We performed a comparison between Rapid7 InsightIDR and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like that it's a cloud-based solution."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
"InsightIDR helps us investigate an environment to discover information about incidents."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"The solution is very stable and works very well for what I need it to do."
"The UI is very good."
"It improved my organization by building a security alerting program."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"I like the ease of deployment."
"It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself."
"This solution integrates easily and very well with other technologies."
"It is easy to use and deploy. It comes with user-friendly manuals."
"The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller."
"It is easy to use."
"McAfee as a whole is a good solution."
"It can be easily deployed with the other solutions."
"They should add more configuration and security features to it."
"Inability to get access to compliance reports within the solution."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"The dashboard is an area that could be simplified."
"Lacks a mobile application."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"The solution needs to improve case management. The UI is confusing."
"The user interface could be more user-friendly."
"The only drawback is that they don't have any packet capturing or network behavior analysis."
"The disk space needed for events is not clear. In all clients, we had at least more than 100GB free that we could not use."
"I would like to see fingerprint recognition included in the next release of this solution."
"Product currently requires Flash."
"Cloud integration has room for improvement because they're not full-fledged to integrate with the cloud solutions that come. They use different integration platforms to bring in data, and that needs to be improved."
"It is not a very advanced solution, and it is for very generic use cases. It cannot cope with the advanced requirements that we're going to have. For example, for multiple authentication failures, it is still based on Windows events for detecting multiple login failures, whereas other companies are going beyond and working on implementing two-factor authentication. It is time to correlate the two-factor authentication results with authentification failures, which is not happening with McAfee ESM. The performance of the tool should be improved because it is very slow. The data display on the console is very slow in McAfee ESM. Its data storage is still old-fashioned, and it should be improved and upgraded to the latest versions. They have to come up with some new ideas to match what other leaders in the same domain are doing. For example, in Splunk, when you search for information for the last 60 days or five months, it quickly shows the information, but that is not the case with McAfee. The results should be quicker and faster on the console. They should integrate some additional features such as User Behavior Analytics (UBA) and automation. The threat intelligence part should also be improved on McAfee."
Rapid7 InsightIDR is ranked 9th in Security Information and Event Management (SIEM) with 30 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. Rapid7 InsightIDR is rated 8.4, while Trellix ESM is rated 7.4. The top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Trellix Helix. See our Rapid7 InsightIDR vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.