RackFoundry Total Security Management (discontinued) vs. Rapid7 InsightIDR

RackFoundry Total Security Management (TSM) is suited for most companies that have the same challenge as my team had. If you are looking to purchase one security tool and spend most of your allocated budget then I would not recommend this for you. However, if you are looking for something close to a single pane of glass, (granted there is no such thing) this solution does come close as they have the main components built in such as their FW/IPS/IDS/SIEM. Before selecting RackFoundry we had two options which were: 1) Upgrade our current solution and spend an overbearing amount 2) Search for new vendors and maybe procure 1-3 devices and then manually integrate them. Because this was a unified console and integration between devices was simple, we were able to obtain 4-6 security functions and we even had some sense of security visibility via the SIEM. It's not as powerful as Splunk or LogRhythm, but it definitely does the job

It has been brilliant for us in terms of understanding the behaviour affecting our endpoints and assets. We have full visibility of our alerts, which menas we can act on them immediately. We use a single pain of glass with dashboards that can be easily drilled down into to get further information. It has laso helped us eo create bespoke reports for senios Managmeent, while at the same time supports other teams like Network Mnagement and Operations.

Incentivized

• Making promises about a service and product.
• Advertising a good price and offering great services.
• Supposedly offer 24/7 365 level 1 threat triaging.

• Rapid7 InsightIDR does a very good job at keeping virus definitions up to date so that our threat intelligence is very up to date when knowing what to protect against.
• It helps us by scanning all of our infrastructure components and highlights where improvements need to be made in security so we can be proactive with our security initiatives.
• It has automated response mechanisms to triage and resolve any potentials risks allowing us to save time in the long run.

Incentivized

• It has been my first year with Rack Foundry and at this point I have to say everything has been smooth, from implementation to support.

• Sometimes Rapid7 InsightIDR will be too locked down and without knowing will block applications and processes needed for day to day operation.
• System scans with Rapid7 InsightIDR can be very bandwidth-heavy on the network and system resources.
• From a recent incident, we have seen more and more false positives from Rapid7 InsightIDR on areas that we know are secure.

Incentivized

Well I have experience with the big names: SecureWorks, IBM and Splunk. Individually their logging tools are much better than RackFoundry's Total Security Management. This is great for large corporations and urban cities, however not so great for municipalities, mid size businesses and companies who fluctuate between 1-7 members on their IT staff. Why? Because it takes too much of their resources and integration with other products gets a little rough as you will need to configure your preferences to theirs. When a company has stability it is great to have a name brand product, however renewals and upgrade costs can be taxing to an organization.

The biggest advantage it has the lightweight agent and smooth and less traffic chaos in network during log collection. Cloud Security always require extra efforts but InsightIDR reduce that burden as it has highly anticipated agents to which knows what they need to do when they captured malicious traffic.log collection and threat intelligence is major part in and xdr and here it stand out along others in the market, I started my career as qualys administration but I like InsightIDR much now.

Incentivized

• Overall the product has had a negative impact. Not necessarily on our environment but in the amount of time it has taken to deploy.

• Rapid7 InsightIDR has allowed us to be proactive in securing our systems as the vulnerability scans give us a lens at what we need to fortify when it comes to security.
• In recent incidents its allowed us to save time and money as it mostly detects issues accurately and we are able to bring systems back quickly without too much downtime for the business.
• With recent updates, we are confident that Rapid7 InsightIDR is a good solution for the long run as they are always making adjustments to their platform and improving it with every release.

Incentivized