Rapid7 InsightIDR Reviews and Ratings

Rating: 9 out of 10

Score

9 out of 10

Community insights

TrustRadius Insights for Rapid7 InsightIDR are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Business Problems Solved

Rapid7 InsightIDR has proven to be highly effective for incident detection and response, with users praising its ability to provide a comprehensive view of endpoints and assets. It offers a single pane of glass view, ensuring maximum visibility and allowing users to view and act on alerts in real time. Customers in the financial services industry have found great value in using InsightIDR to secure their networks and endpoints from various attack scenarios, including those targeting cloud platforms such as AWS, Azure, and Oracle. The software's system monitoring tools send instant alerts in case of breaches, enabling timely response to mitigate potential threats. It has also been lauded for its capability to trap malicious behavior early in the attack chain, safeguarding vital assets from compromise. By automating regular vulnerability scanning and presenting results in a manageable format, InsightIDR streamlines vulnerability management and reduces the burden on security teams. Additionally, it integrates with other technologies to develop in-depth security strategies and facilitate threat hunting, aiding in early threat detection and response. Overall, InsightIDR serves as a primary SIEM tool that collects logs and develops alerting around behaviors in the environment, providing crucial incident detection, authentication monitoring, and endpoint visibility.

Reviews

12 Reviews

Superb, multi-faceted, multi-featured, multi-purpose Detection and Response tool

Rating: 10 out of 10

Incentivized

September 5, 2023

Use Cases and Deployment Scope

We use it mainly as our incident detection and response application of

choice, but it has helped us out enormously with its feature rich

capabilities in numerous other areas. InsightIDR provides us with a

single pane of glass view that allows us to have maximum visibility of

our endpoints, while being aware of all assets, even newly created

ones. It also allows us the ability to view and act on alerts in real

time by conducting deep root cause analysis with additional functions.

Our installation is cloud based so we have integration with other

applications. Additionally, Reports can be formulated with ease and convenience and on a bespoke basis.

Pros

Alerts detection
Simple and effective monitoring of endpoints
Allows all security incidents to be saved in single pane of glass
Intuitive approach to sorting Logs in terrms of labelling and importance
Straightforward reporting tool, that allows for numerous types of reports to be created
Dashboards feature lots of detail

Cons

Sometimes there is lag and latency when we have heavy date loads
Integration with certain APIs are not easy and always straighfroward
Automation is a bit limited.

Likelihood to Recommend

It has been brilliant for us in terms of understanding the behaviour affecting our endpoints and assets. We have full visibility of our alerts, which menas we can act on them immediately. We use a single pain of glass with dashboards that can be easily drilled down into to get further information. It has laso helped us eo create bespoke reports for senios Managmeent, while at the same time supports other teams like Network Mnagement and Operations.

Azhar Chaudri

Cyber Security Training Specialist in Information Technology at The Knowledge Academy (501-1000 employees)

Vetted Review

2 years of experience

View profile

Completed Umbrella Suite for Overall Cyber Risk

Rating: 8 out of 10

Incentivized

August 29, 2023

Use Cases and Deployment Scope

We as a financial services provider required to adhare with customer need which is security in current world and to protect those we have to secure our network and endpoint with every single possible attack scenario which are actively and passively try to invade and can cause problems. These infra includes cloud platform which includes AWS, Azure and Oracle and some in-house data centres so get a smooth coverage we used InsightIDR to bring everything under one umbrella.

Pros

Endpoint protection
SIEM
Integration with Various other sec tools

Cons

Asset Management
Segmentation
False positives are high
Dashboarding can be improved

Likelihood to Recommend

Well, As a financial Services Provider we have dependency on various cloud platform such as AWS, Azure and Oracle which requires more attention to safeguard it. It cover holistically every single possible point which is good feature ofcourse but dashboarding can be improved and giving unnecessary false positives can be minimised as it creates chaos when we see reports and log.

Varun Khare

Senior Analyst in Information Technology at Western Union (10,001+ employees)

Vetted Review

2 years of experience

View profile

InsightIDR is still providing value years after implementation.

Rating: 10 out of 10

Incentivized

August 29, 2023

Use Cases and Deployment Scope

When I arrived at my org vulnerability management was done ad hoc using an inexpensive NESSUS license. But this didn't provide results in a good manageable format. The idea was to be able to automate regular scanning and present the results in a format that would allow responsible asset owners to see the status of their systems and insofar as possible make it a self-service experience, taking as much burden off the security team as possible. InsightIDR has made this possible, and gone further through our use of the agent for detailed on device results.

Pros

Scanning
Vulnerability context
Multi-user/group usage

Cons

Allowing group owners to scan assets
There is an occasional false positive

Likelihood to Recommend

Anyone looking to implement a mature vulnerability management program would be advised to give InsightIDR a look. Rapid7 is always on top of the latest vulnerability coverage and the platform is constantly improved to make it better and better. It has a great user/group permission scheme. The agent means that you can have good results without credentialed scans which we consider risky.

Allan Crittenden Edwards

Security Analyst in Information Technology at Eastern Michigan University (1001-5000 employees)

Vetted Review

7 years of experience

View profile

Rapid7 InsightIDR Security Framework for Digital security.

Rating: 8 out of 10

January 28, 2023

Use Cases and Deployment Scope

Rapid7 InsightIDR helps in the early detection & response of threats, integration with other technologies for in-depth strategy & ultimately threat hunting. Early detection help organization detect attacker in the first stage of the kill chain. By in-depth use case helps to get intelligence of malware tactics protecting from the malware but also helps in to detect such malware in the future also.

Pros

Deceive Expose & Eliminate threats.
Attacker Visibility.
Integration with existing technologies like SIEM to 360 overviews of malware.

Cons

Granularity in reporting is missing.

Likelihood to Recommend

Provide Contextual intelligence about the attackers with AI to enable an antimalware engine. AI enable Web-filtering solution. Automation of threat response & Broder investigates the report. Rapid7 Insight can be deployed rapidly in the network. Rapid7 Insight also helps to detect the lateral movement of malware. We can deploy Rapid7 Deception on any ware in the network rather than putting only on DMZ; I can put it in-line so that all traffic would scan.

Bhuwan Chandra

Business Development Manager in Sales at ConnectUp IT Solutions (11-50 employees)

Vetted Review

3 years of experience

View profile

Great SIEM

Rating: 7 out of 10

Incentivized

January 27, 2023

Use Cases and Deployment Scope

Product has been our primary SIEM tools to collect logs and develop alerting around behaviors in our environment. We monitor network,cloud logins and firewall traffic with this tool. Along with MS log data. This has been a great one pane of glass tool to see all logs.

Pros

Easy to inject logs
Lots of useful information
Lots of connections with out products

Cons

Can be difficult to query logs
UI can be overwhelming
Sometimes it’s hard to see data of an alert

Likelihood to Recommend

Great place for small team to gather and monitor logs from many resources to get a better picture of behaviors in your environment.

Chris Goodhue

Network Security Specialist in Information Technology at BISSELL Homecare, Inc. (1001-5000 employees)

Vetted Review

3 years of experience

View profile

Delivering Automated Cybersecurity like a Pro

Rating: 7 out of 10

Incentivized

April 25, 2022

Use Cases and Deployment Scope

Rapid7 InsightIDR is our cybersecurity software and we use it to handle Endpoint Detection and Response. My line of duty involves deploying AI bots under a cloud-based infrastructure that's prone to cyber attacks and viruses invasion to compromise the bots functionality. The security team engaged Rapid7 InsightIDR to help secure critical data being handled by the bots and systems, networks at large. I use it's system monitoring tools in my jurisdiction. It sends instant alerts in case of breaches to prevent major damages.

Pros

It provides network visibility with the sensor unlock over your environment.
Has a lightweight sensor for suspicious activity that's also noiseless.

Cons

The indicators of compromise are complex to analyze.
Running system scans consumes heavily the network bandwidth slowing processes.

Likelihood to Recommend

Rapid7 InsightIDR handles malware like a pro. It's able to identify the steathly techniques used by attackers. There was a certain attack where the hacker masked as an employee of our company to escape the radar but we were able to sample out the activity with Rapid7 UEBA. It's also worth noting that Rapid7 InsightIDR has a complex architecture and while running system scans, operations may slow down as it takes up most of the network bandwidth.

Gray Nathan

Robotic Process Automation Engineer in Information Technology at Benefitfocus (1001-5000 employees)

Vetted Review

3 years of experience

View profile

Rapid7 does what it says it will do.

Rating: 9 out of 10

Incentivized

April 22, 2022

Use Cases and Deployment Scope

We use Rapid7 InsightIDR to gain knowledge and understanding about the vulnerabilities in place in our organization. Whether it is an unpatched software product, a misconfiguration, or a zero-day exploit, we know what remediation steps are needed within our organization. Additionally, we can automate reports and trigger actions for technicians to remediate issues.

Pros

Reporting
Aggregating data from thousands of machines against thousands of vulnerabilities
Agentless and Agent based scanning

Cons

Pricing
Network Segmentation Flexability

Likelihood to Recommend

We have found Rapid7 InsightIDR especially well suited for auditing a new environment prior to working on/supporting it. It is very simple to push an agent and setup a scanner and start receiving actionable information. It is also well suited for ongoing monitoring of an environment, to make sure new vulnerabilities are dealt with.

Verified User

Director in Information Technology (1001-5000 employees)

Vetted Review

5 years of experience

Rapid threat detection with InsightIDR.

Rating: 9 out of 10

Incentivized

April 16, 2022

Use Cases and Deployment Scope

We are using Rapid7 for incident detection and responses on our servers by reducing the attack's dwell time. We've also utilized it for IOCs TTP procedures to map the threat indicators metrics. We picked it because it's capable of trapping malicious behavior on the attack chain early enough before the vital assets are compromised.

Pros

Attacks are detected early enough on the peripheral assets to allow us more time to initiate responses with SOAR before compromising the critical assets.
Provides a good analysis of log and network data.

Cons

InsightIDR has limited SIEM capabilities, we are using another software for that.

Likelihood to Recommend

InsightIDR has been very suitable for deception and extra. It maps attacks on our servers and networks in a very detailed manner, stating not only the log and network data but also important information like how the loops in which the attack was orchestrated and how the attackers got in. Also, during an attack, it weaves the intruder in InsightIDR's' honeypot' to give us plenty of time to initiate security response protocols.

Mary Ramirez

Assistant Director Of Information Technology in Information Technology at J.Crew (1001-5000 employees)

Vetted Review

2 years of experience

View profile

Rapid7 InsightIDR a Great Solution for an SMB

Rating: 10 out of 10

Incentivized

April 15, 2022

Use Cases and Deployment Scope

We use Rapid7 as our SIEM solution. It provides us the network monitoring and detection capabilities without having to bring in an in-house SIEM technology and the FTE support required for such an implementation. Our network is spread across the US with over 60 offices spanning three time zones. We are an SMB with over 1,400 employees.

Pros

Timely Detection of Abnormal Behavior
Host Isolation
Collection of Network Devices Logs
Threat Intelligence Source
User Behavior and Analytics
Cost Effective
Staff Augmentation

Cons

Tamper Proofing Agent Against Bad Actors
Log Searching
Integration with Other Security Technologies

Likelihood to Recommend

InsightIDR is well suited for SMBs that do not have the resources to bring in an on-prem SIEM. After the initial configuration is completed, which the Rapid7 team was very good at assisting us on, the upkeep of the SIEM in the cloud is mainly done by them. Then after the "tuning" is done and the noise of the benign network traffic is muted, then only the true alerts can be investigated for malicious intentions. It has been a great tool for us to identify malicious activity. The technology also allows us to isolate hosts on-the-fly.

Verified User

Manager in Information Technology (1001-5000 employees)

Vetted Review

3 years of experience

Rapid7 InsightIDR gives the visibility needed for secure environments

Rating: 7 out of 10

Incentivized

April 15, 2022

Use Cases and Deployment Scope

We have an issue with end users lacking knowledge of IT security, so we purchased Rapid7 InsightIDR to deploy an agent on their workstations for monitoring, as well as internal pen testing. If an employee fails a security check, then they have to take the security education course over again. Over time this has helped.

Pros

Collect logs from workstations and send them back for analysis
Internal pen testing
Monitor authentications to internal resources

Cons

Agent can be resource intensive at times
Server has to be rebooted more often than it should
Logging needs a better archiving ability

Likelihood to Recommend

Rapid7 InsightIDR is great for facilities where access to internal resources is highly restricted, such as healthcare. It helps with logging attempted access to restricted servers, as well as providing a way to bait test the end users to verify they are educated on the security side of IT. Companies with little to no restrictions to internal resources would see no benefit from a software such as this.

Verified User

Employee in Information Technology (5001-10,000 employees)

Vetted Review

3 years of experience

Loading Reviews List....