Rapid7 InsightIDR vs Trellix ESM comparison

"The web interface is great — very useful and user-friendly."

"It improved my organization by building a security alerting program."

"Rapid7's reporting is more robust than Tenable's."

"I like that it's a cloud-based solution."

"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."

"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."

"Features for user behavior analytics and the rules for attack review are good."

"The product works well. Stability-wise, I rate the solution a ten out of ten."

"It enables us to detect malicious threats, issues, or vulnerabilities in our network."

"I like the ease of deployment."

"It is easy to use."

"This solution integrates easily and very well with other technologies."

"It is a good central viewpoint for issues. These can then be investigated in more detail on the subnet server(s)/endpoints."

"The support I have received from the vendor has been great."

"It has good technical support, which is available around the clock. You can call up anytime and get whatever you want. My queues are resolved."

"It is user-friendly. The notification part of McAfee ESM is very easy."

"Cloud risk assessment is one area where I think they need a lot of improvement."

"I feel it would greatly benefit from more supported log sources."

"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."

"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."

"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."

"The searching feature in Rapid7 InsightIDR needs to evolve"

"The product allows us to make only 30 custom rules."

"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."

"It is not a very advanced solution, and it is for very generic use cases. It cannot cope with the advanced requirements that we're going to have. For example, for multiple authentication failures, it is still based on Windows events for detecting multiple login failures, whereas other companies are going beyond and working on implementing two-factor authentication. It is time to correlate the two-factor authentication results with authentification failures, which is not happening with McAfee ESM. The performance of the tool should be improved because it is very slow. The data display on the console is very slow in McAfee ESM. Its data storage is still old-fashioned, and it should be improved and upgraded to the latest versions. They have to come up with some new ideas to match what other leaders in the same domain are doing. For example, in Splunk, when you search for information for the last 60 days or five months, it quickly shows the information, but that is not the case with McAfee. The results should be quicker and faster on the console. They should integrate some additional features such as User Behavior Analytics (UBA) and automation. The threat intelligence part should also be improved on McAfee."

"I would like to see good analytics in future releases."

"McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support. It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better."

"Customized reports and alerting functionality could be included in the dashboard."

"McAfee ESM is not user-friendly and the log is not accurate. For instance, if I were assigned to generate a log for changes made today, I wouldn't be able to see all the modifications. While Palo Alto allows us to see all changes, McAfee ESM only captures one out of every ten changes. It's crucial to have visibility into all changes made."

"The support from McAfee ESM could improve. They could improve the speed."

"The user interface could be more user-friendly."

"The solution needs to improve case management. The UI is confusing."

"The pricing and licensing are competitive."

"The solution has a mid-range price point in the market"

"The pricing is good, and it is not very expensive."

"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."

"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"

"​Accurately predict your licensing counts as this is a subscription based product.​"

"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"

"It is a reasonably priced solution."

"The cost is dependent on the customer's environment and requirements."

"When compared to IBM Security QRadar and other similar platforms, the pricing of McAfee ESM is reasonable and comparatively less expensive."

"The pricing is fair."

"You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points."

"The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."

"It is an inexpensive product. We purchase its yearly license."

"Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar."

"The product is slightly expensive."