We performed a comparison between Rapid7 InsightIDR and Rapid7 InsightVM based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The analytic rule is the most valuable feature."
"Sentinel pricing is good"
"Log aggregation and data connectors are the most valuable features."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"I rate Rapid7 nine out of 10 for affordability"
"Features for user behavior analytics and the rules for attack review are good."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
"The solution is easy to use, and the interface is intuitive."
"The solution is very scalable in terms of the licensing model."
"The solution is very stable and works very well for what I need it to do."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"The web interface is great — very useful and user-friendly."
"The reports in Rapid7 InsightVM are useful when compared to competitors."
"I really love the new platform. It is really easy to understand, use, and deploy."
"The solution is very user friendly and easy to manage."
"It is a stable solution."
"InsightVM's best features are the vulnerability database and remediation steps."
"Has great reporting features."
"You can bring in and get online to do reports fairly quickly,"
"The most valuable feature for me is the risk calculation based on monthly effects."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"We are invoiced according to the amount of data generated within each log."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"We'd like also a better ticketing system, which is older."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"They should add more configuration and security features to it."
"Needs a better ability to customize the check within the console."
"Inability to get access to compliance reports within the solution."
"The APIs can be further improved in Rapid7."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"Rapid7 InsightVM could be easier to use for those who are using it for the first time."
"The InsightVM cannot scan if we connect to our customer by the VPN."
"In order to be able to properly test the solution and make a decision, I would like to receive the test license code instantly and eliminate the wait time."
"There are certain limitations because of the product being used on a hybrid model. Rapid7 InsightVM doesn't offer a solution purely in the cloud."
"It would be great to have a mobile application client. Currently, you have to use a mobile web browser on a device, but it is not similar to the desktop web browser in terms of user experience. It would be nice to have a mobile application to access the platform."
"We have some issues with how it scans patches."
"The reporting has room for improvement. You cannot customize any report. If I need a specific requirement, I have to create a new report for it."
"There are end-user needs and expectations that are being overlooked in the development that could be addressed by appointing a customer advisory board."
Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews while Rapid7 InsightVM is ranked 4th in Risk-Based Vulnerability Management with 55 reviews. Rapid7 InsightIDR is rated 8.4, while Rapid7 InsightVM is rated 8.0. The top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". On the other hand, the top reviewer of Rapid7 InsightVM writes "You can scan a network, and receive recommendations to address vulnerabilities with the click of a button". Rapid7 InsightIDR is most compared with Darktrace, Splunk Enterprise Security, Microsoft Defender for Identity, IBM Security QRadar and Vectra AI, whereas Rapid7 InsightVM is most compared with Tenable Nessus, Qualys VMDR, Tenable Security Center, Microsoft Defender Vulnerability Management and Wiz.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
