We performed a comparison between Rapid7 InsightIDR and Rapid7 InsightVM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events."
"The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."
"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."
"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way."
"The strength of Devo is not only in that it is pretty intuitive, but it gives you the flexibility and creativity to merge feeds. The prime examples would be using the synthesis or union tables that give you phenomenal capabilities... The ability to use a synthesis or union table to combine all those feeds and make heads or tails of what's going on, and link it to go down a thread, is functionality that I hadn't seen before."
"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."
"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."
"The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"Simple configuration and automatically syncs to the cloud platform."
"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."
"It is a very stable solution."
"Very intuitive and easy to set up."
"The feature that I have found most valuable is its dashboards."
"The product is scalable."
"Using Rapid7, we can install a scan engine, we can do our VPN connections, and we can conduct internal scans of remote sites. We prefer the web application. It's smarter and more accurate from an application perspective."
"Rapid7 have a good distribution network with good support and market presence."
"The reports in Rapid7 InsightVM are useful when compared to competitors."
"When it comes to the process, installation is very easy and does not take long."
"The assessment is most valuable."
"It's very scalable."
"I would like to have the ability to create more complex dashboards."
"We only use the core functionality and one of the reasons for this is that their security operation center needs improvement."
"The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets."
"Devo has a lot of cloud connectors, but they need to do a little bit of work there. They've got good integrations with the public cloud, but there are a lot of cloud SaaS systems that they still need to work with on integrations, such as Salesforce and other SaaS providers where we need to get access logs."
"From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments."
"The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc."
"Technical support could be better."
"Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data."
"Inability to get access to compliance reports within the solution."
"Lacks a mobile application."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"The dashboard is an area that could be simplified."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"The on-premise updates could improve from Rapid7 InsightVM."
"It is still not a fully cloud-based solution. It will be helpful for customers if it is a complete cloud solution. It is a hybrid solution at the moment."
"The product does not have the capability to do dynamic scanning of non-web applications."
"The reporting is very bad when you compare it with other vulnerability assessment tools."
"All products have room for increased security and Rapid7 InsightVM is no exception."
"InsightVM could be improved by providing passive scanning as an option."
"There are end-user needs and expectations that are being overlooked in the development that could be addressed by appointing a customer advisory board."
"Some of our customers want to be completely cloud based, and Rapid7 doesn't offer this as an option."
Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.
Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.
Rapid7 InsightVM is a comprehensive vulnerability management platform that protects your systems from attackers and is easy to scale. The solution provides easy access to vulnerability management, application security, detection and response, external threat intelligence, orchestration and automation, and more. Rapid7 InsightVM is ideal for security, IT, and DevOps teams, helping them reduce risk by enabling them to detect and respond to attacks quickly.
Rapid7 InsightVM Features
Rapid7 InsightVM has many valuable key features. Some of the most useful ones include:
Rapid7 InsightVM Benefits
There are many benefits to implementing Rapid7 InsightVM. Some of the biggest advantages the solution offers include:
Reviews from Real Users
Below are some reviews and helpful feedback written by PeerSpot users currently using the Rapid7 InsightVM solution.
An owner at a tech services company says, "I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps."
PeerSpot user Kimeang S., Technical Consultant at Yip Intsoi, mentions, "The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at."
A Director of Information Technology at a government explains, "The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."
See how Devo allows you to free yourself from data management, and make machine data and insights accessible.
Rapid7 InsightIDR is ranked 13th in Security Information and Event Management (SIEM) with 5 reviews while Rapid7 InsightVM is ranked 5th in Vulnerability Management with 22 reviews. Rapid7 InsightIDR is rated 8.2, while Rapid7 InsightVM is rated 7.6. The top reviewer of Rapid7 InsightIDR writes "Initial setup is quick, there is no need to pay for hardware, and it's easy to scale". On the other hand, the top reviewer of Rapid7 InsightVM writes "Broad capabilities make this scanning solution able to cover a lot of ground". Rapid7 InsightIDR is most compared with Microsoft Sentinel, Darktrace, Splunk, IBM QRadar and Exabeam Fusion SIEM, whereas Rapid7 InsightVM is most compared with Tenable Nessus, Qualys VM, Tenable.sc, Tenable.io Vulnerability Management and Rapid7 Metasploit.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.