Rapid7 Managed Threat Complete

Our main use case for Rapid7 MDR  is that they serve as our SOC.

Rapid7 MDR  is an IDR that does what it is supposed to do. The vulnerability management helps us keep our products and systems up to date.

I am satisfied with the risk-aware detection feature in Rapid7 MDR and have no issues with it.

We use the AI-assisted feature in Rapid7 sometimes, mainly to understand the logs from systems that we are not familiar with.

The main benefits that Rapid7 MDR provides for me as an end-user are the security and that they are available 24 hours a day, always. This gives me reassurance because I do not have to be an expert on the cybersecurity part because they are. We are a quite small firm, so we do not have that in-house expertise, which is why we rely on them.

Regarding points for improvement in Rapid7 MDR, I do not have to do anything with them unless I have a problem. The less I hear from them, the better, because they contact us when there is a problem. We have our monthly meeting, and that is fine by me. That is pretty much it; I get what I want, and I do not want anything else.

The price of Rapid7 MDR could definitely be lower, as these are expensive systems, especially if you have the MDR. They could work on the price.

I have been working with Rapid7 MDR for about two years.

I would rate Rapid7 MDR as a 10 for stability; it has always been there and has never been down.

The ability to scale Rapid7 MDR is really super easy, so I would rate it a 10 as well.

I would rate Rapid7 technical support as definitely a 10, because whenever we have had any problems, it is really fast and sensitive to our knowledge. I get the help I really need, and it is fast, so it is really good.

I have only worked with Rapid7 when it comes to MDR; I have no experience with other products.

Based on my experience, it is really easy to start working with Rapid7 MDR; you are up and running in a day or two.

The initial setup process for Rapid7 MDR is really easy; it was really easy for us.

We did the setup processes in-house for Rapid7 MDR ourselves.

The main competitor for Rapid7 MDR would be CrowdStrike, in my opinion.

I have not looked into CrowdStrike; I do not know the specifics of what they call it, but they have the big offerings as well.

I would definitely recommend Rapid7 MDR to other users. I would rate this review a 10.

Rapid7 MDR  is our managed service that serves as our SOC and represents our starting point in utilizing a solution for cybersecurity. Rapid7 MDR  is the primary use case for our company's SOC.

The consulting and monthly consulting and reporting are very useful features that we find most valuable.

Having a dedicated cybersecurity advisor through Rapid7 MDR helps us align our cybersecurity strategy to the up-to-date measurements and controls that we can take, which impacts how we align our security program with business needs.

With a very small IT operations team, we have experienced a positive impact from Rapid7 MDR. In the past, we had much effort to handle incidents, and now with the SOC on our side, the process is more streamlined, and we are much faster than before.

My impression of the Risk-Aware Detection features is positive; they work well for us.

We are starting to get into the AI solutions from Rapid7 MDR for our SIEM , but we are in the very beginning stages, focusing on AI-assisted Risk-Aware Investigation workflows.

We are using the integrated MDR for Microsoft environments feature. Up to now, it works well regarding its detection and response capabilities for Microsoft-centric environments.

Now we have a clear view of what has happened in our tenant, which has impacted our incident recovery process positively; before, we did not have this view. We have many signals, so we can control them and check if we are on the right path or if it is just a false incident, and it works very well. In the last several months, we have seen more than we have seen in the previous two years.

AI is present, and I think Rapid7 MDR could add good reporting, more reporting, and perhaps more templates in the future to make the product even better.

Since the beginning of the year, we have been using this tool.

Rapid7 MDR works really well; we are completely satisfied with it. It is a nice service and I believe we have everything we need. From my perspective, I have no improvements to suggest. There is much more we have to discover.

I do not think there are scalability issues regarding extending usage in the future.

When ten is the best, I would rate their technical support at a ten.

We have Rapid7 IVM and SIEM , and we are still using them. We have now added Rapid7 MDR as a service, which reflects our previous positive experience with Rapid7 solutions.

I cannot speak to how the initial setup was because we had Rapid7 IVM and SIEM before, and that setup occurred before my time. The setup for Rapid7 MDR was very simple because we already had half of the infrastructure in place.

We evaluated many other solutions for various situations, but ultimately we chose Rapid7 MDR because of the price and the service, which were perfect for us.

I find the pricing reasonable and competitive.

Rapid7 MDR is hybrid regarding whether it is on-premises, cloud-based, or hybrid.

I purchased Rapid7 MDR through our IT supplier.

Five people, at most, are working with the product in our company, indicating the usage is currently pretty limited.

The interface is very handy and user-friendly.

I would say Rapid7 MDR is popular; Rapid7 is a well-known name in my region.

I would rate this product a ten out of ten.

Our primary use cases focus on threat detection and network-related security concerns, with an emphasis on cybersecurity-related areas.

My team is satisfied with the current capabilities, though there are certainly areas for improvement. Rapid7 MDR  has not covered all the areas we need, which is why we also utilize Zscaler. For personalized security for developers, testers, and other audiences who are exposing their network to risk, we definitely need very micro-level monitoring of requests and network activity.

All stakeholders claim that Rapid7 MDR  is very effective at identifying threats in today's AI era. It is quite difficult for all of us to identify what type of code or requests are coming through. This improvement is very important to the product itself and its realignment. We raised a request, and Rapid7 MDR has made changes to their product by conducting extensive research and development with thorough testing.

There are multiple areas for improvement, especially regarding generative AI-related threats. Secondly, proxy communication happens through agentic AI, making it very difficult to identify whether it is agentic AI, a human, or a hacker. That filtering and identification will need to be improved in Rapid7 MDR. Many products still do not make that effort, but Rapid7 MDR has started to address this; however, this remains a drawback at the moment. We moved our own artificial intelligence product, and our developers and testers are using it, but we still restrict its use to inside our Fujitsu  premises. We cannot allow it to go outside because we do not have that level of trust at the moment.

It is quite difficult to specify all areas at the moment, but there are multiple features needed. Based on our transformation with a combination of cloud technology and artificial intelligence, we are using co-pilot and multiple AI models will require many enhancements aligned with new technology trends in the market. I cannot articulate or name all of them, but we are still not confident in asking customers to use AI in their environment. They are reluctant at the moment because of security concerns and other myths around AI. There should definitely be a tool that gives us the confidence that whatever AI model we are using is secured through that tool. That tool should assure customers that there is a 90% or 98% guarantee that their code or utilization of AI technology will meet the mark. Currently, customers are not flexible in beginning to utilize AI, especially for financial institutions, research and development institutes, or places where sensitive business operations occur or large customer volumes exist. No one can risk it at the moment. People are using co-pilot, chatbots, or bot services, but they are still not confident in utilizing them without taking risks. No one can claim that they are 100% secure in providing those services. We are expecting that type of confidence from Rapid7 MDR and other technologies playing a role in the market.

We have been using this solution for more than four years.

Getting responses from any service industry is challenging. We have an SLA, especially those SLAs from which we really need support based on our customer expectations, particularly for our developers. Every machine has Rapid7 MDR installed. We have our own IT department that is enabled with all training. The thing is that we do not directly rely on Rapid7 MDR for support, but we have built up our own competency with Rapid7 MDR. Only for very urgent issues do we get support from Rapid7 MDR, but that also depends upon the contract. We do not have extensive experience where we frequently interact with Rapid7 MDR, but wherever there is a setting, configuration management, or something similar, we are getting support from their technical or non-technical staff. It is about how you build your relationship with them. We are training our employees and providing them with training, and once they are trained, we believe this is a common shared responsibility.

The setup cost is reasonable and not so expensive. It is simple and straightforward.

We are primarily on Microsoft with a platinum contract, so all products we evaluate are in line with Microsoft's technology stack. Rapid7 MDR and Zscaler are both well-equipped and support Microsoft technology. Since Microsoft has its own products like Defender and others, we still use them for our daily work. I would rate my overall experience with customer service as a 3 out of 10.

I am using Rapid7 MDR  for all the devices in a single data center. We have different devices including Windows servers, firewalls, endpoints, and various Arista devices. All those devices log different incidents that are managed by Rapid7 MDR .

We are using a Microsoft environment for our endpoints. We are collecting syslog logs for that. We also use EDR, and the correlation is quite useful. We have been getting new kinds of alerts and more insight into the endpoints. This proved valuable because we integrated EDR with it.

We were using an in-house SIEM  before with different use cases and analytics. However, it did not give us more insight into the logs that we were fetching. The benefits that came with Rapid7 MDR is the analysis we are getting now, which is quite useful. Apart from that, we also got user behavior analytics and EDR integration, which helped us considerably.

Regulatory compliance basically guides us at the moment. Our infrastructure is quite critical, so security posture needs to be well maintained. We are relying on Rapid7 MDR and have had a good experience. It is fulfilling our strategy. We have a risk matrix ourselves that maps with the risk posture we have. We are relying on our in-house risk matrix at the moment, but we also have a good feature with Rapid7 MDR.

We currently come across more false positives. The tool is a bit more aggressive than other tools. However, this can be fixed with tuning. We are working on tuning it better. Our infrastructure is expanding a lot, so we are getting lots of logs. The ingestion then becomes an issue from a cost perspective. These are the main areas for improvement.

I have been using the solution for one and a half years now.

If we talk about different vendors, there is competition, but the user interface of Rapid7 MDR is quite useful for us. The support is also good. There are different vendors which have more experienced staff. However, Rapid7 MDR has been the best in zero-day attacks and the vulnerabilities that come into picture. We prefer that.

We were using an in-house SIEM  before with different use cases and analytics. It did not give us more insight into the logs that we were fetching. The benefits that came with Rapid7 MDR is the analysis we are getting now, which is quite useful.

It is very easy.

We have a team, though we do not have a segregated team for it at the moment. We have around fifty individuals in different places and different responsibilities.

The log ingestion is the main criteria that comes into picture. I would not say it is cheap, but it is more efficient. It is economical for us. We evaluated different tools and services before. If we check the functional requirement and financial perspective, this is the best service.

We generally do not get into the telemetry part of it, and that is impacting a few things that align with our strategy at the moment. However, we should use it more. We will be contacting the support team for that.

Regarding scalability, I would rate it a nine. If an organization is looking for an edge in security and they have any kind of on-prem, hybrid, or cloud solution, I think they should go for Rapid7 MDR. Based on my experience, I have evaluated different vendors and this came out to be the better solution for us. I would recommend this. My overall rating for this product is nine.

Our use case is to measure our compliance score. We measure our compliance status with CIS benchmarks implemented via Intune  and Defender, which was a request from management.

I think the best feature of Rapid7 MDR  is that it is silent and easy to use. Sometimes I had some problems with it, but I believe that was caused by Microsoft and their policies. It was really fast to measure our compliance.

Rapid7 MDR  helped us find some gaps and vulnerabilities in our policies. It helped to make sure that we did not miss anything in our implementation.

It helped us to establish possible outcomes and what might happen if we want to implement something.

I did not use all features, so I am not sure what is already implemented or what would be good to implement. However, I think the best area for improvement is pricing.

I have been using Rapid7 MDR for half of the year, a few months.

There were no problems, so I think stability is nine out of ten.

I cannot compare Rapid7 MDR with other solutions because I did not use other detectors. If we are talking about Defender, I think it is really popular. I would say it is in the top five, and that is a really reasonable place for them.

The setup was really quick and easy.

Three people use Rapid7 MDR to manage and verify our compliance status. Three people was enough.

I did not use the Risk-Aware Detection feature at all, so unfortunately I cannot answer questions about that.

Regarding Intune , I have been using it for six years and Defender for two and a half years. Those are the two products I use the most. I also use some admin center, Exchange admin center, and other tools.

I am not sure about certain features because I did not use them all. However, as I have been in a support role, I think I should rate that at eight out of ten.

From my perspective, Rapid7 MDR is a really good product that is easy to implement and use. I achieved everything I needed, prepared the whole report, and it took me a few days. That is pretty fast and awesome.

My overall review rating for this product is seven out of ten.