We just raised a $30M Series A: Read our story
2018-04-22T07:58:00Z

What needs improvement with Rapid7 InsightIDR?

37

Please share with the community what you think needs improvement with Rapid7 InsightIDR.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
Guest
77 Answers

author avatar
Top 5LeaderboardReal User

I'd like to be able to get the compliance report within the solution which is currently not possible. For example, the P-Series was around 77001 compliance report of your SIEM solution. That option is unfortunately not available.

2021-09-08T16:38:09Z
author avatar
Top 5Real User

I'd like to see a mobile application included and some feature related to the generality of segregation for internal users that access the application.

2021-07-21T17:38:17Z
author avatar
Top 5Real User

The dashboard is an area that could be simplified. For management, it should be clear and the files should be there.

2021-04-05T12:07:13Z
author avatar
Top 20Real User

Earlier they didn't have a network flow capture product, so they were not able to capture the network flows. We were able to capture the logs but not the network flows. Now, they have acquired a company called NetFort, and now they are also using the capture network flows. This was one of the shortcomings of the product which they have now rectified after acquisition of the company. Cloud risk assessment is one area where I think they need a lot of improvement. The solution should have a CIS Benchmark in terms of, I would say, config change detection.

2020-07-19T08:15:52Z
author avatar
Top 20Real User

The only thing I can think of to improve the product is that the interface for doing investigation needs to be enhanced. For example, we can add notes through the interface, but we can not attach files to the investigation. It would be a useful addition. It would give us more flexibility to resolve more complicated situations.

2020-01-07T06:27:00Z
author avatar
Real User

The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in.

2018-10-02T19:05:00Z
author avatar
Real User

Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition.

2018-04-22T07:58:00Z
Find out what your peers are saying about Rapid7, Splunk, IBM and others in Security Information and Event Management (SIEM). Updated: October 2021.
540,984 professionals have used our research since 2012.