getting up-to-speed with both platforms should be trivial; however, Rapid7's contemporary web interface may be more intuitive and accessible to novices.

Learning Curve

Core Security score_570.png
Rapid7 score_570.png

10. CSTAR Score

Both companies perform well when it comes to managing digital resilience and cyber risk, as quantified by their CSTAR scores. No major website perimeter and email security risks exist.

CSTAR Score

Core Security score_rapid.png
Rapid7 score_core.png

 

Scoreboard and Summary

  Core Security Rapid7
Capability Set score_570.png score_570.png
Ease of Use score_570.png score_570.png
Community Support score_570.png score_570.png
Release Rate score_570.png score_570.png
Pricing and Support score_570.png score_570.png
API and Extensibility score_570.png score_570.png
3rd Party Integrations score_570.png score_570.png
Companies that Use It score_570.png score_570.png
Learning Curve score_570.png score_570.png
CSTAR Score score_appd.png score_dyna.png
Total  3.3 out of 5  4.8 out of 5

 

Pen testing is a critical component of enterpise security—without it, firms can only assume that their security controls are working as expected. Borrowing from Core Security's tagline, pen testing allows you to "think like an attacker" and subject your infrastructure to simulated cyber attacks. Both Core Security and Rapid7 are competent pen testing suites that provide comprehensive vulnerability exploitation and assessment services. However, Rapid7's more attractive price point and popular open source Metasploit Framework certainly give it an advantage over Core Security.

Get the Digital Resilience eBook

More Articles

Datadog vs. New Relic

Monitoring tools have come a long way since the early days of Big Brother. Today's solutions have evolved into powerful software troubleshooting and performance analytics platforms capable of deconstructing and analyzing the entire application stack—infrastructure up—for bugs and issues.

Cisco vs. FireEye for Continuous Security

Who provides better continuous security: the world's largest maker of networking equipment or the first cybersecurity firm certified by the U.S. Department of Homeland Security?

Read Article >

AlienVault vs. Tenable for Continuous Security

As perimeter-based cyber protection falls to the wayside, a new breed of continuous security solutions are emerging that combine traditional endpoint protection with newer technologies like security information and event management (SIEM) and crowdsourced threat intelligence.

Read Article 

Topics: vulnerabilities, pentesting

UpGuard customers