Rapid7 InsightIDR Reviews and Ratings

Use Cases and Deployment Scope

We use it mainly as our incident detection and response application of

choice, but it has helped us out enormously with its feature rich

capabilities in numerous other areas. InsightIDR provides us with a

single pane of glass view that allows us to have maximum visibility of

our endpoints, while being aware of all assets, even newly created

ones. It also allows us the ability to view and act on alerts in real

time by conducting deep root cause analysis with additional functions.

Our installation is cloud based so we have integration with other

applications. Additionally, Reports can be formulated with ease and convenience and on a bespoke basis.

Likelihood to Recommend

It has been brilliant for us in terms of understanding the behaviour affecting our endpoints and assets. We have full visibility of our alerts, which menas we can act on them immediately. We use a single pain of glass with dashboards that can be easily drilled down into to get further information. It has laso helped us eo create bespoke reports for senios Managmeent, while at the same time supports other teams like Network Mnagement and Operations.

Use Cases and Deployment Scope

We as a financial services provider required to adhare with customer need which is security in current world and to protect those we have to secure our network and endpoint with every single possible attack scenario which are actively and passively try to invade and can cause problems. These infra includes cloud platform which includes AWS, Azure and Oracle and some in-house data centres so get a smooth coverage we used InsightIDR to bring everything under one umbrella.

Likelihood to Recommend

Well, As a financial Services Provider we have dependency on various cloud platform such as AWS, Azure and Oracle which requires more attention to safeguard it. It cover holistically every single possible point which is good feature ofcourse but dashboarding can be improved and giving unnecessary false positives can be minimised as it creates chaos when we see reports and log.

Use Cases and Deployment Scope

When I arrived at my org vulnerability management was done ad hoc using an inexpensive NESSUS license. But this didn't provide results in a good manageable format. The idea was to be able to automate regular scanning and present the results in a format that would allow responsible asset owners to see the status of their systems and insofar as possible make it a self-service experience, taking as much burden off the security team as possible. InsightIDR has made this possible, and gone further through our use of the agent for detailed on device results.

Likelihood to Recommend

Anyone looking to implement a mature vulnerability management program would be advised to give InsightIDR a look. Rapid7 is always on top of the latest vulnerability coverage and the platform is constantly improved to make it better and better. It has a great user/group permission scheme. The agent means that you can have good results without credentialed scans which we consider risky.

Use Cases and Deployment Scope

Rapid7 InsightIDR helps in the early detection & response of threats, integration with other technologies for in-depth strategy & ultimately threat hunting. Early detection help organization detect attacker in the first stage of the kill chain. By in-depth use case helps to get intelligence of malware tactics protecting from the malware but also helps in to detect such malware in the future also.

Likelihood to Recommend

Provide Contextual intelligence about the attackers with AI to enable an antimalware engine. AI enable Web-filtering solution. Automation of threat response & Broder investigates the report. Rapid7 Insight can be deployed rapidly in the network. Rapid7 Insight also helps to detect the lateral movement of malware. We can deploy Rapid7 Deception on any ware in the network rather than putting only on DMZ; I can put it in-line so that all traffic would scan.

Use Cases and Deployment Scope

Product has been our primary SIEM tools to collect logs and develop alerting around behaviors in our environment. We monitor network,cloud logins and firewall traffic with this tool. Along with MS log data. This has been a great one pane of glass tool to see all logs.

Likelihood to Recommend

Great place for small team to gather and monitor logs from many resources to get a better picture of behaviors in your environment.

Use Cases and Deployment Scope

Rapid7 InsightIDR is our cybersecurity software and we use it to handle Endpoint Detection and Response. My line of duty involves deploying AI bots under a cloud-based infrastructure that's prone to cyber attacks and viruses invasion to compromise the bots functionality. The security team engaged Rapid7 InsightIDR to help secure critical data being handled by the bots and systems, networks at large. I use it's system monitoring tools in my jurisdiction. It sends instant alerts in case of breaches to prevent major damages.

Likelihood to Recommend

Rapid7 InsightIDR handles malware like a pro. It's able to identify the steathly techniques used by attackers. There was a certain attack where the hacker masked as an employee of our company to escape the radar but we were able to sample out the activity with Rapid7 UEBA. It's also worth noting that Rapid7 InsightIDR has a complex architecture and while running system scans, operations may slow down as it takes up most of the network bandwidth.

Use Cases and Deployment Scope

We use Rapid7 InsightIDR to gain knowledge and understanding about the vulnerabilities in place in our organization. Whether it is an unpatched software product, a misconfiguration, or a zero-day exploit, we know what remediation steps are needed within our organization. Additionally, we can automate reports and trigger actions for technicians to remediate issues.

Likelihood to Recommend

We have found Rapid7 InsightIDR especially well suited for auditing a new environment prior to working on/supporting it. It is very simple to push an agent and setup a scanner and start receiving actionable information. It is also well suited for ongoing monitoring of an environment, to make sure new vulnerabilities are dealt with.

Use Cases and Deployment Scope

We are using Rapid7 for incident detection and responses on our servers by reducing the attack's dwell time. We've also utilized it for IOCs TTP procedures to map the threat indicators metrics. We picked it because it's capable of trapping malicious behavior on the attack chain early enough before the vital assets are compromised.

Likelihood to Recommend

InsightIDR has been very suitable for deception and extra. It maps attacks on our servers and networks in a very detailed manner, stating not only the log and network data but also important information like how the loops in which the attack was orchestrated and how the attackers got in. Also, during an attack, it weaves the intruder in InsightIDR's' honeypot' to give us plenty of time to initiate security response protocols.

Use Cases and Deployment Scope

We use Rapid7 as our SIEM solution. It provides us the network monitoring and detection capabilities without having to bring in an in-house SIEM technology and the FTE support required for such an implementation. Our network is spread across the US with over 60 offices spanning three time zones. We are an SMB with over 1,400 employees.

Likelihood to Recommend

InsightIDR is well suited for SMBs that do not have the resources to bring in an on-prem SIEM. After the initial configuration is completed, which the Rapid7 team was very good at assisting us on, the upkeep of the SIEM in the cloud is mainly done by them. Then after the "tuning" is done and the noise of the benign network traffic is muted, then only the true alerts can be investigated for malicious intentions. It has been a great tool for us to identify malicious activity. The technology also allows us to isolate hosts on-the-fly.

Use Cases and Deployment Scope

We have an issue with end users lacking knowledge of IT security, so we purchased Rapid7 InsightIDR to deploy an agent on their workstations for monitoring, as well as internal pen testing. If an employee fails a security check, then they have to take the security education course over again. Over time this has helped.

Likelihood to Recommend

Rapid7 InsightIDR is great for facilities where access to internal resources is highly restricted, such as healthcare. It helps with logging attempted access to restricted servers, as well as providing a way to bait test the end users to verify they are educated on the security side of IT. Companies with little to no restrictions to internal resources would see no benefit from a software such as this.