Agent Mode
English

Rapid7 Command Platform

Rapid7

Reviews from AWS customer

4 AWS reviews

External reviews

86 reviews
from and

External reviews are not included in the AWS star rating for the product.

4-star reviews ( Show all reviews )

    Staffing and Recruiting

InsightIDR is a great SIEM/incident response tool.

  • May 18, 2018
  • Review provided by G2

What do you like best about the product?
Insight does some great things - it collects all the information you need for security incidents innone place and allows you to prioritize that response
What do you dislike about the product?
That it must run on a windows machine, for some companies this is a non-starter - it uses Active Directory to match resources to incidents
What problems is the product solving and how is that benefiting you?
InsightIDR helps you process your potential incidents and breaches - it is an invaluable too to do so
Recommendations to others considering the product:
The only non-starter was the AD/Windows requirement - otherwise this is a fantastic product!

    Ryan C.

Mature and ready for a small team!

  • January 10, 2018
  • Review provided by G2

What do you like best about the product?
My team is very small (myself and my manager), so we needed something that was easy to use (and USEFUL) out of the box. We didn't mind tweaking and adjusting things, but there had to be some very quick turn around. And we couldn't dedicate a person to just manage our SIEM, like Arcsight needs. We like the cooperation of on-premises and cloud operations, along with the in-app documentation for investigations ("Notes").
What do you dislike about the product?
There are some investigations that are unnecessary for our case. For example, we could tell the system that UserX is allowed to login remotely to any system (used for sysadmins). But we couldn't say that SystemX should be accessible by any user in the domain, and to stop alerting on it.
What problems is the product solving and how is that benefiting you?
We can see multiple sources of event data, and it correlates this across all other sources. We have caught numerous attack attempts, and used it to justify our ongoing Multi-Factor Authentication project.
Recommendations to others considering the product:
Get as many log sources as you can into this. The more data it can use, the better it works.

showing 51 - 52