Rapid threat detection with InsightIDR.
April 16, 2022

Rapid threat detection with InsightIDR.

Mary Ramirez | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Rapid7 InsightIDR

We are using Rapid7 for incident detection and responses on our servers by reducing the attack's dwell time. We've also utilized it for IOCs TTP procedures to map the threat indicators metrics. We picked it because it's capable of trapping malicious behavior on the attack chain early enough before the vital assets are compromised.

Pros

  • Attacks are detected early enough on the peripheral assets to allow us more time to initiate responses with SOAR before compromising the critical assets.
  • Provides a good analysis of log and network data.

Cons

  • InsightIDR has limited SIEM capabilities, we are using another software for that.
  • Endpoint visibility
  • Authentication Monitoring
  • We've managed to map all unauthorized access on our network for the two years we've used it.
  • We properly identify all threats on our several data streams.

Do you think Rapid7 InsightIDR delivers good value for the price?

Yes

Are you happy with Rapid7 InsightIDR's feature set?

Yes

Did Rapid7 InsightIDR live up to sales and marketing promises?

Yes

Did implementation of Rapid7 InsightIDR go as expected?

Yes

Would you buy Rapid7 InsightIDR again?

Yes

Splunk SOAR (Security Orchestration, Automation and Response) (formerly Phantom)
InsightIDR has been very suitable for deception and extra. It maps attacks on our servers and networks in a very detailed manner, stating not only the log and network data but also important information like how the loops in which the attack was orchestrated and how the attackers got in. Also, during an attack, it weaves the intruder in InsightIDR's' honeypot' to give us plenty of time to initiate security response protocols.

Comments

More Reviews of InsightIDR