Citrix Analytics for Security [EOL] vs Rapid7 InsightIDR comparison

"Very good scalability."

"The solution is easy to handle."

"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."

"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."

"The solution provides satisfying native integration features"

"Rapid7's reporting is more robust than Tenable's."

"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."

"Rapid7 InsightIDR is budget-friendly and has a good market position because not everybody can afford to go for LogRhythm or Splunk or QRadar."

"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."

"It improved my organization by building a security alerting program."

"The remote access features need improvement."

"Lacks recording features."

"The dashboard is an area that could be simplified."

"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."

"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."

"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."

"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."

"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."

"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."

"Inability to get access to compliance reports within the solution."

"The solution is fairly priced. There are no additional costs involved, one only needs to pay the licensing cost."

"Rapid7 InsightIDR is priced very well and is cost-effective."

"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."

"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."

"Rapid7 InsightIDR charges us based on the endpoints we connect to."

"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"

"It is more reasonably priced than other vendors."

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"