We performed a comparison between NetWitness Platform and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"The solution is really scalable for the high-end power, enterprise customer."
"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."
"Their technical support responds quickly and are knowledgable."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"Performance and reporting are very good."
"The most valuable features are the packet decoder, log decoder, and concentrator."
"The solution's initial setup is easy."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"The solution provides satisfying native integration features"
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"It is a very stable solution."
"InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."
"The solution is very scalable in terms of the licensing model."
"Its technical support could be better."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"Security needs improvement."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"The initial setup is complex. There are other solutions that are easier to implement."
"It is not so easy to customize this product."
"We have encountered issues with unresolved crashes."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"Lacks a mobile application."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"The ability to tune the collector for custom logs would greatly help."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"I feel it would greatly benefit from more supported log sources."
NetWitness Platform is ranked 15th in Security Information and Event Management (SIEM) with 36 reviews while Rapid7 InsightIDR is ranked 9th in Security Information and Event Management (SIEM) with 30 reviews. NetWitness Platform is rated 7.4, while Rapid7 InsightIDR is rated 8.4. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar. See our NetWitness Platform vs. Rapid7 InsightIDR report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.