We performed a comparison between LogRhythm UEBA and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two User Entity Behavior Analytics (UEBA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"The most valuable feature is the network security."
"The threat intelligence is excellent."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"The tool's most valuable feature is server threat hunting."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"The most valuable features are file activity monitoring and registry activity monitoring."
"The solution's most valuable features are the graphical user interface and the reporting."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"It has a lot of features. It has file integration monitoring."
"Good capability pinpointing specific cyber incidents."
"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"I like that it's a cloud-based solution."
"Log search allows us to dive deep into aggregated logs and query all event types at once."
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
"Rapid7's reporting is more robust than Tenable's."
"It is a very stable solution."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"Advanced attacks could use an improvement."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"The search feature needs to be improved."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"The UI could be improved a little bit."
"The cloud version is lacking and not up to par."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"The APIs can be further improved in Rapid7."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"Needs a better ability to customize the check within the console."
"I feel it would greatly benefit from more supported log sources."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"Inability to get access to compliance reports within the solution."
LogRhythm UEBA is ranked 12th in User Entity Behavior Analytics (UEBA) with 10 reviews while Rapid7 InsightIDR is ranked 3rd in User Entity Behavior Analytics (UEBA) with 29 reviews. LogRhythm UEBA is rated 7.2, while Rapid7 InsightIDR is rated 8.4. The top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". LogRhythm UEBA is most compared with Wazuh, Darktrace, CrowdStrike Falcon, Trend Micro Deep Discovery and Aruba IntroSpect, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar. See our LogRhythm UEBA vs. Rapid7 InsightIDR report.
See our list of best User Entity Behavior Analytics (UEBA) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
