Rapid7 InsightIDR Review

An effective tool for identifying threats to a network infrastructure

What is our primary use case?

I use it to track events on our infrastructure to help with secure access and detection. We have many firewalls and antivirus DHCP (The Dynamic Host Configuration Protocol) DNS (Domain Name System), logs of Office 365, et cetera. We use this software to monitor and track our traffic and usage by creating logs.  

What is most valuable?

The most valuable features have to do with ease-of-use. It is easy to check the events, investigate suspicious activities, and do forensic analysis. The web interface is great — very useful and user-friendly.  

What needs improvement?

The only thing I can think of to improve the product is that the interface for doing investigation needs to be enhanced. For example, we can add notes through the interface, but we can not attach files to the investigation. It would be a useful addition. It would give us more flexibility to resolve more complicated situations. 

For how long have I used the solution?

I have been using this solution for about six months.  

What do I think about the stability of the solution?

This solution is stable. Because it is a software as a service product, when any bugs appear, the manufacturer can correct the problems quickly and deploy the solutions immediately. This is better than other solutions on-premises that we would need to install an upgrade to resolve any bugs or other issues.  

What do I think about the scalability of the solution?

Because this is a software as a service solution, the provider manages the scalability. It has never been an issue from our end.  

How was the initial setup?

The setup for the product was straightforward.  

What about the implementation team?

Although we did do the deployments by ourselves, we did it with some support from the provider, but it was easy to deploy.  

What other advice do I have?

On a scale from one to ten where one is the worst and ten is the best, I would rate this product as a nine-out-of-ten. It is very good but it could be better with a few details that would improve the utility of the investigations interface.  

Which deployment model are you using for this solution?

Public Cloud

Disclosure: I am a real user, and this review is based on my own experience and opinions.

Add a Comment