2021-07-28T04:59:00Z

Is Rapid7 InsightIDR the right choice to be used in SOC?

Navin Rehnius - PeerSpot reviewer
  • 4
  • 161
PeerSpot user
3

3 Answers

JS
Real User
2022-02-15T18:46:40Z
Feb 15, 2022

Yes, Rapid7 is a great tool for a SOC to use for analysis of Security Events, as is the others you mentioned. 


Do your homework before choosing the tool, as staffing and engineering work for any tool you choose is a requirement a lot of companies don't consider until after they have locked themselves into a contract.  


I would also suggest looking into SYNPR from Securonix, we have been using that tool in our SOC for a little over a year now, It took about 300 manhours working with engineers from Securonix to completely implement the SNYPR platform and set up the rules and policies to filter out the false positives. but the analysis tools it provides are adequate for managing the incidents from over 30 clients and a combined total of about 10,000 sources and an incident rate of 1500/hr. of which 5-15 are actionable incidents.


Just my experience, I hope it helps in your decision-making process, BTW we support a global organization that has Rapid7 InsightIDR deployed to its internal SOC team, and act as their escalation point for incident management.

Search for a product comparison in Security Information and Event Management (SIEM)
JR
Consultant
2021-08-12T03:30:13Z
Aug 12, 2021

No, Navin, 


The use of SIEM products will focus a lot broader on managing all sources of target systems log integration and correlation, while InsightIDR will work best with existing Rapid7 solutions. 


Alternatively, several SIEM would have a plugin to integrate VA result into the repository, providing assets classification and prioritization based on the vulnerability result from Rapid7.

PrasanthPrasad - PeerSpot reviewer
Real User
2021-08-10T08:25:24Z
Aug 10, 2021

Of course. 


If you look at Gartner's 2020 Magic Quadrant for SIEM solutions, you will see that Rapid 7 is even ahead of LogRhythm. 


If you look at the 2021 Quadrant, you can see that some players, while are losing their ground in the leaders' Quadrant (like LogRhythm), Rapid 7 has maintained a position in the leaders' quadrant. 


Feel free to reach out to me for any support to help get you moving on this decision. 

EB
Community Manager
Aug 10, 2021

@PrasanthPrasad besides being listed in MQ, what makes Rapid7 InsightIDR be a better choice than IBM QRadar, Splunk, and LogRhythm NextGen SIEM?
Can you please specify some technical facts? Thanks

PeerSpot user
Learn what your peers think about Rapid7 InsightIDR. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.
Download Rapid7 InsightIDR ReportRead more

Related Q&As

Security Information and Event Management (SIEM) experts

Prateek Agarwal - PeerSpot reviewer
Nagendra Nekkala. - PeerSpot reviewer
Olajide Olusegun - PeerSpot reviewer
Nagendra Nekkala - PeerSpot reviewer
Shashank N - PeerSpot reviewer
Shaamil Ashraff - PeerSpot reviewer
Derrick Brockel - PeerSpot reviewer
JA