We performed a comparison between Rapid7 InsightIDR and Sophos UTM based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."
"InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."
"Very intuitive and easy to set up."
"I like that it's a cloud-based solution."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"Simple configuration and automatically syncs to the cloud platform."
"The most valuable feature is the price. I've been requesting prices all over these years between different solutions like Fortinet, Palo Alto, and Check Point and Sophos has been the cheapest and the best of all of them that I have tried. I have been working with Fortinet, it's a fact that the price is surprisingly better."
"It allows me to easily connect with more than forty-five remote sites and more than fifty remote users between IPsec and SSL VPN, applying the web filter and application filter to ensure a secure connection."
"The solution is stable."
"Sophos UTM has improved the porting section. It has improved security by seeing the gaps. For example, when you discover that an entry has been using a certain application, with Sophos UTM acting as a Layer 7 firewall, you can block the application, not the port."
"It is a very good product. The threat monitoring process is the most valuable feature."
"The firewall itself is very strong and provides great security."
"It is a stable product... I rate the solution's technical support a nine out of ten...The initial setup is quite easy because they have all the information on their website."
"We find all of the features valuable because together they fit the needs of our customers."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"They should add more configuration and security features to it."
"The ability to tune the collector for custom logs would greatly help."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"In short, the UI and UX are the areas of improvement in Sophos UTM and similar solutions compared to Palo Alto."
"They could definitely improve on the support, especially in other countries."
"The reporting system needs to allow for customizations because many reports do not include details that we expect."
"I am going to flat out say technical support is terrible. Being a Platinum level customer, I am not happy with the support."
"The management suite is easy and the agent is easy to develop."
"They could use more SSL VPN support."
"We'd like to see them offer their services on mobile devices like tablets. I'm not sure if that's an option or not."
"The pricing is an issue."
Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 30 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Rapid7 InsightIDR is rated 8.4, while Sophos UTM is rated 8.4. The top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar, whereas Sophos UTM is most compared with Netgate pfSense, Fortinet FortiGate, Sophos XG, OPNsense and Palo Alto Networks NG Firewalls.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
