We performed a comparison between Rapid7 InsightIDR and Trend Micro TippingPoint Threat Protection System based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM).
"Log aggregation and data connectors are the most valuable features."
"Sentinel pricing is good"
"The automation feature is valuable."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The initial setup is very simple and straightforward."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."
"Simple configuration and automatically syncs to the cloud platform."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
"The UI is very good."
"Log search allows us to dive deep into aggregated logs and query all event types at once."
"The solution is very scalable in terms of the licensing model."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"The solution's IDS functionality filters the traffic and blocks malware by blocking the connections."
"For intrusion detection and mitigation, it has helped us in sort of known signatures and all sorts of things. So, we're very happy with the engine. That's the work."
"The technical support on offer is very good."
"The monitoring is the most valuable feature."
"The IPS signatures and the IPS database that are given are much better than what is commonly available."
"You don't need any hardware because the solution is on the cloud. I like that Trend Micro TippingPoint Threat Protection System is easy to install and manage."
"I would rate TTPS's stability eight out of ten."
"The most valuable feature is the central command center, where we can control and manage the solution."
More Trend Micro TippingPoint Threat Protection System Pros →
"We'd like also a better ticketing system, which is older."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"I think the number one area of improvement for Sentinel would be the cost."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."
"I feel it would greatly benefit from more supported log sources."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"The ability to tune the collector for custom logs would greatly help."
"Price is a significant factor that requires attention to enhance the popularity of Tipping Point among mid-sized data centres. Currently, Tipping Point is primarily adopted by sizable data centres, and smaller defenders might find it financially challenging to acquire. Recognizing this, efforts are underway to potentially introduce diverse models with varying capacities. This adjustment aims to ensure that a broader range of data sizes can benefit from the solution. Also, the continuous evolution of Tipping Point is evident in its features, particularly the personalized dashboard and related aspects."
"There is room for improvement in customer service and support."
"The solution is pretty expensive."
"An area for improvement in Trend Micro TippingPoint Threat Protection System is the complexity of its interface."
"Trend Micro TippingPoint Threat Protection System needs strong Spanish-language support."
"I find Trend Micro TippingPoint Threat Protection System a bit clunky, and updating it can be a pain in the neck because you need to do it from time to time, so this is what needs to be improved in it. I would also rather have an all-in-one system that does intrusion detection, protection, web filtering, and also serves as a firewall, and my company is moving to an all-in-one solution, but I'm unsure of how soon that's going to be. Trend Micro TippingPoint Threat Protection System also doesn't have enough bandwidth to handle the required traffic within my company, so it's going to be replaced."
"It takes a lot of time before you're connected to an engineer, so an area for improvement in Trend Micro TippingPoint Threat Protection System is the response time of its technical support team."
"We need more integration. It would be good if Azure IPS and TippingPoint IPS and other products from Trend Micro like their DBI and IWSVA could talk between each other."
More Trend Micro TippingPoint Threat Protection System Cons →
More Trend Micro TippingPoint Threat Protection System Pricing and Cost Advice →
Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews while Trend Micro TippingPoint Threat Protection System is ranked 7th in Intrusion Detection and Prevention Software (IDPS) with 19 reviews. Rapid7 InsightIDR is rated 8.4, while Trend Micro TippingPoint Threat Protection System is rated 8.0. The top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". On the other hand, the top reviewer of Trend Micro TippingPoint Threat Protection System writes "Operates in-line in the network, blocking malicious and unwanted traffic". Rapid7 InsightIDR is most compared with Darktrace, Splunk Enterprise Security, Rapid7 InsightVM, IBM Security QRadar and Microsoft Defender for Identity, whereas Trend Micro TippingPoint Threat Protection System is most compared with Trend Micro Deep Discovery, Check Point IPS, Fortinet FortiGate IPS, Palo Alto Networks Advanced Threat Prevention and Cisco NGIPS.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
