We performed a comparison between LogRhythm SIEM and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."LogRhythm has increased productivity because all the tools that we need are in the web UI, allowing us to find threats on our network fast and efficiently."
"As a SIEM, probably the best feature is that it can be tuned effectively. There are very few SIEMs out there that can be effectively tuned to provide you with meaningful information and not be overwhelmed."
"The Web Console is my favorite. It enables me, at a glance, to see the health of the environments."
"The daily alerts allow me to quickly find security and operations issues which need to be addressed."
"It's very easy to create the correlation rules with LogRhythm, and there are some advanced features like SIEM and UEBA, which are also very valuable."
"LogRhythm does a very good job of helping SOCs manage their workflows."
"The most valuable features of the solution are network monitoring, user behavior analytics, and log collection."
"It gives us insight into our entire installation, where we are multiple sites, going as far as the East Coast to the Central West Coast."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"Features for user behavior analytics and the rules for attack review are good."
"Simple configuration and automatically syncs to the cloud platform."
"User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"The UI is very good."
"LogRhythm's SOAR and NDR features don't stack up well against competitors. maybe integrating theme functionality as the other do. But in general, it's okay."
"The software needs to work on its pricing."
"The initial setup is not so easy because it is quite a process."
"I would like to see our vulnerabilities counter. We will be using Tenable to fill that void right now."
"I would probably look for more things to go into the web console that is currently on the fat client."
"The built-in functionality of the solution for NDR, SOAR, SIEM, and EDS has room for improvement."
"In terms of blind spots, we are looking for more improvements since we don't have visibility over everything."
"Better integration with different services is needed, as there are quite a few platforms that we use that don't integrate very smoothly with LogRhythm."
"The product allows us to make only 30 custom rules."
"The APIs can be further improved in Rapid7."
"Lacks a mobile application."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 30 reviews. LogRhythm SIEM is rated 8.4, while Rapid7 InsightIDR is rated 8.4. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Oracle Security Monitoring and Analytics Cloud Service, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and Elastic Security. See our LogRhythm SIEM vs. Rapid7 InsightIDR report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.