We performed a comparison between Rapid7 InsightIDR and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"Very intuitive and easy to set up."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"Dashboards, including the main screen, provide much-needed information at a glance, without hours of coding and sifting through logs to find it. In case of an actual security incident, I have faith that insightIDR has retained all logs in a secure manner that prevents log tampering as well."
"Log search allows us to dive deep into aggregated logs and query all event types at once."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"The solution is quite stable."
"Technical support is always great."
"We can integrate threat intelligence solutions into the product."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"The APIs can be further improved in Rapid7."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."
"The ability to tune the collector for custom logs would greatly help."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"The initial setup is the most stressful, like learning how to use it."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"The solution should improve its UI."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 30 reviews while Sumo Logic Security is ranked 17th in Security Information and Event Management (SIEM) with 18 reviews. Rapid7 InsightIDR is rated 8.4, while Sumo Logic Security is rated 8.6. The top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and Next DLP, whereas Sumo Logic Security is most compared with Wazuh, Microsoft Sentinel, Splunk Enterprise Security, Google Chronicle Suite and Grafana Loki. See our Rapid7 InsightIDR vs. Sumo Logic Security report.
See our list of best Security Information and Event Management (SIEM) vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.