InsightIDR

We use it mainly as our incident detection and response application of

choice, but it has helped us out enormously with its feature rich

capabilities in numerous other areas. InsightIDR provides us with a

single pane of glass view that allows us to have maximum visibility of

our endpoints, while being aware of all assets, even newly created

ones. It also allows us the ability to view and act on alerts in real

time by conducting deep root cause analysis with additional functions.

Our installation is cloud based so we have integration with other

applications. Additionally, Reports can be formulated with ease and convenience and on a bespoke basis.

• Improved Visibility of Alerts
• Simple and clear collection of detected incidents
• Log usage and managment has been made easier
• Safe and secure Cloud implementation and then integration with APIs

• Greater cost effective visibility of all alerts and incidents
• Complete integration with other applications and APIs
• Full Security orchestration with single pain of glass. Nothing is missed, so no ectra cots have to be incurred with impelmenting other software
• Fantastic excellent reporting tool

We as a financial services provider required to adhare with customer need which is security in current world and to protect those we have to secure our network and endpoint with every single possible attack scenario which are actively and passively try to invade and can cause problems. These infra includes cloud platform which includes AWS, Azure and Oracle and some in-house data centres so get a smooth coverage we used InsightIDR to bring everything under one umbrella.

• Incident detection and response
• Higher network visibility
• Reporting

• Minimising the Risk
• Lowering Manual Efforts
• Time

Microsoft Sentinel and Qualys Context XDR

Qualys Cloud Platform, Tenable Cloud Security, Microsoft Sentinel

When I arrived at my org vulnerability management was done ad hoc using an inexpensive NESSUS license. But this didn't provide results in a good manageable format. The idea was to be able to automate regular scanning and present the results in a format that would allow responsible asset owners to see the status of their systems and insofar as possible make it a self-service experience, taking as much burden off the security team as possible. InsightIDR has made this possible, and gone further through our use of the agent for detailed on device results.

• Vulnerability scanning
• Agent scanning
• Robust permissions

• Identified vulnerabilities before they were exploited and became catastrophes
• Allows us to meet compliance goals

Tenable Nessus and Tenable Security Center

Rapid7 InsightIDR helps in the early detection & response of threats, integration with other technologies for in-depth strategy & ultimately threat hunting. Early detection help organization detect attacker in the first stage of the kill chain. By in-depth use case helps to get intelligence of malware tactics protecting from the malware but also helps in to detect such malware in the future also.

• Rapid7 InsightIDR is a solution with a combination of Honeypot Threat intelligence & threat mitigations into one.
• Manual remediation as well as an automatic response based on the severity and actual damage that occurred.

• Deploy easily in entire network. smooth deployment along with best ROI.

Forescout Continuum

Product has been our primary SIEM tools to collect logs and develop alerting around behaviors in our environment. We monitor network,cloud logins and firewall traffic with this tool. Along with MS log data. This has been a great one pane of glass tool to see all logs.

• MDR support
• Support for many different products
• Great customer service

• Helps resolve risks
• MDR support helps time
• Monitor tool

Splunk Log Observer

Trend Micro Vision One, Rapid7 InsightVM, KnowBe4 Security Awareness Training