Rapid7 MDR Reviews

The typical use case for Rapid7 MDR is that it is highly valued. It is not so bad, but competition with EDR is tough. Rapid7 MDR does not position itself as EDR or XDR, so it is rather a SIEM type solution, which makes it different from CrowdStrike, SentinelOne, or Microsoft. They are not in the competition listing of EDR products.

The features of Rapid7 MDR that I find most effective for threat detection are the threat intelligence capabilities because it already collects many vulnerabilities and exploitations, as well as the configuration of network devices. They integrate everything into one solution. The other solutions such as CrowdStrike or SentinelOne don't collect all the vulnerabilities or threat intelligence except within their product itself, making Rapid7 MDR very strong in this aspect.

I have seen an ROI from this solution in terms of time savings. Because it includes everything, including SIEM, EDR, and vulnerability control, other solutions require integration of every module and vendor. It is easier to implement once they start, as the modules of the EDR can be challenging to implement and may require consulting.

We use it for our security and virtual center security. It helps us investigate incidents and physical issues.

We've filled in crucial gaps we had with our previous solution. This was a key factor in choosing Rapid7 during the selection process. The ROI is already starting to show, too.

We saw specific cost reductions. We used to pay extra for external user insight and availability management in our old setup. Now, that's all included in Rapid7, which saves us money and simplifies management.

We use the solution in our security operation center. We use the tool to provide more visibility into the security operation center.

It is a good solution. It's not a black box. Our security operations center has similar access to the console that we have access to. It's very open. The product has automation workflows. It has around 5000 detections in it. I trust the solution.

The product is continuously developing. Whenever something new comes out, the product is upgraded. We can also bring in community threat feeds. The product allows us to customize our alerts. Log query searching has come a long way. It doesn’t require us to code anymore. We can just type in what we are looking for.

We can also deploy our agents. The good thing about agents is that we can use the automation workflow to disable user accounts. We can also make it disable and quarantine an asset. These features are provided right out of the box. The workflows do not cost us more money.

My company is also implementing Rapid7 MDR for database security. When comparing it with other solutions like ductless systems, Rapid7 stands out specifically for MDR network protection and response.

Rapid7's MDR service offers several strong points. Firstly, it excels in incident response. Rapid7 focuses not only on incident detection but also on response, aiming to minimize false positives effectively. This capability is crucial for reducing unnecessary alerts and ensuring that responses are targeted and efficient.

Additionally, Rapid7's MDR service extends beyond just incident response. It includes features for vulnerability assessment and vulnerability management, which are essential for proactive security measures. These features help in identifying and managing potential risks before they can be exploited.

Customers want to outsource their services to benefit from expertise, technology, and a faster response time to any incident.

Customers have seen significant improvements in communication and breach detection by moving to Rapid7 MDR. They now have a customer advisor assigned to them and experience improved service and reduced breaches.