We performed a comparison between Logpoint and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We have FortiEDR installed on all our systems. This protects them from any threats."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The stability is very good."
"Forensics is a valuable feature of Fortinet FortiEDR."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Fortinet is very user-friendly for customers."
"It is stable and scalable."
"I get alerts when scripts are detected in the environment."
"The most valuable features are the ones that we use the most, which are the search and report facilities."
"The most beneficial was being able to prove, with proper reports, that from a compliance perspective, the company is in control. The service part of LogPoint did modifications or did some additional work to have the proper reports defined."
"The solution offers excellent reporting features. Our customers have been satisfied that they have been able to meet their compliance needs by giving them a standard report."
"The main advantage of Logpoint is the support service. They reply within ten minutes to an hour to our queries."
"The solution's user interface is quite simple, and the integration is better than other products."
"We like the user and entity behaviour analytics (UEBA) and find it valuable."
"The integration is very user-friendly. There are not many CLI commands. Everything is directly accessible from the web interface."
"It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them."
"The solution is very stable and works very well for what I need it to do."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"Simple configuration and automatically syncs to the cloud platform."
"User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"It takes about two business days for initial support, which is too slow in urgent situations."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The solution is not stable."
"The dashboard isn't easy to access and manage."
"I haven't seen the use of AI in the solution."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"We find the solution to be a bit expensive."
"LogPoint must find a way to integrate the servers without agents."
"The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."
"One of the things we faced last year was that we had some memory issues with the server running. We were running them as virtual services, and we were facing some performance issues. Back then, there were some things that had already been solved at the end, but one of the small issues we had was that it was quite memory-consuming. After one upgrade that we did, we faced some performance issues."
"LogPoint can improve its dashboards. We are not able to customize the dashboard when creating them. They only have preset dashboards which do not have exactly what we are looking for."
"Dashboards could be developed further."
"We were missing visuals and graphics. Recently, a new version seems to have come out, and it has a new graphical user interface. When I was integrating it, it was usable, but the GUI needed improvement."
"Sometimes, the product is not stable."
"Logpoint is not flexible. Its documentation is not user-friendly."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"Needs a better ability to customize the check within the console."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"The dashboard is an area that could be simplified."
Logpoint is ranked 29th in Security Information and Event Management (SIEM) with 20 reviews while Rapid7 InsightIDR is ranked 9th in Security Information and Event Management (SIEM) with 30 reviews. Logpoint is rated 7.4, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". Logpoint is most compared with IBM Security QRadar, Elastic Security, Microsoft Sentinel, Wazuh and Fortinet FortiSIEM, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar. See our Logpoint vs. Rapid7 InsightIDR report.
See our list of best Security Information and Event Management (SIEM) vendors, best User Entity Behavior Analytics (UEBA) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.