We performed a comparison between Oracle Security Monitoring and Analytics Cloud Service and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out what your peers are saying about IBM, Splunk, Rapid7 and others in User Entity Behavior Analytics (UEBA)."The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"The security level that they are maintaining with the pre-authentication keys is very good."
More Oracle Security Monitoring and Analytics Cloud Service Pros →
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
"The UI is very good."
"The web interface is great — very useful and user-friendly."
"InsightIDR helps us investigate an environment to discover information about incidents."
"Features for user behavior analytics and the rules for attack review are good."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"One key area that can be improved is by building a strong integration with our XDR platform."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"The solution could improve by providing better documentation for beginners to learn, such as videos or other tutorials."
More Oracle Security Monitoring and Analytics Cloud Service Cons →
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"The ability to tune the collector for custom logs would greatly help."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"The dashboard is an area that could be simplified."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
More Oracle Security Monitoring and Analytics Cloud Service Pricing and Cost Advice →
Earn 20 points
Oracle Security Monitoring and Analytics Cloud Service is ranked 21st in User Entity Behavior Analytics (UEBA) while Rapid7 InsightIDR is ranked 3rd in User Entity Behavior Analytics (UEBA) with 29 reviews. Oracle Security Monitoring and Analytics Cloud Service is rated 7.0, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Oracle Security Monitoring and Analytics Cloud Service writes " Easy to install, highly secure standards, and reliable". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Oracle Security Monitoring and Analytics Cloud Service is most compared with AWS Security Hub, LogRhythm SIEM, IBM Security QRadar and Exabeam Fusion SIEM, whereas Rapid7 InsightIDR is most compared with Darktrace, Splunk Enterprise Security, Rapid7 InsightVM, IBM Security QRadar and Microsoft Defender for Identity.
See our list of best User Entity Behavior Analytics (UEBA) vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.