We performed a comparison between LogRhythm UEBA and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two User Entity Behavior Analytics (UEBA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I have found the ability to delete unwanted threats beneficial."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"The solution is well integrated with applications. It is easy to maintain and administer."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"The summarization of emails is a valuable feature."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"The integration, visibility, vulnerability management, and device identification are valuable."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The tool's most valuable feature is server threat hunting."
"It has a lot of features. It has file integration monitoring."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"The most valuable features are file activity monitoring and registry activity monitoring."
"Good capability pinpointing specific cyber incidents."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"The solution's most valuable features are the graphical user interface and the reporting."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"I like the tool's user analysis feature."
"InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"I rate Rapid7 nine out of 10 for affordability"
"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"There could be a way to proactively monitor unusual activity ."
"The mobile app support for Android and iOS is difficult and needs improvement."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"The cloud version is lacking and not up to par."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
"The UI could be improved a little bit."
"Lacks a mobile application."
"Needs a better ability to customize the check within the console."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"The dashboard is an area that could be simplified."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"The APIs can be further improved in Rapid7."
LogRhythm UEBA is ranked 12th in User Entity Behavior Analytics (UEBA) with 10 reviews while Rapid7 InsightIDR is ranked 3rd in User Entity Behavior Analytics (UEBA) with 29 reviews. LogRhythm UEBA is rated 7.2, while Rapid7 InsightIDR is rated 8.4. The top reviewer of LogRhythm UEBA writes "Detects unusual logins but dashboards need improvement ". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". LogRhythm UEBA is most compared with Wazuh, Darktrace, CrowdStrike Falcon, Trend Micro Deep Discovery and Aruba IntroSpect, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and Microsoft Defender for Identity. See our LogRhythm UEBA vs. Rapid7 InsightIDR report.
See our list of best User Entity Behavior Analytics (UEBA) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
