Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
$2.46
per GB ingested
InsightIDR
Score 8.7 out of 10
N/A
In addition to their incident response service, Rapid7 offers InsightIDR, a combined XDR and SIEM that provides user behavior and threat analytics.
$5.89
per month per asset
Pricing
Microsoft Sentinel
Rapid7 InsightIDR
Editions & Modules
Azure Sentinel
$2.46
per GB ingested
100 GB per day
$123.00
per day
200 GB per day
$221.40
per day
300 GB per day
$319.80
per day
400 GB per day
$410.00
per day
500 GB per day
$492.00
per day
More than 500 GB per day
$492.00 + $98.40
per day/plus each additional 100 GB increment
InsightIDR Advanced
$5.89
per month per asset
Offerings
Pricing Offerings
Microsoft Sentinel
InsightIDR
Free Trial
Yes
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
*500 asset minimum. Billed annually. All amounts are shown in U.S. dollars. International prices vary.
The biggest advantage it has the lightweight agent and smooth and less traffic chaos in network during log collection. Cloud Security always require extra efforts but InsightIDR reduce that burden as it has highly anticipated agents to which knows what they need to do when they …
It's certainly well-suited in environments that rely heavily on Microsoft products, and it's well-suited for environments where you have other business drivers to go to the E5 license. If I were to say where I would not and why, I only gave it a seven on the recommendation, that answer would probably vary if you already owned E5 or not. It's extremely expensive. And if there are other alternatives, if you don't have any other driving reason to go to E5, I would coach you not to go to Microsoft Sentinel. But if you're there, it's a fantastic property. It's certainly part of the cost argument for moving to E5, but it's only a part. It can't by itself justify the move to E5.
It has been brilliant for us in terms of understanding the behaviour affecting our endpoints and assets. We have full visibility of our alerts, which menas we can act on them immediately. We use a single pain of glass with dashboards that can be easily drilled down into to get further information. It has laso helped us eo create bespoke reports for senios Managmeent, while at the same time supports other teams like Network Mnagement and Operations.
It's the scale. Having built-in detections and vulnerabilities and the ability to see into the traffic flows is absolutely key. Look at it from my perspective as network security. We want to see what's going on east, west, between all the kinds of subscriptions and the tenants. We don't have that. We don't have that with any other product. Microsoft Sentinel gives us that kind of visibility.
Rapid7 InsightIDR does a very good job at keeping virus definitions up to date so that our threat intelligence is very up to date when knowing what to protect against.
It helps us by scanning all of our infrastructure components and highlights where improvements need to be made in security so we can be proactive with our security initiatives.
It has automated response mechanisms to triage and resolve any potentials risks allowing us to save time in the long run.
An area for improvement is how case management is surfaced within the Microsoft Sentinel experience, as clearer integration into Sentinel workflows would reduce context switching and improve incident handling.
There is an opportunity to further expand agentic, autonomous investigation and response capabilities.
Because, as I said, it still lacks a lot of things, like many playbooks outside the Copilot integrations and the actual remediation. For example, for Microsoft Sentinel and SAP, I would want to see Copilot doing a lot of remediations in Microsoft Sentinel at SAPN, like executing the transaction code, maybe creating certain increases, or remediating stuff like that, which is all customized.
Microsoft support is one of the highest rated on the market. It has global and multilingual support. Calls can be made over the phone and the solution is virtually instantaneous with the help of Microsoft engineers. It's great!
Microsoft Sentinel excels in cloud-native scalability, Microsoft ecosystem integration, and AI-driven threat detection with UEBA and Fusion rules, offering faster deployment and lower costs (48% cheaper per Forrester) than Splunk, QRadar, Exabeam, SentinelOne, Securonix, and Wazuh. It lags in third-party integrations and syslog parsing. Organizations choose Microsoft Sentinel for its cost-effectiveness, automation, and Microsoft synergy, especially in Azure-heavy environments, though Splunk and Exabeam lead in flexibility and UEBA, respectively.
The biggest advantage it has the lightweight agent and smooth and less traffic chaos in network during log collection. Cloud Security always require extra efforts but InsightIDR reduce that burden as it has highly anticipated agents to which knows what they need to do when they captured malicious traffic.log collection and threat intelligence is major part in and xdr and here it stand out along others in the market, I started my career as qualys administration but I like InsightIDR much now.
As any cybersecurity product, this has to be more with risk to avoid loss in case of a ransomware that more than relate to a productivity increase. Maybe the impact could be that instead of having people that are checking 24/7 the dashboard, you could implement Sentinel and have less people checking that or people with less expertise. So the saving will be a minor but will be a saving in the cost of your team.
Rapid7 InsightIDR has allowed us to be proactive in securing our systems as the vulnerability scans give us a lens at what we need to fortify when it comes to security.
In recent incidents its allowed us to save time and money as it mostly detects issues accurately and we are able to bring systems back quickly without too much downtime for the business.
With recent updates, we are confident that Rapid7 InsightIDR is a good solution for the long run as they are always making adjustments to their platform and improving it with every release.
