We performed a comparison between ClearSkies SaaS NG SIEM and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"The Log analytics are useful."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"The correlation rules and the user platform are most valuable."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"Very intuitive and easy to set up."
"I rate Rapid7 nine out of 10 for affordability"
"I like that it's a cloud-based solution."
"Log search allows us to dive deep into aggregated logs and query all event types at once."
"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."
"Rapid7's reporting is more robust than Tenable's."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"The troubleshooting has room for improvement."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"They can add behavior analytics and AI or machine learning technology. They also improve their correlation engine. In addition to collecting logs from devices, they can collect the traffic and then correlate these logs and the traffic information."
"The dashboard is an area that could be simplified."
"The product allows us to make only 30 custom rules."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"The main problem lies in the processes within the client's operating systems."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"Needs a better ability to customize the check within the console."
"I feel it would greatly benefit from more supported log sources."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
Earn 20 points
ClearSkies SaaS NG SIEM is ranked 58th in Security Information and Event Management (SIEM) while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews. ClearSkies SaaS NG SIEM is rated 8.0, while Rapid7 InsightIDR is rated 8.4. The top reviewer of ClearSkies SaaS NG SIEM writes "Good correlation rules, competitive pricing, and good stability". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". ClearSkies SaaS NG SIEM is most compared with , whereas Rapid7 InsightIDR is most compared with Darktrace, Splunk Enterprise Security, Rapid7 InsightVM, IBM Security QRadar and Microsoft Defender for Identity.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
