Rapid7 InsightIDR Reviews

Filter by:Reset all filters
industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
rating
Loading...
Filter Unavailable
Chad Kliewer
Real User
Information Security Officer at a comms service provider with 501-1,000 employees
Mar 13 2018

What is most valuable?

InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the… more»

How has it helped my organization?

With the full suite of Rapid7 products, I am able to provide effective oversight to the information security program with measurable progress. This is a very difficult… more»

What needs improvement?

I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert.

What's my experience with pricing, setup cost, and licensing?

Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help.

If you previously used a different solution, which one did you use and why did you switch?

I actually purchased the predecessor, InsightUBA, which quickly changed into the insightIDR that we have today. There was no other previous solution.

What other advice do I have?

In the past I have made several requests and have had the opportunity to work with developers and user-interface specialists to add enhancements to the product. The effort… more»

Which other solutions did I evaluate?

I did not consider any other options in depth. Most other options I saw required one or more full-time employees to maintain.
Real User
Information Security Manager at a tech vendor with 51-200 employees
Oct 05 2018

What is most valuable?

The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort… more»

How has it helped my organization?

The focus on users/endpoints gives us so much more understanding of the events going on across the network, allowing us to step back from looking at logs only to see the… more»

What needs improvement?

The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user… more»

What's my experience with pricing, setup cost, and licensing?

Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's… more»

If you previously used a different solution, which one did you use and why did you switch?

A private ELK stack was used originally. We moved off of it as we wanted to ensure that we were focusing on the security of the company, and not writing log parsing rules… more»

What other advice do I have?

Have a plan going forward (Syslog exports, agent-based collection, etc.) and ensure WMI is available if using Windows Servers. It was very easy to set up, but… more»

Which other solutions did I evaluate?

AlienVault, LogRhythm, Qualys.
Find out what your peers are saying about Rapid7, Splunk, AT&T and others in Security Information and Event Management (SIEM). Updated: September 2019.
371,355 professionals have used our research since 2012.
Aaron Harris
Real User
Information Security Officer at a tech vendor with 201-500 employees
Mar 13 2018

What is most valuable?

* Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs. * Great coverage of all systems within our network from endpoint to… more»

How has it helped my organization?

We were able to identify criminals attempting to login from China and put a stop on their IP locations.

What needs improvement?

Although the solution has been improving continually in the time I have been using it, there could be areas of improvement. The one thing that springs to mind is easier… more»

What's my experience with pricing, setup cost, and licensing?

I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.

If you previously used a different solution, which one did you use and why did you switch?

This was our first look at a security as a single entity. After creating a threat register, we were able to mitigate over two-thirds of the threats with this one product.

What other advice do I have?

Use it. The setup is minimal, but the payback is phenomenal.

Which other solutions did I evaluate?

At the time, there was no other product that came close to InsightIDR feature set coupled with Rapid7's world leading security position producing other products, such as… more»
Real User
Security Manager
Sep 26 2018

What is most valuable?

The alerting to drive investigations and remediation has been its most valuable feature. Plus the ability to quickly search multiple logs makes investigations easier. Log… more»

How has it helped my organization?

The tool has improved my organization by: * Building a security alerting program; * IDR-driven improved patching; * Implementing IVM.

What needs improvement?

Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition.

What's my experience with pricing, setup cost, and licensing?

The pricing and licensing are competitive. Licensing is simple and straightforward.

If you previously used a different solution, which one did you use and why did you switch?

We did not previously use a different solution.

What other advice do I have?

You should use it to drive change within your IT from a security point of view. Run a PoC and see exactly what it can do for you. The simple setup means it will be running… more»

Which other solutions did I evaluate?

We did not evaluate any other solution in the market.
Real User
Database Administrator with 501-1,000 employees
Mar 14 2018

What is most valuable?

* User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day. * Log search allows us to dive deep into aggregated… more»

How has it helped my organization?

InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly.

What needs improvement?

Threat Intelligence: It would be useful to import threat intelligence in YARA format along with known incorrect email addresses.

What's my experience with pricing, setup cost, and licensing?

Accurately predict your licensing counts as this is a subscription based product.

If you previously used a different solution, which one did you use and why did you switch?

We did not use a previous solution.

What other advice do I have?

The product is a shift in paradigm being cloud-based with cloud storage. Be prepared to set up several virtual collector servers within your network, if you have a large… more»

Which other solutions did I evaluate?

We evaluated FireEye Helix, LogRhythm, Splunk, and IBM QRadar.
Josh Serna
Real User
Information Security Systems Administrator at a non-tech company with 5,001-10,000 employees
Mar 13 2018

What is most valuable?

The ability to ingest Office 365 log files, then process them into events and display them on a map. This feature is particularly useful as it allows us to view students who are attempting to bypass our content filters, and it shows us… more»

How has it helped my organization?

I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters.

What needs improvement?

Personally, I feel it would greatly benefit from more supported log sources. Additionally, the ability to tune the collector for custom logs would greatly help.

What's my experience with pricing, setup cost, and licensing?

This is a great product. The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.

Which other solutions did I evaluate?

We did PoC with a couple of other products. However, Rapid7 InsightIDR was the best product for our needs and budget. We evaluated LogRhythm and AlienVault. Both were inferior in regards to pricing or performance.

Articles

User Assessments By Topic About Rapid7 InsightIDR

Find out what your peers are saying about Rapid7, Splunk, AT&T and others in Security Information and Event Management (SIEM). Updated: September 2019.
371,355 professionals have used our research since 2012.

Rapid7 InsightIDR Questions

What is Rapid7 InsightIDR?

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Also known as
InsightIDR
Rapid7 InsightIDR customers

Liberty Wines, Pioneer Telephone, Visier

BUYER'S GUIDE
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Rapid7, Splunk, AT&T, and more!
Sign Up with Email