I like that it's a cloud-based solution. The features of all SIEM solutions are pretty much the same, but Rapid7 is user-friendly, totally cloud-based, and can integrate into the EDR solution whenever a customer wants it. Those are USPs for us.
Rapid7 Command Platform
Rapid7External reviews
86 reviews
from
and
External reviews are not included in the AWS star rating for the product.
A highly-rated entry-level SIEM solution that is ideal for SMBs
What is most valuable?
What needs improvement?
Because Rapid7 was originally a vulnerability management solution, more and more companies are now moving towards their technologies and their existing SIEM applications and converting them to XDR solutions. Though Rapid7 provides its EDR option with SIEM, it has a long way to go to achieve an XDR status.
I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR because every SIEM solution provider is moving their solutions toward XDR.
For how long have I used the solution?
I've been working with Rapid7 InsightIDR for two years.
What do I think about the stability of the solution?
The product is stable.
Which solution did I use previously and why did I switch?
We used to use QRadar in my previous company. The first difference is in the deployment architecture. QRadar comes with cloud and on-prem options. In countries like Pakistan, where I am from, there are very strict regulations for using cloud solutions, especially in the banking sector. Rapid7 only offers a SaaS-based SIEM.
The second difference between the two is in their licensing. Rapid7 InsightIDR license is applied based on the number of nodes and devices. QRadar, on the other hand, does licenses the events per second.
The third difference is in the threat intelligence QRadar provides, and there's a huge difference between the two in this domain. QRadar is an IBM product that is very old in the SIEM market and provides relatively better threat intelligence than players like Rapid7.
How was the initial setup?
The solution is easy to implement.
What's my experience with pricing, setup cost, and licensing?
Rapid7 InsightIDR is priced very well and is cost-effective.
Which other solutions did I evaluate?
Enterprise-level customers have better options, such as LogRhythm, QRadar, and Splunk. These products are core SIEM-based companies that are old players in this market. Rapid7 is a relatively new entrant in the SIEM market. However, it has strong capabilities, and customers trust big names, big companies they've known from the beginning, who have been working on SIEM solutions since inception.
What other advice do I have?
The benefit of the solution, first of all, is that it's cost-effective. It is also a Gartner leading solution, which provides more credibility in the customer's eyes. Eventually, it benefits us to translate that credibility into achieving more and more revenue through it.
I recommend Rapid7 InsightIDR for SMB companies because there are better options in the market for enterprises.
I rate the solution an eight out of ten.
Awesome Power!
What do you like best about the product?
Prompt, easy to parse alerts on the relevant assets it monitors that allows for a measured and swift response.
What do you dislike about the product?
That every contract I'm on doesn't use it. I am a big fan of the Rapid7 product as a Cybersecurity professional. I think this is the best on the market in the detection and response space.
What problems is the product solving and how is that benefiting you?
Every deployment I've been fortunate enough to to work on the administrator side of the operation is saving TIME and headache. So in terms of labor and my team's sanity = paying dividends.
Helps in the management of compliance, secret events and information
What is our primary use case?
We use the tool for secret events, compliance, and information management.
What is most valuable?
I like the tool's user analysis feature.
What needs improvement?
Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one.
For how long have I used the solution?
We had done our first deployment three years ago.
What do I think about the stability of the solution?
Rapid7 InsightIDR is stable.
What do I think about the scalability of the solution?
The tool is cloud-based and scalable.
How are customer service and support?
Rapid7 InsightIDR's technical support is reactive and supportive. However, they only speak English. Our native language is French and it would be better if they can have some French speaking agents.
Which solution did I use previously and why did I switch?
The solution provides better value than competitors with its modules. The deployment is simple and straightforward. However, Rapid7 InsightIDR is not good for log management.
How was the initial setup?
One of our customers had a Huawei firewall and we required help to do the configuration. However, the installation was easy with other standard vendors like Cisco and Check Point. The product's deployment got completed in four to five days and we required three people to handle it. One person was in charge of the portal's initial set up and the other one handled the integration of on-premises devices. The third one took care of Office 365 integration.
What's my experience with pricing, setup cost, and licensing?
Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs.
What other advice do I have?
I would rate Rapid7 InsightIDR an eight out of ten.
Rapid 7 IDR
What do you like best about the product?
We are now monitoring all logs from various security solutions sent to IDR and it helps our operations in correlating all these findings easily. Saves time in logging in to different UI and we now have a single console of correlation and source of alerts and notifications
What do you dislike about the product?
NOt all solutions can be integrated outside the box. We need to learn all parsings and eliminate all false positives. It takes time for the solution to learn network traffic
What problems is the product solving and how is that benefiting you?
We bought primarily for SIEM purpose and it is benefiting the company in terms of saving time for analyst to go over all solutions for every shift. It has a descent XDR features although we haven't maximized it yet.
It provides excellent visibility a fast response
What is our primary use case?
We provide InsightIDR for our banking and ICT clients.
What is most valuable?
InsightIDR helps us investigate an environment to discover information about incidents.
What needs improvement?
InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal.
For how long have I used the solution?
I have used InsightIDR for four years.
What do I think about the stability of the solution?
I rate InsightIDR 10 out of 10 for stability.
What do I think about the scalability of the solution?
I rate InsightIDR six out of 10 for scalability. The licensing model limits the scalability. The licenses are defined based on assets, so you have to purchase more licenses as you add assets. It's suitable for a small or medium-sized company. We have about 250 users.
How are customer service and support?
I rate Rapid7 support nine out of 10.
How was the initial setup?
I rate InsightIDR eight out of 10 for ease of setup. It takes about seven working days to deploy. We install a connector on the LAN, which links up to the cloud and becomes one of your event sources. Next, you need to integrate everything with the console.
What's my experience with pricing, setup cost, and licensing?
I rate InsightIDR six out of 10 for affordability. It isn't the cheapest solution I've seen, but it offers a greater value than less expensive competitors.
What other advice do I have?
I rate InsightIDR eight out of 10. It's worth a try. InsightIDR provides excellent visibility and threats. The network detection is fast, so you get alerts as soon as something happens.
Great user behavior analytics feature; easy to integrate and collect data from other solutions
What is our primary use case?
We are distributors and sell this product to our customers. I'm a security consultant.
What is most valuable?
The features for user behavior analytics and the rules for attack review are valuable. I also like the honeypot feature. It's easy to integrate and collect data from other solutions.
What needs improvement?
I'd like to see a better ability to customize the check within the console. Rules can be customized better if the integration is improved. They now have integration with CrowdStrike so maybe they could have some kind of integration with Microsoft.
For how long have I used the solution?
I've been using this solution for a year.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
This is a cloud-based product so it's scalable.
How are customer service and support?
The technical support could be improved. We've had times when our requests get stuck with the engineering team and we sometimes don't get a response. That's a problem for us.
How was the initial setup?
All Rapid7 solutions are easy to deploy because if you have any one of the products, the integrations between these products become easier because they have a lot of the important things within a single port. You get a single platform to visualize a lot of different kinds of data.
What's my experience with pricing, setup cost, and licensing?
The pricing is very competitive because the licensing model that we use is based on endpoints which is different from most other solutions.
What other advice do I have?
This solution is suited to all sizes of organizations. We generally deal with small and medium-sized companies.
I rate this solution eight out of 10.
An easy-to-use and stable solution with an intuitive interface
What is our primary use case?
I use the solution for its SIEM functionalities, log analysis, and behavioral analysis.
What is most valuable?
The solution is easy to use, and the interface is intuitive.
What needs improvement?
Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA). So, User Behavior Analytics (UBA) should be added in the new release.
For how long have I used the solution?
I have been using the solution for two years. My company has a partnership with Rapid7.
What do I think about the stability of the solution?
It is a stable solution. My customers are happy to use it.
What do I think about the scalability of the solution?
I do not have any plans to expand the usage of the solution. Currently, one hundred people are using the solution.
How are customer service and support?
I have not used the technical support.
Which solution did I use previously and why did I switch?
Previously, I used IBM.
How was the initial setup?
I was not involved in the initial setup as I am not an engineer.
What's my experience with pricing, setup cost, and licensing?
The pricing is good, and it is not very expensive.
What other advice do I have?
I rate the overall solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Easy to install and manage
What do you like best about the product?
The installation process is very simple, making it easy to control and manage monitored endpoints.
What do you dislike about the product?
I have no negative points about the product
What problems is the product solving and how is that benefiting you?
Ease of management and greater visibility of processes and executions in the monitored environment
Incredible Software!
What do you like best about the product?
I love how easy it is to navigate and find what I need while at the same time being feature-rich with great depth. InsightIDR is my single pane of glass for all my security needs.
What do you dislike about the product?
There's a steep learning curve to get the most out of InsightIDR. It took me quite a while to get acclimated to the workflow but our organization is on the other of that now.
What problems is the product solving and how is that benefiting you?
We now have visibility into areas of our organization that we didn't have a clear line of sight into before. It's been great! Our level of security actioning has gone up a ton!
Detection Rule in Attack Behavior & User Behavior Insight are great for Incident Response Management
What do you like best about the product?
InsightIDR provides dependable incident detection so that we don't get misled with false security alerts in our platform. It offers various Insight Agents which is responsible for reliable endpoint threat detection quick. It effectively captures confidential data and includes relevant context to our alerts so that we obtain excellent visibility for all our security incidents.
What do you dislike about the product?
It effectively eliminates the need for parsing through our endpoint logs to track the issues & security breaches. It gives sophisticated Enhanced Endpoint Telemetry which offers a detailed history of archives from the moment its start activity on the endpoint is initiated. Overall, InsightIDR is suitable to manage our security incidents through its organized detection libraries and excellent user experience.
What problems is the product solving and how is that benefiting you?
We integrate our AWS CloudTrail with InsightIDR to obtain SaaS-based SIEM & XDR solutions for our internal and external attack detections. It delivers superb detection rules to explore various Attacker Behaviour Analytics, User Behaviour Analytics &Alert Modifications. It enables us to work more efficiently through its built-in automation capabilities & avoiding distractions by providing clear network traffic analysis.
showing 21 - 30