We performed a comparison between Rapid7 InsightIDR and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two EDR (Endpoint Detection and Response) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The product detects and blocks threats and is more proactive than firewalls."
"The product's initial setup phase is very easy."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"This is stable and scalable."
"The alerting to drive investigations and remediation has been its most valuable feature."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"The web interface is great — very useful and user-friendly."
"Features for user behavior analytics and the rules for attack review are good."
"The best feature of this product is the ease of use. It is extremely easy to set up and get going. This is a very useful tool for a small organization."
"The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful."
"The IDS and the threat intelligence are very useful. They are very intuitive and data-rich."
"It allows you to define what alerts you want to see, or not to see, as well as if you want them grouped, or ungrouped."
"OTX is a great module that lets staff maintain and monitor updates regarding events in the infrastructure and takes decision to improve the security perimeter."
"AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable."
"The USM is a work horse, no matter what devices or the number of logs we throw at it, the system processes them in real time, correlates the events, and alerts on only events that need human review."
"Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The support needs improvement."
"The only minor concern is occasional interference with desired programs."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Making the portal mobile friendly would be helpful when I am out of office."
"I feel it would greatly benefit from more supported log sources."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"The product allows us to make only 30 custom rules."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"They should add more configuration and security features to it."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"Adding a parsing interface for the customers would make AT&T AlienVault USM better."
"The dashboard could be improved as well as the level of customization."
"The reporting and dashboards have room for improvement."
"AlienVault needs to continue to integrate with other third-party technologies that clients want to have monitored."
"The reporting aspect could be improved. While there are a lot of different options available, there are still pieces which are missing."
"The reporting tools are a bit lacking for building reports to give directly to customers, but support has been helpful in giving our requests for new features to the development team and following up with us."
"It would be nice to see some machine learning and monitoring of the configuration in network devices."
"Pay attention to false-positive event automatic correlations."
Rapid7 InsightIDR is ranked 28th in EDR (Endpoint Detection and Response) with 29 reviews while USM Anywhere is ranked 25th in EDR (Endpoint Detection and Response) with 113 reviews. Rapid7 InsightIDR is rated 8.4, while USM Anywhere is rated 8.4. The top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and Sumo Logic Security, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Microsoft Sentinel and LogRhythm SIEM. See our Rapid7 InsightIDR vs. USM Anywhere report.
See our list of best EDR (Endpoint Detection and Response) vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.