We performed a comparison between Cynet and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two User Entity Behavior Analytics (UEBA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"The threat intelligence is excellent."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"The summarization of emails is a valuable feature."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"The product is very easy to use."
"The product has valuable front-end features."
"The most valuable feature is the monitored support behind it."
"Cynet's most valuable features are laptop and server performance, internal network monitoring, and external firewall lock management."
"We are protecting all our workstations."
"I like that it is possible to use the solution to check more information about the users' devices."
"A reliable security system that automatically quarantines anything suspicious."
"It's transparent, so it's not something where every user has to press a button to download or do the thing. It is centralized, in fact. Personally, I use Malwarebytes and other tools, which are fine for home use. Cynet is also relatively silent in terms of operation, except when it's required to act."
"I like the Cynet Correlator™ feature."
"The UI is very good."
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"I rate Rapid7 nine out of 10 for affordability"
"InsightIDR helps us investigate an environment to discover information about incidents."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"The solution is very stable and works very well for what I need it to do."
"Advanced attacks could use an improvement."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"At times, there may be delays in the execution of certain actions and their effects."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"They have automated response capability, and they're moving more and more into SOAR capability. They have built-in deception technology with host-file users, phantoms, etc. We used to call them honeypots. So, they're on target. They're doing a really good job, and they should continue to improve with SOAR."
"It is an endpoint agent, but they don't have a probe for checking the network traffic. They could improve from this point of view."
"Increased application for SOAR abilities across interconnected devices would be a welcome improvement."
"There is room for improvement in terms of support. The support should be faster to respond."
"Automation could be improved, and orchestration could be added to the features."
"Could have better integration with other security applications."
"The inability to add contact information inside the Cynet is also an issue because it makes things more complicated. I would like to have a simple feature to enter a contact name and number for the person taking care of that unit or that server."
"Its dashboard is not so good. On the dashboard, they don't show the count for client endpoints, which is a failure of this product. This count should be shown on the dashboard. I have 1,000 clients, but I can't see it anywhere on the dashboard."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"The APIs can be further improved in Rapid7."
"I feel it would greatly benefit from more supported log sources."
"The product allows us to make only 30 custom rules."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
Cynet is ranked 4th in User Entity Behavior Analytics (UEBA) with 35 reviews while Rapid7 InsightIDR is ranked 3rd in User Entity Behavior Analytics (UEBA) with 29 reviews. Cynet is rated 8.8, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Cynet writes "Provides memory protection, device control, and vulnerability management". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Cynet is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, ESET Endpoint Protection Platform, Microsoft Defender for Endpoint and Cortex XDR by Palo Alto Networks, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar. See our Cynet vs. Rapid7 InsightIDR report.
See our list of best User Entity Behavior Analytics (UEBA) vendors, best Endpoint Detection and Response (EDR) vendors, and best Threat Deception Platforms vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.