Overview

1/1

Rapid7 InsightIDR is a cloud-based SIEM built for security teams in need of a solution that can quickly detect and respond to threats in today's ever-evolving hybrid and multi-cloud IT environments.

InsightIDR deploys quickly. Customers routinely get up and running in under a day. A library of 900+ out of the box detections lets InsightIDR start detecting threats as soon as deployment is complete.

Once deployed, InsightIDR monitors your entire IT environment. It can ingest CloudTrail, GuardDuty, EC2 network traffic, and raw logs sent via SQS from multiple AWS accounts plus data from other cloud services, on-premises networks, and remote endpoints. From there, you can use InsightIDR to:

Visualize and search all your security data in a single intuitive interface
Quickly detect threats and minimize false alarms with user and attacker behavior analytics, backed by a vast community of threat intel
Build layered defenses with honeypots, honey credentials, and honey files
Detect use of new AWS regions, services, and EC2 instance types
Cut investigation times with detailed log timelines and automated response workflows
Meet log, event, and File Integrity Monitoring (FIM) requirements of compliance frameworks like PCI, HIPAA, and GDPR

InsightIDR is also available as a managed service.

NOTE: InsightIDR's attribution engine requires access to Microsoft Active Directory, DHCP, and LDAP. Before purchasing, please read documentation and contact Rapid7 with any questions.

Highlights

Resolve incidents faster: InsightIDR's visual investigation timeline makes it easy to validate and quickly understand the scope of an attack. In addition, automation capabilities let you instantly take actions such as quarantining compromised assets.
Get up and running in hours: InsightIDR is SaaS-based, making it easy to deploy in a fraction of the time of traditional SIEMs.
Monitor everything with one tool: Centralize data from cloud and on-prem networks, off-network endpoints, cloud services like AWS GuardDuty, and SaaS solutions like Office365. This consolidated view of your environment makes it easier to detect and respond to intrusions.

Details

Sold by

Rapid7

Features and programs

Vendor Insights

Info

Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.

Security credentials achieved

(1)

ISO27001

View security profile

Financing for AWS Marketplace purchases

AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.

View financing details

Pricing

InsightIDR - SIEM for Threat Detection and Response

Info

View purchase options

Pricing is based on contract duration. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.

12-month contract (5)

Info

Dimension	Description	Cost/12 months
IDR Essentials - 500 A.	Monitor up to 500 assets. 0.5TB/mo limit, 13 month data retention	$21,479.00
IDR Advanced - 500 Asset	Monitor up to 500 assets. 0.6TB/mo limit, 13 month data retention	$33,682.00
IDR Ultimate - 500 Asset	Monitor up to 500 assets. 0.8TB/mo. Incl. ENTA, unlimited automation.	$46,149.00
Custom Pricing	Custom Pricing w/ terms and overages to be defined in Private Offer.	$1,000,000.00
Managed IDR	Service terms and coverage to be defined in Private Offer	$1,000,000.00

Vendor refund policy

Please see the seller website for refund details.

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Delivery details

Software as a Service (SaaS)

SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

Resources

Vendor resources

Secure AWS Workloads with Rapid7 Insight Products

Support

Vendor support

Rapid7 Customer Support services provide rapid resolution of issues. We include Customer Portal Support, 24 hour vulnerability service level agreement, 24 hour incident response time, and a reliable testing guarantee. https://www.rapid7.com/for-customers ,

Get support

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Similar products

Managed Detection and Response (MDR)

By Rapid7

Rapid7's Managed Detection and Response (MDR) service extends your security team, so your organization can benefit from 24x7 threat detection and response without hiring additional headcount. Our world-class experts manage the burden of threat monitoring, detection, and how to respond, so you can improve your cyber resilience and focus on what matters most. This collaborative partnership enhances your cybersecurity decision making to continuously improve your resilience and stop malicious activity across your expanding modern environment: AWS, endpoints, network, users, and more.

View product

Rapid7 InsightIDR Professional Services – Expert Deployment and Opt.

By Aspire Tech

Rapid7 InsightIDR offers a SIEM solution that integrates real-time threat detection, behavioral analytics, and automated incident response. Our professional service ensures seamless deployment and integration of InsightIDR, enhancing your organization's security posture with advanced analytics and actionable insights.

View product

Novawatch - Managed Cloud Detection & Response

By Novawatch

Novawatch operates a managed security service to support your AWS workloads and function as an extension of your team. Novawatch’s team of security experts provide 24/7 threat monitoring and response capabilities and understand AWS infrastructure and security. Novawatch can leverage your existing tech-stack to ingest your logs and alerts across your entire attack surface and improve your AWS security posture.

View product

Deployment and Training Services

By Rapid7

Rapid7 offers an array of deployment and training services to ensure customers start getting value out of their Rapid7 solutions as quickly as possible.

View product