We performed a comparison between IBM Resilient and Rapid7 InsightConnect based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The automation feature is valuable."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"It's pretty powerful and its performance is pretty good."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The most valuable thing about it is how easy it is to navigate the user interface."
"The solution is easy to use."
"The product is very good at incident response."
"IBM Resilient is scalable."
"The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."
"It's really simple and has a flexible interface."
"As a whole, the product is stable...Technical support is very good."
"The UBA, User Behavior Analytics, is very good."
"The tool is stable. The initial setup is straightforward. The product is user-friendly."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"The solution should allow for a streamlined CI/CD procedure."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"The response time of the support is an area of concern where improvements are required."
"The tool needs to improve its documentation on license scripts."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"Its price needs improvement."
"One thing to improve is how it handles data formats, which currently might require scripting for conversion to CSV before uploading."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"The initial setup is complex."
"The implementation could be a bit simpler."
"The technical support should be improved."
IBM Resilient is ranked 6th in Security Orchestration Automation and Response (SOAR) with 17 reviews while Rapid7 InsightConnect is ranked 21st in Security Orchestration Automation and Response (SOAR) with 2 reviews. IBM Resilient is rated 7.6, while Rapid7 InsightConnect is rated 8.0. The top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". On the other hand, the top reviewer of Rapid7 InsightConnect writes "Excellent security orchestration and automation AI features". IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, Fortinet FortiSOAR and IBM Security QRadar, whereas Rapid7 InsightConnect is most compared with Palo Alto Networks Cortex XSOAR, CrowdStrike Falcon, ThreatConnect Threat Intelligence Platform (TIP), ServiceNow Security Operations and Splunk SOAR. See our IBM Resilient vs. Rapid7 InsightConnect report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.