Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
The SIEM your look'n for!
What do you like best about the product?
Threat Community
Behavior Analytics
Custom Log Parsing Rules
OOB Detections and Alerts
Deception Technology
Network Sensors
Behavior Analytics
Custom Log Parsing Rules
OOB Detections and Alerts
Deception Technology
Network Sensors
What do you dislike about the product?
I would love to see the ingress map on the home page be clickable with visible data.
What problems is the product solving and how is that benefiting you?
ISO 27001 compliance for event logging and monitoring.
IDR makes log management simple, the software can literally ingest anything!
IDR makes log management simple, the software can literally ingest anything!
- Leave a Comment |
- Mark review as helpful
Very good SIEM "alternative" for smaller size businesses
What do you like best about the product?
The time from starting the deployment to getting first insights is rapid. If you are committed you seriously can be up and running within a week, no exaggeration.
What do you dislike about the product?
This product is definitely scoped at smaller businesses. Automation is a topic which is falling short at the moment. Rapid7 does promise to better this problem though. But for now, I would not recommend this product for people with an API fetish.
What problems is the product solving and how is that benefiting you?
We use IDR primarily in two ways. Either in incident response, if a company has been breached and we need instant access to a SIEM. Or for the more natural cause of SIEM for smaller businesses.
The usecases are of course numerous, but all primarily focused on security.
The usecases are of course numerous, but all primarily focused on security.
Recommendations to others considering the product:
If you are a smaller company (sub 2-3000 Users) and planing on using this instead of a traditional SIEM, go ahead, you will be very happy.
Not recommended for MSSP, or for huge size companies, because of lack of automation (yes I know InsightConnect exists)
Not recommended for MSSP, or for huge size companies, because of lack of automation (yes I know InsightConnect exists)
Flexible, Intelligent visibility solution
What do you like best about the product?
I like that InsightIDR is easy to use and features are easy to discover. Other competitors require learning a whole lot more, tuning servers, knowing special query languages, etc - InsightIDR is much more straight forward but retains all the power of competitor brands. The cloud-first nature of the product is also excellent - on-prem log collectors are still a thing, but a combination of agents and direct-to-cloud API integrations makes setup simple and relatively painless compared to the syslog servers of yore.
What do you dislike about the product?
Most of my dislikes are around the alert/investigation workflows. For example, default/built-in alert rules can only notify via email to every user, and can't be redirected to a specific email for on-call, or sent to other platforms like Slack. Ticket system integrations are also not all there - only JIRA Service Desk and ServiceNow are supported. Additional integration is available through their Insight Connect product for your own ticket system, but I'd really like to see this be in the core product.
What problems is the product solving and how is that benefiting you?
We are using InsightIDR for our SIEM, behavior analytics, threat hunting, and alert/investigation workflows across our endpoints and servers. We've gained significant visibility using the product - even the built in rules and correlations are excellent and saved us a lot of time on the start-up. Having a well-integrated endpoint agent has also saved us the time of having to build out shipping mechanisms from scratch or dig into each OS to figure out which logs hold the information we care most about.
Perfect solution for UBA and Investigation
What do you like best about the product?
The deployment is very simple and easy..
What do you dislike about the product?
they added a lot of features lately, but every feature needs an extra license.
What problems is the product solving and how is that benefiting you?
InsightIDR is a powerful visibility solution, you can monitor everything happening in your environment through a single interface.
Recommendations to others considering the product:
InsightIDR is perfect, very good interface with a lot of features, and the deployment is very easy.
This is a comprehensive security coverage that deeps insight into any anormaly.
What do you like best about the product?
This software software is able to process millions of transactions per day, and notify me if the most critical one. I has the alerts tuned, and has ability to quickly drill down to determine the threat level, which is very important to me as a person from IT department. In conclusion, this software has the ability to collect data from endpoint devices via agent software, with its large remote workforce allows visibility into the end points that are connected to the Internet, but not the corporate network.
What do you dislike about the product?
So far I have not experienced any serious setbacks, but I feel that system may not be able t define 'false positives' for each type of event. I. E you may get plenty of false alarms.
What problems is the product solving and how is that benefiting you?
With full suite of insight in place, have been able to provide effective oversight to the information security program with measure progress. Dashboards including the main screen, provide much needed information at a glance, without hours of coding and going through all long to find it. Incase of any actual security incident, Insight Idr retains all logs in a secure manner that prevents log tampering.
Recommendations to others considering the product:
You really want to have this software in your for security purposes and real insight into security issues you may not have realized you have. Insight IDR has served as good than any other tool we've used to date.
Gentle on system tough on attacks.
What do you like best about the product?
Excellent in finding attackers, tracking unusual patterns, creating logs and alerts as well as dealing with them.
What do you dislike about the product?
Nothing substantial to put across it is just wonderful product.
What problems is the product solving and how is that benefiting you?
To implement a security system that contain any attackers from invasion of our new software systems and critical project files.
Recommendations to others considering the product:
Great at protection of fragile files and applications such as new softwares that may be damaged by other security products.
Firewall encryption for your critical data.
What do you like best about the product?
I like how it is well coded for automation and monitoring of every asset thus able to detect in time any threat that is about to attack our software files.
What do you dislike about the product?
Too many alerts coming up otherwise it is just wonderful.
What problems is the product solving and how is that benefiting you?
To implement security solutions in our systems for response and threat management for protection of our upcoming software products.
Recommendations to others considering the product:
Good software for anyone with huge data log that needs protection and soft on your software too.
InsightIDR platform for comprehensive security.
What do you like best about the product?
I like the way this software detects the intruder activities step by step using both the user and attackers behaviour.
What do you dislike about the product?
This software has not presented any drawbacks so far in operation with our systems. I can't complain since it has proven to work best.
What problems is the product solving and how is that benefiting you?
We have been using this software to detect and respond to all of the attackers behind the breaches. We can now use our endpoint to detect any intruder in our network security.
Recommendations to others considering the product:
This software is the vest that is easy to implement, to customize and it has proven to be the best for behaviour analytics. I highly recommend it to companies that wish to have comprehensive security.
Best external and internal incident threat rensponse with perfect endpoint visibility and monitoring
What do you like best about the product?
I am awed by the security feature whereby In the event of a breach, security teams will have contextual information of compromised data, time of event, and possible next actions of the intruder.
What do you dislike about the product?
I bear no major dislike for this system,however more intergration is needed on training on its usage eg on error rensponse.
What problems is the product solving and how is that benefiting you?
InsightIDR is a real time saver and a very efficient system because traffic and data is normalized, InsightIDR automatically prioritizes network events and brings notable events to your attention. It filters out non-critical events so you can focus on the important ones.
Recommendations to others considering the product:
Best and swift system to carter for both your incident rensponse and security hence it perfectly discerns false threats and contextualizes malicious events so that action can be taken.Best security system ever!
InsightIDR Review
What do you like best about the product?
Dashboards are awesome and easy to set up
Incident case management is amazing
Easy to sort the logs
Excellent reporting
Incident case management is amazing
Easy to sort the logs
Excellent reporting
What do you dislike about the product?
Nothing I can think of at the moment, it works very well so far
What problems is the product solving and how is that benefiting you?
Securing our platforms, and maintaining privacy as well as securty
Recommendations to others considering the product:
Nothing
showing 31 - 40