We performed a comparison between Rapid7 InsightIDR and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is a very stable solution."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"The solution is very scalable in terms of the licensing model."
"User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."
"I like that it's a cloud-based solution."
"We are now able to completely monitor our environment so we can review what is there, which is a big win for us."
"Trellix ESM is very user-friendly."
"The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller."
"It enables us to detect malicious threats, issues, or vulnerabilities in our network."
"It is easy to use and deploy. It comes with user-friendly manuals."
"It can be easily deployed with the other solutions."
"It is a good central viewpoint for issues. These can then be investigated in more detail on the subnet server(s)/endpoints."
"I rate the tool's deployment an eight out of ten. The deployment is completed in two days."
"The APIs can be further improved in Rapid7."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"The main problem lies in the processes within the client's operating systems."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"The product's stability is an area of concern where improvements are required."
"There's no software support from McAfee."
"I would like to see improvements to the user interface."
"We cannot add new data sources to the most recent version."
"We acquired the IBM product because McAfee is slightly confusing to use, and it's broader."
"It seems McAfee does test its product before releasing. When we - not only us, other companies also - deploy McAfee, we face multiple issues from the customer side, after which, McAfee reacts and fixes the bugs."
"There are some banking and transactional cases that are local, South America transactions. I would like to see them add features that can be used locally, to make those transactions more reliable."
"We would welcome integrations with some of the new McAfee acquisitions, e.g., behavioural analytics."
Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews while Trellix ESM is ranked 19th in Security Information and Event Management (SIEM) with 34 reviews. Rapid7 InsightIDR is rated 8.4, while Trellix ESM is rated 7.4. The top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, LogRhythm SIEM, Splunk Enterprise Security and Trellix Helix. See our Rapid7 InsightIDR vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.