IT Central Station is now PeerSpot: Here's why

Rapid7 InsightIDR OverviewUNIXBusinessApplication

Rapid7 InsightIDR is #3 ranked solution in top User Behavior Analytics - UEBA tools and #17 ranked solution in top Security Information and Event Management (SIEM) tools. PeerSpot users give Rapid7 InsightIDR an average rating of 8.0 out of 10. Rapid7 InsightIDR is most commonly compared to Microsoft Sentinel: Rapid7 InsightIDR vs Microsoft Sentinel. Rapid7 InsightIDR is popular among the large enterprise segment, accounting for 54% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 25% of all views.
Buyer's Guide

Download the Security Information and Event Management (SIEM) Buyer's Guide including reviews and more. Updated: July 2022

What is Rapid7 InsightIDR?

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7 InsightIDR was previously known as InsightIDR.

Rapid7 InsightIDR Customers

Liberty Wines, Pioneer Telephone, Visier

Rapid7 InsightIDR Video

Rapid7 InsightIDR Pricing Advice

What users are saying about Rapid7 InsightIDR pricing:
"It is a reasonably priced solution."

Rapid7 InsightIDR Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
KimeangSuon - PeerSpot reviewer
Pre-Sale Consultant at Yip In Tsoi Co., LTD.
Real User
Top 20
Initial setup is quick, there is no need to pay for hardware, and it's easy to scale
Pros and Cons
  • "Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."
  • "InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."

What is our primary use case?

The main use case for InsightIDR is to investigate threat activity that can compromise the internal customer environment. We can track a threat from the first attempt or breach. Then we can investigate the threat from start to finish. 

What is most valuable?

InsightIDR's dashboard shows you live activity from the threat. 

What needs improvement?

InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment. So it's a challenge to get the customer to see the benefits of a cloud-based product in terms of ROI. If they switch to a cloud application, they won't have to pay for hardware maintenance or inventory. So with the next update, the customers want to see how it applies to their environment and its advantages over on-premise solutions. 

For how long have I used the solution?

We've been using InsightIDR for two years.

Buyer's Guide
Security Information and Event Management (SIEM)
July 2022
Find out what your peers are saying about Rapid7, Splunk, Microsoft and others in Security Information and Event Management (SIEM). Updated: July 2022.
620,068 professionals have used our research since 2012.

What do I think about the stability of the solution?

InsightIDR runs on the cloud and communicates with the log collector on a local computer, so performance depends on the internet connection. It's just sending packets and TCP encryption, so it's not spending much bandwidth. If the internet connection is smooth, the performance will be fine.

What do I think about the scalability of the solution?

InsightIDR can work with any size of business. It's easy to scale because it is on the cloud platform. It depends on the customer and the number of endpoints that they need to manage. 

How are customer service and support?

I have contacted Rapid7 support but not for InsightIDR. It is with for another product of theirs. I think their support is good. The support team helped us run diagnostic tests and walked us through everything until the case was resolved.

Which solution did I use previously and why did I switch?

I have experience with other SIEM tools as well. Last time, I used LogRhythm company for security intelligence. LogRhythm has two options for the deployment — on-prem and cloud— so customers have a choice when they are looking to invest with SIEM solution. Rapid7 does not have the same option. But with LogRhythm, we would have to pay hardware maintenance as it is an on-prem product.

How was the initial setup?

The initial setup it's straightforward, and it's not complex to deploy or configure. Because it is a cloud product and cloud platform, we just have to start it up and integrate with the local collector. After that, we do the customization. Currently, we provide installation and support for customers who subscribe to Rapid7 InsightIDR.

What's my experience with pricing, setup cost, and licensing?

InsightIDR is quite expensive. But with on-prem solutions, you need to wait for delivery then spend more money on maintenance and hardware. So any customer who understands cloud applications knows they just need to buy the license for the year. Then they can use it, and it's not hard to manage.

What other advice do I have?

I rate InsightIDR eight out of a 10.  I would recommend it for a customer who isn't dead-set on an on-prem deployment. They can subscribe to Rapid7 because it is more valuable and delivers a greater return on investment. The initial setup is quick. There's no need to pay for hardware and it's easy to scale. Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log. With other products, you might need to contact a consultant certified by the vendor to do the integration. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Midhun Kumar - PeerSpot reviewer
Head of Infrastructure at Pearl Data Direct
Real User
Top 5Leaderboard
Great UEB feature, simple configuration that automatically syncs to the cloud platform
Pros and Cons
  • "Simple configuration and automatically syncs to the cloud platform."
  • "Inability to get access to compliance reports within the solution."

What is our primary use case?

We're using Rapid7 as our SIEM. I'm the head of infrastructure and we are customers of Rapid7.

What is most valuable?

There are numerous valuable features in this solution. Since it's cloud-based, the configuration is very simple, the collector will automatically sync to the cloud platform. The UEB, the User, Entity, and Behavioral Analytics, has helped us a lot. If there's a slight change in user behavior such as login patterns, my SOX is now able to detect it immediately.

What needs improvement?

I'd like to be able to get the compliance report within the solution which is currently not possible. For example, the P-Series was around 77001 compliance report of your SIEM solution. That option is unfortunately not available. 

For how long have I used the solution?

I've been using this solution for about 10 months. 

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

Given that this is a cloud solution there are no limits to scalability. The company is constantly evaluating and evolving and that's reflected in the product.

How are customer service and technical support?

We have two levels of support. They have a local presence and help us a lot although response times could be improved. The community is also very powerful, and the documentation is commendable.

How was the initial setup?

The initial setup was very easy, it took us only 24 hours to set up around 1000 assets. Implementation was carried out in-house.

What's my experience with pricing, setup cost, and licensing?

Licensing costs are based on a subscription model. The solution is very cost-effective because they are not charging based on the EPS but on the number of assets.

What other advice do I have?

The solution suits any size company, whether small, medium, or enterprise, it's a very good fit for all devices. The only drawback, for now, is the intel feeds which don't support any TAXII or STIX feeds so they need to be done manually. 

I rate the solution eight out of 10. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Security Information and Event Management (SIEM)
July 2022
Find out what your peers are saying about Rapid7, Splunk, Microsoft and others in Security Information and Event Management (SIEM). Updated: July 2022.
620,068 professionals have used our research since 2012.
Linux admin at a wholesaler/distributor with 51-200 employees
Real User
Top 5
Suitably priced, stable, and easy to set up, but the dashboard needs improvement
Pros and Cons
  • "It is a very stable solution."
  • "The dashboard is an area that could be simplified."

What is our primary use case?

We use this solution for monitoring intrusion detection and prevention.

What is most valuable?

The most valuable feature is monitoring.

What needs improvement?

The dashboard is an area that could be simplified.  For management, it should be clear and the files should be there.

For how long have I used the solution?

I have only recently started using this solution. It's been a couple of months.

I believe that we are using th latest version.

What do I think about the stability of the solution?

It is very stable.

What do I think about the scalability of the solution?

It's a scalable solution. We have more than 1,000 users and we plan to continue using it.

How are customer service and technical support?

We have not had the need to contact technical support.

Which solution did I use previously and why did I switch?

Previously, we were using another solution. We changed because the price was completely suitable.

How was the initial setup?

The initial setup was straightforward. It was simple.

We have a team of four to deploy and maintain this solution.

What's my experience with pricing, setup cost, and licensing?

It is a reasonably priced solution.

What other advice do I have?

I am not able to recommend this solution at this time. I don't know it well enough yet. Similarly, it is difficult to say at this time what needs to be improved. We need more time to explore.

I would rate this solution a seven out of ten, only because I have recently started using it.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Davide Baudanza - PeerSpot reviewer
CoFounder & Head of Technology at intuity
Real User
Top 5
Very intuitive, stable and integrates easily with other security products

What is our primary use case?

We use this solution to develop our business and we also provide it to some of our customers. The primary use case is for security information and event management, monitoring and acting on any event. 

What is most valuable?

The solution is very intuitive, it's easy to set up, is absolutely stable, and has a lot of integration with other security products.

What needs improvement?

I'd like to see a mobile application included and some feature related to the generality of segregation for internal users that access the application.

What do I think about the stability of the solution?

This solution is absolutely stable. 

What do I think about the scalability of the solution?

This solution is scalable. 

How are customer service and technical support?

The technical support is very good and respond quickly when there is a problem.

How was the initial setup?

The initial setup is reasonably straightforward, it takes a few hours. We've deployed it for 10 different clients and we have several engineers and eight certified technical staff that carry out implementation. 

What's my experience with pricing, setup cost, and licensing?

You can scale the license as needed. It's really easy to update and upgrade.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Rapid7, Splunk, Microsoft, and more!
Updated: July 2022
Buyer's Guide
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Rapid7, Splunk, Microsoft, and more!