We performed a comparison between Rapid7 InsightIDR and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The web interface is great — very useful and user-friendly."
"I rate Rapid7 nine out of 10 for affordability"
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"The solution is very stable and works very well for what I need it to do."
"Rapid7's reporting is more robust than Tenable's."
"I like that it's a cloud-based solution."
"Log search allows us to dive deep into aggregated logs and query all event types at once."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"Scalability has been good for our needs. We haven't run into any scaling issues in regards to size so far."
"We can integrate threat intelligence solutions into the product."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"The main problem lies in the processes within the client's operating systems."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"Needs a better ability to customize the check within the console."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"The initial setup is the most stressful, like learning how to use it."
"The solution should improve its UI."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
Rapid7 InsightIDR is ranked 9th in Security Information and Event Management (SIEM) with 30 reviews while Sumo Logic Security is ranked 17th in Security Information and Event Management (SIEM) with 18 reviews. Rapid7 InsightIDR is rated 8.4, while Sumo Logic Security is rated 8.6. The top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and Next DLP, whereas Sumo Logic Security is most compared with Wazuh, Microsoft Sentinel, Splunk Enterprise Security, Google Chronicle Suite and Grafana Loki. See our Rapid7 InsightIDR vs. Sumo Logic Security report.
See our list of best Security Information and Event Management (SIEM) vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.