Overview
What is InsightIDR?
In addition to their incident response service, Rapid7 offers InsightIDR, a combined XDR and SIEM that provides user behavior and threat analytics.
Superb, multi-faceted, multi-featured, multi-purpose Detection and Response tool
Completed Umbrella Suite for Overall Cyber Risk
InsightIDR is still providing value years after implementation.
Rapid7 InsightIDR Security Framework for Digital security.
Great SIEM
Delivering Automated Cybersecurity like a Pro
Rapid7 does what it says it will do.
Rapid threat detection with InsightIDR.
Rapid7 InsightIDR a Great Solution for an SMB
Rapid7 InsightIDR gives the visibility needed for secure environments
A secured cloud 9 approach
An Amazing Tool to Secure your organisation.
Rapid7 Works Great For Any Environment!
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Reviewer Pros & Cons
Pricing
InsightIDR Advanced
$5.89
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Starting price (does not include set up fee)
- $5.89 per month per asset
Product Demos
Using the Parsing Tool in InsightIDR
User and Asset Containment in InsightIDR
Product Details
- About
- Integrations
- Tech Details
- FAQs
What is InsightIDR?
InsightIDR Video
InsightIDR Integrations
InsightIDR Technical Details
Deployment Types | Software as a Service (SaaS), Cloud, or Web-Based |
---|---|
Operating Systems | Unspecified |
Mobile Application | No |
Frequently Asked Questions
Comparisons
Compare with
Reviews and Ratings
(35)Community Insights
- Business Problems Solved
Rapid7 InsightIDR has proven to be highly effective for incident detection and response, with users praising its ability to provide a comprehensive view of endpoints and assets. It offers a single pane of glass view, ensuring maximum visibility and allowing users to view and act on alerts in real time. Customers in the financial services industry have found great value in using InsightIDR to secure their networks and endpoints from various attack scenarios, including those targeting cloud platforms such as AWS, Azure, and Oracle. The software's system monitoring tools send instant alerts in case of breaches, enabling timely response to mitigate potential threats. It has also been lauded for its capability to trap malicious behavior early in the attack chain, safeguarding vital assets from compromise. By automating regular vulnerability scanning and presenting results in a manageable format, InsightIDR streamlines vulnerability management and reduces the burden on security teams. Additionally, it integrates with other technologies to develop in-depth security strategies and facilitate threat hunting, aiding in early threat detection and response. Overall, InsightIDR serves as a primary SIEM tool that collects logs and develops alerting around behaviors in the environment, providing crucial incident detection, authentication monitoring, and endpoint visibility.
Reviews
(1-13 of 13)- Alerts detection
- Simple and effective monitoring of endpoints
- Allows all security incidents to be saved in single pane of glass
- Intuitive approach to sorting Logs in terrms of labelling and importance
- Straightforward reporting tool, that allows for numerous types of reports to be created
- Dashboards feature lots of detail
- Sometimes there is lag and latency when we have heavy date loads
- Integration with certain APIs are not easy and always straighfroward
- Automation is a bit limited.
Completed Umbrella Suite for Overall Cyber Risk
- Endpoint protection
- SIEM
- Integration with Various other sec tools
- Asset Management
- Segmentation
- False positives are high
- Dashboarding can be improved
- Scanning
- Vulnerability context
- Multi-user/group usage
- Allowing group owners to scan assets
- There is an occasional false positive
Rapid7 InsightIDR Security Framework for Digital security.
- Deceive Expose & Eliminate threats.
- Attacker Visibility.
- Integration with existing technologies like SIEM to 360 overviews of malware.
- Granularity in reporting is missing.
Great SIEM
- Easy to inject logs
- Lots of useful information
- Lots of connections with out products
- Can be difficult to query logs
- UI can be overwhelming
- Sometimes it’s hard to see data of an alert
Delivering Automated Cybersecurity like a Pro
- It provides network visibility with the sensor unlock over your environment.
- Has a lightweight sensor for suspicious activity that's also noiseless.
- The indicators of compromise are complex to analyze.
- Running system scans consumes heavily the network bandwidth slowing processes.
Rapid7 does what it says it will do.
- Reporting
- Aggregating data from thousands of machines against thousands of vulnerabilities
- Agentless and Agent based scanning
- Pricing
- Network Segmentation Flexability
Rapid threat detection with InsightIDR.
- Attacks are detected early enough on the peripheral assets to allow us more time to initiate responses with SOAR before compromising the critical assets.
- Provides a good analysis of log and network data.
- InsightIDR has limited SIEM capabilities, we are using another software for that.
Rapid7 InsightIDR a Great Solution for an SMB
- Timely Detection of Abnormal Behavior
- Host Isolation
- Collection of Network Devices Logs
- Threat Intelligence Source
- User Behavior and Analytics
- Cost Effective
- Staff Augmentation
- Tamper Proofing Agent Against Bad Actors
- Log Searching
- Integration with Other Security Technologies
- Collect logs from workstations and send them back for analysis
- Internal pen testing
- Monitor authentications to internal resources
- Agent can be resource intensive at times
- Server has to be rebooted more often than it should
- Logging needs a better archiving ability
A secured cloud 9 approach
- Security
- Rapid authentication
- Highlights suspicious activities in turn helping us to be ahead of attackers
- Free trials should be well documented
- Prices can be reduced if possible
- Add support for syncing a workplace
An Amazing Tool to Secure your organisation.
- Incident detection
- authentication monitoring
- endpoint visibility
- There should be an testing version
- make more user friendly
- add PII rules as well.
Rapid7 Works Great For Any Environment!
- Rapid7 InsightIDR does a very good job at keeping virus definitions up to date so that our threat intelligence is very up to date when knowing what to protect against.
- It helps us by scanning all of our infrastructure components and highlights where improvements need to be made in security so we can be proactive with our security initiatives.
- It has automated response mechanisms to triage and resolve any potentials risks allowing us to save time in the long run.
- Sometimes Rapid7 InsightIDR will be too locked down and without knowing will block applications and processes needed for day to day operation.
- System scans with Rapid7 InsightIDR can be very bandwidth-heavy on the network and system resources.
- From a recent incident, we have seen more and more false positives from Rapid7 InsightIDR on areas that we know are secure.