Likelihood to Recommend I'll go with where it's very suited in certain industries, including ours where the data resides or where it's being sent is incredibly important. So because the data stays within Microsoft World Garden, we are able to piggyback off of a lot of those certifications and meet certain requirements that allow us to expand where we sell our product to outside of scopes that we couldn't reach ourselves.
Read full review Where Rapid7 InsightConnect excels is in environments needing the whole suite of virus protection and monitoring. In our environment we use it to make sure we have visibility over all endpoints, servers, hosts, and clusters to make sure that there are no vulnerabilities being left unattended too. It is also best in large environments. Since there are many endpoints, the automation from Rapid7 helps manage them all in an efficient manner.
Read full review Pros It is a good tool for threat detection and analysis of the threats. We are using this tool for real time threat detection on our employee machines as well as some servers. It provides various options for collecting data sources by leveraging multiple sources using data connectors. This helps us in gathering data from multiple sources such as our servers as well as our employee machines. One good thing about this tool is automated incident response thereby increasing the security of servers. Read full review The most significant difference is that we no longer have to examine endpoints and devices separately. The cost. The impact on the safety and efficiency of our business. Read full review Cons 'Notebook' has always been a very hard to use feature for me in Sentinel. From my experience, there have been a very selective use cases for this feature across the industry. 'Entity Behavior' has some scope to be improved further since it is a feature that gives some useful insights but needs to be accessed separately. I think it should be re-worked in a way to be used within the incident investigation page. I'd like to see a more user-friendly version of the 'Content Hub' menu which was the earlier version! The new UI is somewhat confusing to use and is dependent on a lot of filters being applied which do not even lasts for a single session. With each refresh, we have to apply the filters again. Read full review It would be great if Rapid7 InsightConnect could be configured based on pre determined specifications when installing the agent. We've noticed that at times, there are certain network parameters needed in order for Rapid7 to collect and report data efficiently. Sometimes there are issues with the discovery scan in Rapid7 making it hard to configure in the beginning. Read full review Usability The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
Read full review It's incredibly easy to set up, to use, to detect threats. It's easy to change, tweek and very quick to resolve all issues
Read full review Support Rating Azure Sentinel is very easy to use and configure. If you are stuck somewhere, Microsoft support is excellent in assisting and solving your issue.
Read full review Alternatives Considered I use most of the Sims that are out there, but RSAs, old Sim Log, logic, elastic, a lot of them. Sumo, we checked out Sumo too. We're a Microsoft shop and live almost entirely on top of a Microsoft ecosystem. We are considering other Microsoft security products to integrate with it. So it made a lot of sense to really drive as hard as we could Microsoft Sim at least for a few years to make sure it would fit us.
Read full review Palo Alto was slightly cheaper, but more complex and would need the training to be effective. Splunk was comparative from a price standpoint, but the automation features of Rapid7 InsightConnect outweighed those of Splunk SOAR. Honestly, all of these are great choices, but for our environment, it made more sense to go with Rapid7.
Read full review Professional Services Did not use professional services
Read full review Return on Investment Log Management is a little difficult in-house as everything is situated on the cloud. Paying according to the throughput of the data can be costlier for some organizations. Excellent integration and log parsing for Microsoft products save many man-hours for the SIEM admin to focus on other things. Read full review The automation and integration we set up in the dev cycle helped us provide evidence in audits The automation and integration we set up in the dev cycle helped us fix vulns in our software prior to implementation thus increasing our security Automations save massive time and headache's between infosec and devs Read full review ScreenShots Microsoft Sentinel Screenshots