We performed a comparison between Rapid7 InsightIDR and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The price is low and quite competitive with others."
"The solution was relatively easy to deploy."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"NGAV and EDR features are outstanding."
"The most valuable feature is the analysis, because of the beta structure."
"The product detects and blocks threats and is more proactive than firewalls."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Rapid7's reporting is more robust than Tenable's."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"InsightIDR helps us investigate an environment to discover information about incidents."
"The solution is very scalable in terms of the licensing model."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"The most valuable feature is vulnerability management because it gives you insight into your environment to know what systems need to be updated or patched."
"The asset management of nodes has been a large help in terms of being able to track applications with more detail and have changes made being monitored into one source."
"The best feature of this product is the ease of use. It is extremely easy to set up and get going. This is a very useful tool for a small organization."
"This is a USM, so being able to get all the features under one roof makes it a good product with good new features."
"It allows for a lot of out-of-the-box features: vuln scanning, HIDS/HIPS, and IDS."
"We had used previous products and found AlienVault centralized the logging for our security."
"The vulnerability manager and the file integration are very good."
"The IDS and the threat intelligence are very useful. They are very intuitive and data-rich."
"Making the portal mobile friendly would be helpful when I am out of office."
"Cannot be used on mobile devices with a secure connection."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"I haven't seen the use of AI in the solution."
"The SIEM could be improved."
"The dashboard isn't easy to access and manage."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"The ability to tune the collector for custom logs would greatly help."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"They should add more configuration and security features to it."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"Support can be slow at times, but the quality is high. Posted knowledge base articles could use improvement."
"AlienVault needs to continue to integrate with other third-party technologies that clients want to have monitored."
"they seem to have bugs from time to time that go unfixed for a while and that is frustrating. I'm not saying the product needs to be bug-free, but they need to be responsive to bugs."
"Different functions to customize reports should be added."
"Source material on the forums to be more up-to-date with the changes happening within the product. Forums being out-of-date with information due to the changes makes troubleshooting a little more difficult - specific to the HIDS agents."
"As this software is in the cloud, you do not have control on updates and general changes which are happening."
"The reporting module could be a little easier to handle, as it requires quite some trial and error until you get the reports you want. Also, it would be great to have a graphical interface for the Network Intrusion Detection System's rule management."
"It was easy on PoC, but when we got to the product it was different story. We had to learn the product again and got feeling that the PoC was a different product."
Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. Rapid7 InsightIDR is rated 8.4, while USM Anywhere is rated 8.4. The top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and LogRhythm SIEM. See our Rapid7 InsightIDR vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.