• Home
  • Rapid7 InsightConnect vs. ThreatQ

Rapid7 InsightConnect vs ThreatQ comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Sentinel
Read 85 Microsoft Sentinel reviews
17,715 views|9,994 comparisons
92% willing to recommend
Rapid7 Logo
Rapid7 InsightConnect
Read 2 Rapid7 InsightConnect reviews
357 views|251 comparisons
100% willing to recommend
ThreatQuotient Logo
ThreatQ
Read 2 ThreatQ reviews
520 views|378 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Security Orchestration Automation and Response (SOAR)
April 2024
Executive Summary

We performed a comparison between Rapid7 InsightConnect and ThreatQ based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR).
To learn more, read our detailed Security Orchestration Automation and Response (SOAR) Report (Updated: April 2024).
Download the complete report
769,599 professionals have used our research since 2012.
Featured Review
Anonymous User
Has built-in SOAR, user and entity behavior analytics, and threat intelligence capabilities
Sentinel's threat visibility is good. It has analytics and threat detection capabilities that we can add to our own playbooks. We can use the... Read more →
Al Sedghi
Excellent security orchestration and automation AI features
Anonymous User
Improves the threat intelligence gathering process, but it is not user-friendly
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything.""The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it.""It has basic out-of-the-box integrations with multiple log sources.""It has a lot of great features.""The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user.""What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part.""I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL.""The product can integrate with any device."

More Microsoft Sentinel Pros →

"The tool is stable. The initial setup is straightforward. The product is user-friendly."

More Rapid7 InsightConnect Pros →

"Integrating the solution with our existing security tools and workflows was easy.""The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious."

More ThreatQ Pros →

Cons
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel.""The troubleshooting has room for improvement.""The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards.""If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries.""There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds.""Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex.""I think the number one area of improvement for Sentinel would be the cost.""If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."

More Microsoft Sentinel Cons →

"The technical support should be improved."

More Rapid7 InsightConnect Cons →

"The tool is not user-friendly.""The solution should be simpler for the end-user in terms of reporting and navigating the product."

More ThreatQ Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

    Information Not Available
    Information Not Available
    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
    See Recommendations
    769,599 professionals have used our research since 2012.
    Questions from the Community
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Read all 2 answers   →
    What is your experience regarding pricing and costs for Rapid7 InsightCon...
    Top Answer:The licensing costs are reasonable.
    What needs improvement with Rapid7 InsightConnect?
    Top Answer:The technical support should be improved.
    Read all 2 answers   →
    What is your primary use case for Rapid7 InsightConnect?
    Top Answer:I design workflows and integrate various processes using Rapid7 InsightConnect. This includes integrating with value… more »
    Read all 2 answers   →
    What do you like most about ThreatQ?
    Top Answer:Integrating the solution with our existing security tools and workflows was easy.
    Read all 2 answers   →
    What needs improvement with ThreatQ?
    Top Answer:The tool is not user-friendly. It is not beginner-friendly. It would be very difficult for a beginner to learn the tool… more »
    Read all 2 answers   →
    What is your primary use case for ThreatQ?
    Top Answer:We used the solution for threat mapping and managing IoCs.
    Read all 2 answers   →
    Comparisons
    Also Known As
    Azure Sentinel
    Rapid7 Insight Connect, Komand
    Learn More
    Microsoft
    Rapid7
    ThreatQuotient
    Video Not Available
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    With InsightConnect, your team will get more done and respond to security events faster than ever before. And with significant time savings and productivity gains across overall security operations, you’ll go from overwhelmed to operating at maximum efficiency in no time flat.

    ThreatQ is a Threat Intelligence Platform (TIP) designed to enable threat operations and management. ThreatQ is the only solution with an integrated Threat Library, Adaptive Workbench and Open Exchange that help you to act upon the most relevant threats facing your organization and to get more out of your existing security infrastructure.

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Starr Companies, Landmark Health
    Radar, Bitdefender, Crowdstrike, FireEye, IBM Security
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm7%
    University6%
    Insurance Company6%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company14%
    Government9%
    Educational Organization9%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise32%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise9%
    Large Enterprise77%
    Buyer's Guide
    Security Orchestration Automation and Response (SOAR)
    April 2024
    Download Free Report
    Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR). Updated: April 2024.
    DOWNLOAD NOW
    769,599 professionals have used our research since 2012.

    Rapid7 InsightConnect is ranked 22nd in Security Orchestration Automation and Response (SOAR) with 2 reviews while ThreatQ is ranked 23rd in Security Orchestration Automation and Response (SOAR) with 2 reviews. Rapid7 InsightConnect is rated 8.0, while ThreatQ is rated 7.0. The top reviewer of Rapid7 InsightConnect writes "Excellent security orchestration and automation AI features". On the other hand, the top reviewer of ThreatQ writes "Improves the threat intelligence gathering process, but it is not user-friendly". Rapid7 InsightConnect is most compared with Palo Alto Networks Cortex XSOAR, ThreatConnect Threat Intelligence Platform (TIP), CrowdStrike Falcon and Splunk SOAR, whereas ThreatQ is most compared with ThreatConnect Threat Intelligence Platform (TIP), Anomali ThreatStream, Recorded Future and Palo Alto Networks Cortex XSOAR.

    See our list of best Security Orchestration Automation and Response (SOAR) vendors.

    We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.