Oracle Security Monitoring and Analytics Cloud Service vs Rapid7 InsightIDR comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Oracle Security Monitoring and Analytics Cloud Service and Rapid7 InsightIDR based on real PeerSpot user reviews.

Find out what your peers are saying about IBM, Splunk, Cynet and others in User Entity Behavior Analytics - UEBA.
To learn more, read our detailed User Entity Behavior Analytics - UEBA Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things.""The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running.""The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases.""Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly.""The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system.""The Log analytics are useful.""The analytic rule is the most valuable feature.""Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."

More Microsoft Sentinel Pros →

"The security level that they are maintaining with the pre-authentication keys is very good."

More Oracle Security Monitoring and Analytics Cloud Service Pros →

"The alerting to drive investigations and remediation has been its most valuable feature.​""Simple configuration and automatically syncs to the cloud platform.""The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days.""The solution is easy to use, and the interface is intuitive.""Rapid7's reporting is more robust than Tenable's.""The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue.""InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level.""It is a very stable solution."

More Rapid7 InsightIDR Pros →

Cons
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear.""I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them.""If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement.""The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results.""They could use some kind of workbook. There is some limitation doing the editing and creating the workbook.""Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc.""Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities.""They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."

More Microsoft Sentinel Cons →

"The solution could improve by providing better documentation for beginners to learn, such as videos or other tutorials."

More Oracle Security Monitoring and Analytics Cloud Service Cons →

"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in.""The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources.""InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal.""The main problem lies in the processes within the client's operating systems.""I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR.""I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert.""Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries.""It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."

More Rapid7 InsightIDR Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."
  • More Microsoft Sentinel Pricing and Cost Advice →

  • "The solution is not expensive for the data security measure you receive, it is reasonable."
  • More Oracle Security Monitoring and Analytics Cloud Service Pricing and Cost Advice →

  • "​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
  • "The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
  • "Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
  • "​Accurately predict your licensing counts as this is a subscription based product.​"
  • "The pricing and licensing are competitive."
  • "Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
  • "It is a reasonably priced solution."
  • "It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
  • More Rapid7 InsightIDR Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which User Entity Behavior Analytics - UEBA solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Ask a question

    Earn 20 points

    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is… more »
    Top Answer:During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its… more »
    Top Answer:We chose Rapid7 because of its price. IBM QRadar charges us based on data storage. Rapid7 InsightIDR charges us based on… more »
    Comparisons
    Also Known As
    Azure Sentinel
    SMA Cloud Service
    InsightIDR
    Learn More
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Oracle Security Monitoring and Analytics Cloud Service is a comprehensive solution designed to provide organizations with advanced threat detection and response capabilities. This cloud-based service leverages machine learning and artificial intelligence to analyze vast amounts of security data in real time, enabling proactive identification and mitigation of potential threats. 

    With Oracle Security Monitoring and Analytics Cloud Service, organizations can gain deep visibility into their entire IT infrastructure, including on-premises and cloud environments. The service collects and correlates security data from various sources, such as logs, network traffic, and endpoint telemetry, to provide a holistic view of the security posture. The product's advanced analytics capabilities of this service enable the detection of both known and unknown threats. 

    By applying machine learning algorithms to the collected data, Oracle Security Monitoring and Analytics Cloud Service can identify patterns and anomalies that may indicate malicious activities. This proactive approach helps organizations stay ahead of emerging threats and minimize the risk of data breaches. 

    In addition to threat detection, this service also offers comprehensive incident response capabilities. When a potential threat is identified, Oracle Security Monitoring and Analytics Cloud Service provides detailed alerts and actionable insights to guide security teams in their response efforts. The service also offers automated response actions, allowing organizations to quickly contain and mitigate the impact of a security incident. 

    The product is built on a scalable and resilient cloud infrastructure, ensuring high availability and performance. The service integrates seamlessly with other Oracle security products, such as Oracle Identity and Access Management, to provide a comprehensive security ecosystem. 

    Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Information Not Available
    Liberty Wines, Pioneer Telephone, Visier
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Comms Service Provider8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Financial Services Firm19%
    Computer Software Company14%
    Comms Service Provider6%
    Educational Organization6%
    REVIEWERS
    Comms Service Provider21%
    Computer Software Company21%
    Non Tech Company14%
    Security Firm14%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Manufacturing Company8%
    Financial Services Firm8%
    Government6%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise10%
    Large Enterprise63%
    REVIEWERS
    Small Business61%
    Midsize Enterprise21%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise20%
    Large Enterprise54%
    Buyer's Guide
    User Entity Behavior Analytics - UEBA
    March 2024
    Find out what your peers are saying about IBM, Splunk, Cynet and others in User Entity Behavior Analytics - UEBA. Updated: March 2024.
    765,386 professionals have used our research since 2012.

    Oracle Security Monitoring and Analytics Cloud Service is ranked 21st in User Entity Behavior Analytics - UEBA while Rapid7 InsightIDR is ranked 5th in User Entity Behavior Analytics - UEBA with 29 reviews. Oracle Security Monitoring and Analytics Cloud Service is rated 7.0, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Oracle Security Monitoring and Analytics Cloud Service writes " Easy to install, highly secure standards, and reliable". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Oracle Security Monitoring and Analytics Cloud Service is most compared with AWS Security Hub, LogRhythm SIEM, IBM Security QRadar and ArcSight Enterprise Security Manager (ESM), whereas Rapid7 InsightIDR is most compared with Darktrace, Splunk Enterprise Security, Rapid7 InsightVM, IBM Security QRadar and Microsoft Defender for Identity.

    See our list of best User Entity Behavior Analytics - UEBA vendors and best Security Information and Event Management (SIEM) vendors.

    We monitor all User Entity Behavior Analytics - UEBA reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.