2021-07-28T04:59:00Z
Navin Rehnius - PeerSpot reviewer
Security Engineer at a tech services company with 201-500 employees
  • 4
  • 125

Is Rapid7 InsightIDR the right choice to be used in SOC?

Hello,

Is Rapid7 InsightIDR an efficient solution (to be used in SOC as an analysis tool) in comparison with other SIEM products, such as IBM QRadar, Splunk, and LogRhythm NextGen SIEM?

3
PeerSpot user
3 Answers
John Stanford - PeerSpot reviewer
Senior Network Architect / Network Team Leader at ICE Consulting. Inc.
Real User
2022-02-15T18:46:40Z
Feb 15, 2022

Yes, Rapid7 is a great tool for a SOC to use for analysis of Security Events, as is the others you mentioned. 


Do your homework before choosing the tool, as staffing and engineering work for any tool you choose is a requirement a lot of companies don't consider until after they have locked themselves into a contract.  


I would also suggest looking into SYNPR from Securonix, we have been using that tool in our SOC for a little over a year now, It took about 300 manhours working with engineers from Securonix to completely implement the SNYPR platform and set up the rules and policies to filter out the false positives. but the analysis tools it provides are adequate for managing the incidents from over 30 clients and a combined total of about 10,000 sources and an incident rate of 1500/hr. of which 5-15 are actionable incidents.


Just my experience, I hope it helps in your decision-making process, BTW we support a global organization that has Rapid7 InsightIDR deployed to its internal SOC team, and act as their escalation point for incident management.

Search for a product comparison in Security Information and Event Management (SIEM)
John Rendy - PeerSpot reviewer
CTO at Systema Global Solusindo
Consultant
Top 5Leaderboard
2021-08-12T03:30:13Z
Aug 12, 2021

No, Navin, 


The use of SIEM products will focus a lot broader on managing all sources of target systems log integration and correlation, while InsightIDR will work best with existing Rapid7 solutions. 


Alternatively, several SIEM would have a plugin to integrate VA result into the repository, providing assets classification and prioritization based on the vulnerability result from Rapid7.

PrasanthPrasad - PeerSpot reviewer
Product Manager at Spire Solutions
Real User
2021-08-10T08:25:24Z
Aug 10, 2021

Of course. 


If you look at Gartner's 2020 Magic Quadrant for SIEM solutions, you will see that Rapid 7 is even ahead of LogRhythm. 


If you look at the 2021 Quadrant, you can see that some players, while are losing their ground in the leaders' Quadrant (like LogRhythm), Rapid 7 has maintained a position in the leaders' quadrant. 


Feel free to reach out to me for any support to help get you moving on this decision. 

Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Community Manager
Aug 10, 2021

@PrasanthPrasad besides being listed in MQ, what makes Rapid7 InsightIDR be a better choice than IBM QRadar, Splunk, and LogRhythm NextGen SIEM?
Can you please specify some technical facts? Thanks

PeerSpot user
Find out what your peers are saying about Rapid7, Splunk, Microsoft and others in Security Information and Event Management (SIEM). Updated: November 2022.
655,994 professionals have used our research since 2012.
Related Questions
Navin Rehnius - PeerSpot reviewer
Security Engineer at a tech services company with 201-500 employees
Aug 2, 2021
What is the difference between Incident Detection Response (IDR) e.g. in Rapid7 InsightIDR and Endpoint Detection and Response (EDR) in other solutions? Thanks.
See 1 answer
John Rendy - PeerSpot reviewer
CTO at Systema Global Solusindo
Aug 2, 2021
Hi @Navin Rehnius, The IDR focus is on the correlation of the host system vulnerability with the exploit activity. In a way, it will classify if an exploit or attack event is most potentially an incident.  However, IDR works by scanning the whole segment of the target hosts while EDR is running continuously at the endpoint level. With the correct implementation of EDR, you could actually correlate EDR events with vulnerability assessment information and achieve the same objectives of IDR. 
Navin Rehnius - PeerSpot reviewer
Security Engineer at a tech services company with 201-500 employees
Aug 10, 2021
Hi community members, I'm a security engineer at a Tech Services company and I'm currently exploring SOC solutions, such as Rapid7 InsightIDR, Splunk, IBM QRadar and ArcSight Analytics. Based on your experience, which SOC tool/solution would you recommend and why?
2 out of 12 answers
Kumar Mahadevan - PeerSpot reviewer
IT Infrastructure Analyst at AG Group
Jul 26, 2021
I haven't used these big-name ones like Splunk etc. but I feel they're overpriced. I think they charge an arm and a leg for each module. The ROI justification is not there. Why not try a cheaper and robust alternative like Elasticsearch?
Kashif Ali - PeerSpot reviewer
Unit Head Titanium (Security Solution) at RapidCompute
Jul 26, 2021
We are using LogRthythm SIEM complete case management and offer SIEM/SOC as service.
Related Articles
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
May 12, 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews for the Top User Behavior Analytics - UEBA Tools...
Navcharan Singh - PeerSpot reviewer
Senior Seo Executive at Ace Cloud Hosting
Oct 7, 2022
Security Information and Event Management (SIEM) solutions differ significantly from firewalls. While both security solutions are integral components of cybersecurity infrastructure, they have different capabilities, functions, and roles. Do you need SIEM if you already have a firewall? If you have questions about the difference between SIEM and firewall, you have come to the right place....
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Jul 5, 2022
Dear PeerSpot community members, This is our latest Community Spotlight for YOU. Here we've summarized and selected the latest posts (professional questions, articles and discussions) contributed by PeerSpot community members.  Check them out! Trending See what your peers are discussing at the moment! What were your main pain points during the SIEM product purchase process? What...
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Apr 4, 2022
Hi peers, This is our new Community Spotlight that includes recent contributions (questions, articles and discussions) by the PeerSpot community members. Trending Is RPA beneficial for a healthcare organization? With the increasing risk of cyber attacks in the west, due to the war in Ukraine, how safe is your data in the cloud? Articles 8 Business Automation Ideas to Save Time and...
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Mar 18, 2022
Hi community members, Here we go with a new Community Spotlight. We publish it to help YOU catch up on recent contributions by community members. Trending What open-source HCI solution do you recommend? How much time does SSO save? What are the main technical differences between Microsoft Power Automate and Blue Prism? Articles Top HCI in 2022 What is Web Design? The Ultima...
Related Articles
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
May 12, 2022
Top 7 User Behavior Analytics (UEBA) Tools 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to...
Navcharan Singh - PeerSpot reviewer
Senior Seo Executive at Ace Cloud Hosting
Oct 7, 2022
SIEM vs. Firewall
Security Information and Event Management (SIEM) solutions differ significantly from firewalls. W...
Download Free Report
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Rapid7, Splunk, Microsoft, and more! Updated: November 2022.
DOWNLOAD NOW
655,994 professionals have used our research since 2012.