Rapid7 InsightIDR Room for Improvement

Chad Kliewer
Information Security Officer at a comms service provider with 501-1,000 employees
I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert. View full review »
Information Security Manager at a tech vendor with 51-200 employees
The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in. View full review »
Aaron Harris
Information Security Officer at a tech vendor with 201-500 employees
Although the solution has been improving continually in the time I have been using it, there could be areas of improvement. The one thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not. View full review »
Security Manager
Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition. View full review »
Database Administrator with 501-1,000 employees
Threat Intelligence: It would be useful to import threat intelligence in YARA format along with known incorrect email addresses. View full review »
Josh Serna
Information Security Systems Administrator at a non-tech company with 5,001-10,000 employees
Personally, I feel it would greatly benefit from more supported log sources. Additionally, the ability to tune the collector for custom logs would greatly help. View full review »

Sign Up with Email