We performed a comparison between Logpoint and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Forensics is a valuable feature of Fortinet FortiEDR."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The solution was relatively easy to deploy."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The stability is very good."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The price is low and quite competitive with others."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The most beneficial was being able to prove, with proper reports, that from a compliance perspective, the company is in control. The service part of LogPoint did modifications or did some additional work to have the proper reports defined."
"The solution's most valuable aspect is the combination of the software and the support that they have."
"We like the user and entity behaviour analytics (UEBA) and find it valuable."
"The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."
"The most valuable features are the ones that we use the most, which are the search and report facilities."
"It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them."
"The search feature is valuable. The dashboards are also valuable for our bosses. Another valuable feature, which is the main feature of the product, is the centralization of all the logs."
"The integration is very user-friendly. There are not many CLI commands. Everything is directly accessible from the web interface."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"The solution's initial setup is easy."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"The solution is very scalable in terms of the licensing model."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"Rapid7's reporting is more robust than Tenable's."
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The only minor concern is occasional interference with desired programs."
"The support needs improvement."
"What could be improved in LogPoint is its UI because it's less friendly to users than LogRhythm. The UI could be more aesthetically appealing to users. It's completely outdated."
"Dashboards could be developed further."
"Nowadays the trend is going towards the ransomware and the endpoint detection and response. So if they added something for that, that will be very, very good."
"Log management could be better because transporting the log from a password to the client system takes time."
"One of the downsides is it is not a SaaS solution. It must be on-premises."
"We were missing visuals and graphics. Recently, a new version seems to have come out, and it has a new graphical user interface. When I was integrating it, it was usable, but the GUI needed improvement."
"The interface needs things like wizards that will assist with creating complex correlation rules."
"In terms of functionality, it is very good. The only issue is the documentation. Its documentation should be improved."
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"I feel it would greatly benefit from more supported log sources."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
Logpoint is ranked 26th in Security Information and Event Management (SIEM) with 20 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 30 reviews. Logpoint is rated 7.4, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". Logpoint is most compared with IBM Security QRadar, Elastic Security, Microsoft Sentinel, Wazuh and Fortinet FortiSIEM, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar. See our Logpoint vs. Rapid7 InsightIDR report.
See our list of best Security Information and Event Management (SIEM) vendors, best User Entity Behavior Analytics (UEBA) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.