We performed a comparison between ManageEngine Log360 and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two User Entity Behavior Analytics (UEBA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The machine learning and artificial intelligence on offer are great."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The main benefit is the ease of integration."
"It has basic out-of-the-box integrations with multiple log sources."
"The most valuable features for us are the application logs monitoring and the dashboard, which provides a single-pane view of all the ongoing activities."
"The reports that you can run are really nice."
"It is easier to deploy than are other SIEMs, which is great. You can also get an overview of your environment, which is very handy."
"The deployment is quite simple and pretty straightforward."
"The reporting is great. Everything you need is in the report for you already."
"It basically helps us. We have to stay in compliance with certain issues with some of our customers. We have to have these types of tools in place for protecting our network and our data. We're in the aerospace industry, so we have a lot of defense contracts. So, all those guys will make sure that we're protecting their information, and it does a good job in that aspect."
"The product is very user-friendly."
"It is nice to be able to monitor and to have notifications."
"The solution's initial setup is easy."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"Rapid7's reporting is more robust than Tenable's."
"Log search allows us to dive deep into aggregated logs and query all event types at once."
"It is a very stable solution."
"The solution is easy to use, and the interface is intuitive."
"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."
"InsightIDR helps us investigate an environment to discover information about incidents."
"We'd like to see more connectors."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The product can be improved by reducing the cost to use AI machine learning."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"We are invoiced according to the amount of data generated within each log."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"I would like to be able to monitor applications outside of the Azure Cloud."
"It's difficult to find which conditions have been applied to a report because they are provided by default by ManageEngine. However, with other SIEMs if you want to create a report, they provide details, like which conditions are triggering certain reports. This needs to be there in ManageEngine. It would be good to know which parameter has been applied to the report that is updating the system."
"It is not expensive compared to other solutions."
"The matter of the data retention needs to be addressed."
"The graphical interface could be made easier to use when you are connecting to different network equipment."
"It takes a little bit of time for Log360 to actually learn your environment."
"There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk."
"Most times log sheets are not assigned well."
"The solution lacks some features when compared to other products."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"I feel it would greatly benefit from more supported log sources."
"The APIs can be further improved in Rapid7."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"They should add more configuration and security features to it."
"Needs a better ability to customize the check within the console."
ManageEngine Log360 is ranked 10th in User Entity Behavior Analytics (UEBA) with 15 reviews while Rapid7 InsightIDR is ranked 3rd in User Entity Behavior Analytics (UEBA) with 29 reviews. ManageEngine Log360 is rated 7.2, while Rapid7 InsightIDR is rated 8.4. The top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Splunk Enterprise Security, Fortinet FortiSIEM and Graylog, whereas Rapid7 InsightIDR is most compared with Darktrace, Splunk Enterprise Security, Rapid7 InsightVM, IBM Security QRadar and Microsoft Defender for Identity. See our ManageEngine Log360 vs. Rapid7 InsightIDR report.
See our list of best User Entity Behavior Analytics (UEBA) vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
