We performed a comparison between Hillstone I-Series Server Breach Detection System, Rapid7 InsightIDR, and Securonix Next-Gen SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Darktrace, Vectra AI, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS)."One or two people can maintain and support the solution. The maintenance is not difficult."
"The most valuable features of the Hillstone I-Series Server Breach Detection System are the AI detection and monitoring of common threats."
More Hillstone I-Series Server Breach Detection System Pros →
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"InsightIDR helps us investigate an environment to discover information about incidents."
"The solution is easy to use, and the interface is intuitive."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"I like the tool's user analysis feature."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"The feature that I have found most valuable is their analytics platform where they have the open security data-link, which they introduced. This is typically different from the other vendors."
"Its console is very easy to use and configure. It is very intuitive for our use cases. App integrations are also pretty nice."
"The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it."
"The user interface is easy to learn and navigate."
"The most valuable feature is what Securonix calls enrichment. Securonix is very powerful because of all the data it can process and automatically enrich. The actionable intelligence it provides is one of its benefits, due to the processing capacity it has."
"I was looking for software as a service rather than having issues with managing hardware, upgrades, updates. I was trying to step away from that. Those were the key factors when looking at Securonix as a full-feature SIEM with next-generation capabilities available."
"[The solution has] incident-management or case-management functionality. If someone were to download a high number and we decided we needed to investigate it, I could open a case right in the tool. It would be able to directly reference the data that they downloaded and we could open and shut the case directly in the tool, as well as report from it."
"The customizability of the tool is valuable. We are able to customize the use cases and create them easily without a large amount of Securonix assistance. It's very flexible. We do not have to rely on Professional Services to modify or create a new use case."
"The UI dashboard view needs to be improved because it is ugly. If it was more modern it would be better. Additionally, better integration with other databases would be good."
"Hillstone I-Series Server Breach Detection System can improve by having more anti-spam features that will hopefully eliminate all of the other threats."
More Hillstone I-Series Server Breach Detection System Cons →
"Inability to get access to compliance reports within the solution."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"We thought they were going to be a great product, however, they're actually not great at all as an MSP."
"One of the things they can improve on a little bit is the usability side, to make some things simpler... The tool does have a lot of knobs, you can turn a lot of things on and off and you can change things. Sometimes, it can become a little overwhelming. They should remove some confirmation options and make it simpler for the less mature customers and people who are still trying to grasp it."
"Securonix implements risk scores based on different policies that are triggered. We've seen some challenges with the risk scores and how they trigger. These are things that Securonix has recognized and they've been working with us to help improve things."
"Sometimes, there is instability in the data in terms of the customization of the time. I have sometimes observed discrepancies in the data, which is something they should work on. They should bring more stability to time customization. If we are seeing a particular data, when we change the time zone, there should be the same data. There should not be any discrepancy."
"A helpful feature would be an event export. A way to create more substantial summary reports would be nice."
"It takes too long to generate Spotter reports. For example, a 90-day report is around 100 megabytes. That takes a while, but a one-day report can be generated in a few seconds. We would be happy if they sped up the process."
"The analytics-driven approach for finding sophisticated threats and reducing false positives is positive and good, but the platform requires a more dynamic concept. Everything is a bit static."
"When they did upgrades or applied patches, sometimes, there was downtime, which required the backfill of data. There were times when we had to reach out and get a lot of things validated."
More Hillstone I-Series Server Breach Detection System Pricing and Cost Advice →
