Overall, I rate the solution a nine out of ten.

I would rate Rapid7 InsightIDR an eight out of ten. 

I suggest that those who plan to use the solution give it a try since it is free for a couple of months. The solution has really easy setup and deployment phases, and you can even remove it from your environment if you want to do so later.

I rate the overall product a nine out of ten.

I have never been involved with any maintenance process related to Rapid7 InsightIDR.

To those who plan to use the solution, I suggest that they undertake a training program to understand the product.

I rate the overall tool an eight out of ten.

The benefit of the solution, first of all, is that it's cost-effective. It is also a Gartner leading solution, which provides more credibility in the customer's eyes. Eventually, it benefits us to translate that credibility into achieving more and more revenue through it.

I recommend Rapid7 InsightIDR for SMB companies because there are better options in the market for enterprises.

I rate the solution an eight out of ten.

In one instance, we faced a threat from the DarkSide ransomware, known for its ability to execute without requiring administration privileges, including a privilege escalation part. This particular ransomware was embedded in an Excel file, and it didn't need any administrative privileges for execution. The hackers cleverly concealed the DarkSide ransomware within an Excel file. When an unsuspecting team member tried to open the file, an alert indicated the malicious nature of the Excel file.

The employee was unaware that the  Excel file contained a ransomware threat. As security personnel monitoring the endpoint received an alert, they immediately contacted the individual, notifying them about the presence of the DarkSide ransomware. The security team advised against opening the file and guiding the user to delete it.

I cannot compare Rapid7 InsightIDR with other tools directly because it has integrated both EDR and SIM. It combines these functionalities into an XDR platform, operating at a different level compared to other services. Additionally, the network analysis provided is wonderful.

The product is easy to use and easy to understand. It is lightweight. I rate it a nine out of ten.

I recommend it for easy deployment, enabling swift detection from endpoints to the cloud. This accelerates security orchestration across various environments and endpoints, aiding in risk mitigation within hybrid environments. The system is valuable for discovering new threats and offers exposure management to enhance understanding of the entire security operation.

One of the biggest reasons why we chose it as our security platform was that it is not only for security monitoring. We could see a lot of improvements coming over the next couple of years. Automation is one of the things that will be really important in the next few years. It is already there, but we didn't buy it.

I would rate it a nine out of ten.

I rate Rapid7 InsightIDR six out of 10.

I rate the overall solution a nine out of ten.

The tool has improved the efficiency of security incident detection and response in our company as it works fairly well. It is possible to enhance the capabilities of the platform since the solution offers a whole stack or suite of tools. When dealing with Rapid7 InsightIDR, you will see the integration capabilities offered are extremely seamless. Rapid7 InsightIDR offers its own set of features that enrich the capabilities of the vulnerability management tool. In general, the product's features increase the solution's overall capabilities in terms of reporting and detection of vulnerabilities.

I can't remember a scenario where the product was effective in threat hunting or investigation. Rapid7 InsightIDR is a very acceptable product for people who want a cloud-based solution. The product is not available on an on-premises version. The product can be useful for industries ranging from SMBs to large-sized companies where there is a need for a tool that can be very easily rolled out at a very effective and attractive price point that gives them very good coverage from a cybersecurity perspective.

Speaking about how the product has enhanced the security posture in our company, I would say that I am not really sure about the capabilities of the UABA part of the solution since I haven't seen many use cases around it.

Rapid7 InsightIDR mean time-to-detect and mean time-to-respond are fairly good because Rapid7's support team does pick up a ticket whenever it is raised from the users' end, but its mean time-to-resolve has some concerns since some of the tools under Rapid7 are available on an on-premises model. In specific to InsightIDR, I think that everything is very good, including areas like detection, MTTD, and MTTR, which are very good in InsightIDR specifically. The product can improve a bit in the area of MTTD and MTTR.

Rapid7 InsightIDR's integration capabilities with other tools are not an area I have experience with since the product is completely available on the cloud. I believe that whatever integrations users want from the product would work since it is a solution that is available on the cloud. I don't have personal experience with the integration part.

I rate the overall tool a seven out of ten.

Compared to other solutions, Rapid7 is more flexible to use. We install, gather, and monitor logs easily with its help. I rate it as an eight.

In the past I have made several requests and have had the opportunity to work with developers and user-interface specialists to add enhancements to the product. The effort that Rapid7 puts into the user interface, after gaining first-hand use-case information directly from us, the end users, is unprecedented.  Even when I worked for much larger companies, I did not see so many suggestions turn into reality.

Be sure to take full advantage of the agents. I have not seen any performance problems on the endpoints, and having this level of information from outside the network is difficult otherwise.

I rate Rapid7 InsightIDR an eight out of ten.

I rate InsightIDR eight out of 10. It's worth a try. InsightIDR provides excellent visibility and threats. The network detection is fast, so you get alerts as soon as something happens. 

I rate InsightIDR eight out of a 10.  I would recommend it for a customer who isn't dead-set on an on-prem deployment. They can subscribe to Rapid7 because it is more valuable and delivers a greater return on investment. The initial setup is quick. There's no need to pay for hardware and it's easy to scale. Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log. With other products, you might need to contact a consultant certified by the vendor to do the integration. 

Have a plan going forward (Syslog exports, agent-based collection, etc.) and ensure WMI is available if using Windows Servers. It was very easy to set up, but troubleshooting can be "fun" if an endpoint doesn't connect correctly. Don't be shy of support requests. They'd rather you be "that person" that keeps getting support, rather than being the one that ran into an issue and stopped using the product.

I rate Rapid7 InsightIDR seven out of 10. 

The solution suits any size company, whether small, medium, or enterprise, it's a very good fit for all devices. The only drawback, for now, is the intel feeds which don't support any TAXII or STIX feeds so they need to be done manually. 

I rate the solution eight out of 10. 

The product is a shift in paradigm being cloud-based with cloud storage. Be prepared to set up several virtual collector servers within your network, if you have a large network.

This solution is suited to all sizes of organizations. We generally deal with small and medium-sized companies.  

I rate this solution eight out of 10. 

You should use it to drive change within your IT from a security point of view. Run a PoC and see exactly what it can do for you. The simple setup means it will be running in no time and you will get meaningful alerts straight away.

Use it. The setup is minimal, but the payback is phenomenal.

Overall, I rate Rapid7 InsightIDR a nine out of ten.

On a scale from one to ten where one is the worst and ten is the best, I would rate this product as a nine-out-of-ten. It is very good but it could be better with a few details that would improve the utility of the investigations interface.  

It is a good solution but just has some API issues. I rate the solution an eight out of ten. 

I am not able to recommend this solution at this time. I don't know it well enough yet. Similarly, it is difficult to say at this time what needs to be improved. We need more time to explore.

I would rate this solution a seven out of ten, only because I have recently started using it.

We are solution partners.

The solution has a console with everything on the cloud, however, only the centers, the log collectors, are on-premise. This solution is actually cloud-based.

People who want a solution, a very simplified and easy to start, and then they want to start immediately on a solution with fewer complications, so those would be the right customers. You can say SME, mid and large actually, but I think mid and large enterprises would be the right fitment.

I would recommend the solution. Rapid7's professional services, including their planning, architecture, deployment, et cetera is up to the mark. I would recommend having a few workdays, in the initial planning stage, maybe for assessment of the solution and to take some time to understand everything before beginning. New users should reach out to their Rapid7 professional services for the planning portion of the implementation process.

I would rate the solution eight out of ten.