Microsoft Sentinel vs. Rapid7 InsightConnect

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Microsoft Sentinel
Score 8.1 out of 10
N/A
Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
$2.46
per GB ingested
Rapid7 InsightConnect
Score 9.9 out of 10
N/A
Rapid7 offers InsightConnect, a SOAR solution that integrates with existing solutions to orchestrate vulnerability management processes from notification to remediation, so users can ensure critical issues are being addressed with every security advisory that comes in—while leaving human decision points where most critical. Automate actions to scan, find patches, and verify remediation.N/A
Pricing
Microsoft SentinelRapid7 InsightConnect
Editions & Modules
Azure Sentinel
$2.46
per GB ingested
100 GB per day
$123.00
per day
200 GB per day
$221.40
per day
300 GB per day
$319.80
per day
400 GB per day
$410.00
per day
500 GB per day
$492.00
per day
More than 500 GB per day
$492.00 + $98.40
per day/plus each additional 100 GB increment
No answers on this topic
Offerings
Pricing Offerings
Microsoft SentinelRapid7 InsightConnect
Free Trial
YesNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Microsoft SentinelRapid7 InsightConnect
Top Pros
Top Cons
Features
Microsoft SentinelRapid7 InsightConnect
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
Microsoft Sentinel
7.5
24 Ratings
4% below category average
Rapid7 InsightConnect
-
Ratings
Centralized event and log data collection8.224 Ratings00 Ratings
Correlation7.324 Ratings00 Ratings
Event and log normalization/management7.324 Ratings00 Ratings
Deployment flexibility7.522 Ratings00 Ratings
Integration with Identity and Access Management Tools7.322 Ratings00 Ratings
Custom dashboards and workspaces7.224 Ratings00 Ratings
Host and network-based intrusion detection6.320 Ratings00 Ratings
Data integration/API management7.122 Ratings00 Ratings
Behavioral analytics and baselining7.120 Ratings00 Ratings
Rules-based and algorithmic detection thresholds7.822 Ratings00 Ratings
Response orchestration and automation7.921 Ratings00 Ratings
Reporting and compliance management9.04 Ratings00 Ratings
Incident indexing/searching8.022 Ratings00 Ratings
Best Alternatives
Microsoft SentinelRapid7 InsightConnect
Small Businesses
AlienVault USM
AlienVault USM
Score 8.0 out of 10

No answers on this topic

Medium-sized Companies
InsightIDR
InsightIDR
Score 9.1 out of 10
Splunk SOAR
Splunk SOAR
Score 8.2 out of 10
Enterprises
InsightIDR
InsightIDR
Score 9.1 out of 10
Palo Alto Networks Cortex XSOAR
Palo Alto Networks Cortex XSOAR
Score 7.9 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Microsoft SentinelRapid7 InsightConnect
Likelihood to Recommend
8.2
(43 ratings)
7.9
(7 ratings)
Likelihood to Renew
8.2
(1 ratings)
-
(0 ratings)
Usability
7.3
(4 ratings)
9.0
(1 ratings)
Support Rating
8.0
(3 ratings)
-
(0 ratings)
Professional Services
5.0
(1 ratings)
-
(0 ratings)
User Testimonials
Microsoft SentinelRapid7 InsightConnect
Likelihood to Recommend
Microsoft
I'll go with where it's very suited in certain industries, including ours where the data resides or where it's being sent is incredibly important. So because the data stays within Microsoft World Garden, we are able to piggyback off of a lot of those certifications and meet certain requirements that allow us to expand where we sell our product to outside of scopes that we couldn't reach ourselves.
Read full review
Rapid7
Where Rapid7 InsightConnect excels is in environments needing the whole suite of virus protection and monitoring. In our environment we use it to make sure we have visibility over all endpoints, servers, hosts, and clusters to make sure that there are no vulnerabilities being left unattended too. It is also best in large environments. Since there are many endpoints, the automation from Rapid7 helps manage them all in an efficient manner.
Read full review
Pros
Microsoft
  • It is a good tool for threat detection and analysis of the threats. We are using this tool for real time threat detection on our employee machines as well as some servers.
  • It provides various options for collecting data sources by leveraging multiple sources using data connectors. This helps us in gathering data from multiple sources such as our servers as well as our employee machines.
  • One good thing about this tool is automated incident response thereby increasing the security of servers.
Read full review
Rapid7
  • The most significant difference is that we no longer have to examine endpoints and devices separately.
  • The cost.
  • The impact on the safety and efficiency of our business.
Read full review
Cons
Microsoft
  • 'Notebook' has always been a very hard to use feature for me in Sentinel. From my experience, there have been a very selective use cases for this feature across the industry.
  • 'Entity Behavior' has some scope to be improved further since it is a feature that gives some useful insights but needs to be accessed separately. I think it should be re-worked in a way to be used within the incident investigation page.
  • I'd like to see a more user-friendly version of the 'Content Hub' menu which was the earlier version! The new UI is somewhat confusing to use and is dependent on a lot of filters being applied which do not even lasts for a single session. With each refresh, we have to apply the filters again.
Read full review
Rapid7
  • It would be great if Rapid7 InsightConnect could be configured based on pre determined specifications when installing the agent.
  • We've noticed that at times, there are certain network parameters needed in order for Rapid7 to collect and report data efficiently.
  • Sometimes there are issues with the discovery scan in Rapid7 making it hard to configure in the beginning.
Read full review
Usability
Microsoft
The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
Read full review
Rapid7
It's incredibly easy to set up, to use, to detect threats. It's easy to change, tweek and very quick to resolve all issues
Read full review
Support Rating
Microsoft
Azure Sentinel is very easy to use and configure. If you are stuck somewhere, Microsoft support is excellent in assisting and solving your issue.
Read full review
Rapid7
No answers on this topic
Alternatives Considered
Microsoft
I use most of the Sims that are out there, but RSAs, old Sim Log, logic, elastic, a lot of them. Sumo, we checked out Sumo too. We're a Microsoft shop and live almost entirely on top of a Microsoft ecosystem. We are considering other Microsoft security products to integrate with it. So it made a lot of sense to really drive as hard as we could Microsoft Sim at least for a few years to make sure it would fit us.
Read full review
Rapid7
Palo Alto was slightly cheaper, but more complex and would need the training to be effective. Splunk was comparative from a price standpoint, but the automation features of Rapid7 InsightConnect outweighed those of Splunk SOAR. Honestly, all of these are great choices, but for our environment, it made more sense to go with Rapid7.
Read full review
Professional Services
Microsoft
Did not use professional services
Read full review
Rapid7
No answers on this topic
Return on Investment
Microsoft
  • Log Management is a little difficult in-house as everything is situated on the cloud.
  • Paying according to the throughput of the data can be costlier for some organizations.
  • Excellent integration and log parsing for Microsoft products save many man-hours for the SIEM admin to focus on other things.
Read full review
Rapid7
  • The automation and integration we set up in the dev cycle helped us provide evidence in audits
  • The automation and integration we set up in the dev cycle helped us fix vulns in our software prior to implementation thus increasing our security
  • Automations save massive time and headache's between infosec and devs
Read full review
ScreenShots

Microsoft Sentinel Screenshots

Screenshot of Screenshot of Screenshot of Microsoft Sentinel Capabilities