We performed a comparison between NNT Log Tracker Enterprise and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The product can integrate with any device."
"Free ingestion for Azure logs (with E5 licence)"
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The SOAR playbooks are Sentinel's most valuable feature. It gives you a unified toolset for detecting, investigating, and responding to incidents. That's what clearly differentiates Sentinels from its competitors. It's cloud-native, offering end-to-end coverage with more than 120 connectors. All types of data logs can be poured into the system so analysis can happen. That end-to-end visibility gives it the advantage."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"This is a very easy-to-use interface with a quick ramp-up time."
"The FIM features in the Change Tracker and the Log Tracker are the most valuable."
"File integrity monitoring is a very important function."
"The most valuable feature is the predefined reports for PCI compliance."
"The web interface is great — very useful and user-friendly."
"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"Log search allows us to dive deep into aggregated logs and query all event types at once."
"Great coverage of all systems within our network from endpoint to firewall."
"Features for user behavior analytics and the rules for attack review are good."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"We are invoiced according to the amount of data generated within each log."
"It is able to identify the vulnerability, however, they need an option to auto-mitigate."
"Only one minor deployment issue came up and it was resolved quickly. No other areas of improvement come to mind yet."
"I would like to see the integration of AI technology, so rather than manually monitoring the logs, the tool will understand it and take care of it."
"The correlation suite needs to be improved."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"The ability to tune the collector for custom logs would greatly help."
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"They should add more configuration and security features to it."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
NNT Log Tracker Enterprise is ranked 42nd in Security Information and Event Management (SIEM) with 4 reviews while Rapid7 InsightIDR is ranked 13th in Security Information and Event Management (SIEM) with 29 reviews. NNT Log Tracker Enterprise is rated 8.2, while Rapid7 InsightIDR is rated 8.4. The top reviewer of NNT Log Tracker Enterprise writes "Great for PCI compliance but issues with stability and large amounts of data". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". NNT Log Tracker Enterprise is most compared with Cybereason Endpoint Detection & Response, whereas Rapid7 InsightIDR is most compared with Darktrace, Splunk Enterprise Security, Rapid7 InsightVM, IBM Security QRadar and Microsoft Defender for Identity.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.