2018-04-22T07:58:00Z

What needs improvement with Rapid7 InsightIDR?

Julia Miller - PeerSpot reviewer
  • 0
  • 67
PeerSpot user
20

20 Answers

Vikas Dusa - PeerSpot reviewer
Real User
Top 5
2024-03-04T18:11:19Z
Mar 4, 2024

The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources.

Search for a product comparison
Awais Sajid - PeerSpot reviewer
Consultant
Top 20
2024-02-06T11:13:18Z
Feb 6, 2024

The product allows us to make only 30 custom rules. The limit on custom rules must be changed.

RicardoSilva3 - PeerSpot reviewer
Real User
Top 20
2023-10-10T13:48:07Z
Oct 10, 2023

The main problem lies in the processes within the client's operating systems. XDR is superior to CMs. Observing how the processes function within the machine is essential if you are monitoring the client or servers, and not only the event with the first or second line but the third line is most important.

Khizar Butt - PeerSpot reviewer
Reseller
Top 5Leaderboard
2023-08-23T07:04:55Z
Aug 23, 2023

Because Rapid7 was originally a vulnerability management solution, more and more companies are now moving towards their technologies and their existing SIEM applications and converting them to XDR solutions. Though Rapid7 provides its EDR option with SIEM, it has a long way to go to achieve an XDR status. I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR because every SIEM solution provider is moving their solutions toward XDR.

IO
Reseller
Top 20
2023-07-26T12:21:30Z
Jul 26, 2023

The solution's XDR agents cannot compete with the XDR solutions out there yet. It has to be a stand-alone XDR solution, and I know they are working on that. They have to ensure that it has the full capabilities of an XDR solution.

Gerard Konan - PeerSpot reviewer
Reseller
Top 5
2023-07-14T14:36:08Z
Jul 14, 2023

Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one.

Learn what your peers think about Rapid7 InsightIDR. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
CP
Reseller
Top 20
2023-05-31T15:02:14Z
May 31, 2023

InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal.

JC
Real User
Top 20
2023-04-27T07:30:00Z
Apr 27, 2023

Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA). So, User Behavior Analytics (UBA) should be added in the new release.

Navin Rehnius - PeerSpot reviewer
Real User
Top 10
2023-04-14T12:13:00Z
Apr 14, 2023

They should add more configuration and security features to the solution.

Ali Sağlam - PeerSpot reviewer
Real User
Top 10
2023-01-26T19:37:57Z
Jan 26, 2023

Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already.

SamiAyyash - PeerSpot reviewer
Reseller
Top 10
2022-10-05T13:43:30Z
Oct 5, 2022

Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps.

BR
Real User
Top 5
2022-08-12T15:45:45Z
Aug 12, 2022

One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level. It could have intelligence. It is available as a separate product but not as a part of the platform itself.

KimeangSuon - PeerSpot reviewer
Real User
Top 10
2021-10-13T12:20:00Z
Oct 13, 2021

InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment. So it's a challenge to get the customer to see the benefits of a cloud-based product in terms of ROI. If they switch to a cloud application, they won't have to pay for hardware maintenance or inventory. So with the next update, the customers want to see how it applies to their environment and its advantages over on-premise solutions.

MK
Real User
2021-09-08T16:38:09Z
Sep 8, 2021

I'd like to be able to get the compliance report within the solution which is currently not possible. For example, the P-Series was around 77001 compliance report of your SIEM solution. That option is unfortunately not available.

DB
Real User
2021-07-21T17:38:17Z
Jul 21, 2021

I'd like to see a mobile application included and some feature related to the generality of segregation for internal users that access the application.

OS
Real User
2021-04-05T12:07:13Z
Apr 5, 2021

The dashboard is an area that could be simplified. For management, it should be clear and the files should be there.

AS
Real User
2020-07-19T08:15:52Z
Jul 19, 2020

Earlier they didn't have a network flow capture product, so they were not able to capture the network flows. We were able to capture the logs but not the network flows. Now, they have acquired a company called NetFort, and now they are also using the capture network flows. This was one of the shortcomings of the product which they have now rectified after acquisition of the company. Cloud risk assessment is one area where I think they need a lot of improvement. The solution should have a CIS Benchmark in terms of, I would say, config change detection.

JS
Real User
2020-01-07T06:27:00Z
Jan 7, 2020

The only thing I can think of to improve the product is that the interface for doing investigation needs to be enhanced. For example, we can add notes through the interface, but we can not attach files to the investigation. It would be a useful addition. It would give us more flexibility to resolve more complicated situations.

PD
Real User
2018-10-02T19:05:00Z
Oct 2, 2018

The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in.

NJ
Real User
2018-04-22T07:58:00Z
Apr 22, 2018

Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition.

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.
Download Rapid7 InsightIDR ReportRead more

Related Q&As