We performed a comparison between LogRhythm SIEM and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The machine learning and artificial intelligence on offer are great."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"Free ingestion for Azure logs (with E5 licence)"
"The UI of Sentinel is very good and easy to use, even for beginners."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"Sentinel pricing is good"
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"NextGen SIEM's most valuable feature is its user-friendliness."
"I find LogRhythm's log management capabilities to be beneficial."
"Provides visibility into the network."
"The most valuable feature is that we can alternate incident automations."
"The daily alerts allow me to quickly find security and operations issues which need to be addressed."
"We now have a central point of monitoring for all potential threats."
"What I found most valuable in LogRhythm NextGen SIEM is that it's user-friendly. I also like its dashboard, which shows all the logs and information I want to see."
"The initial setup is pretty easy."
"The UI is very good."
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"Rapid7's reporting is more robust than Tenable's."
"We are invoiced according to the amount of data generated within each log."
"The reporting could be more structured."
"The playbook is a bit difficult and could be improved."
"One key area that can be improved is by building a strong integration with our XDR platform."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"Better integration with different services is needed, as there are quite a few platforms that we use that don't integrate very smoothly with LogRhythm."
"LogRhythm's SOAR and NDR features don't stack up well against competitors. maybe integrating theme functionality as the other do. But in general, it's okay."
"The log storage capacity should be increased."
"I would like to see support added for Exchange 2016, and CheckPoint OPSec Lea."
"I would probably look for more things to go into the web console that is currently on the fat client."
"In terms of blind spots, we are looking for more improvements since we don't have visibility over everything."
"Scalability-wise, it's not that great."
"The initial setup is not so easy because it is quite a process."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"The dashboard is an area that could be simplified."
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"Lacks a mobile application."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"The ability to tune the collector for custom logs would greatly help."
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews. LogRhythm SIEM is rated 8.4, while Rapid7 InsightIDR is rated 8.4. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Trellix ESM, whereas Rapid7 InsightIDR is most compared with Darktrace, Splunk Enterprise Security, Rapid7 InsightVM, IBM Security QRadar and Next DLP. See our LogRhythm SIEM vs. Rapid7 InsightIDR report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.