Hi @Navin Rehnius,
The IDR focus is on the correlation of the host system vulnerability with the exploit activity. In a way, it will classify if an exploit or attack event is most potentially an incident.
However, IDR works by scanning the whole segment of the target hosts while EDR is running continuously at the endpoint level.
With the correct implementation of EDR, you could actually correlate EDR events with vulnerability assessment information and achieve the same objectives of IDR.
If you look at Gartner's 2020 Magic Quadrant for SIEM solutions, you will see that Rapid 7 is even ahead of LogRhythm.
If you look at the 2021 Quadrant, you can see that some players, while are losing their ground in the leaders' Quadrant (like LogRhythm), Rapid 7 has maintained a position in the leaders' quadrant.
Feel free to reach out to me for any support to help get you moving on this decision.
The use of SIEM products will focus a lot broader on managing all sources of target systems log integration and correlation, while InsightIDR will work best with existing Rapid7 solutions.
Alternatively, several SIEM would have a plugin to integrate VA result into the repository, providing assets classification and prioritization based on the vulnerability result from Rapid7.
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias.
Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why.
You can read user reviews for the Top User Behavior Analytics - UEBA Tools...