We performed a comparison between Rapid7 InsightIDR and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Ability to get forensics details and also memory exfiltration."
"The solution was relatively easy to deploy."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The setup is pretty simple."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"It is stable and scalable."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"The solution is easy to use, and the interface is intuitive."
"The solution is very stable and works very well for what I need it to do."
"The asset management of nodes has been a large help in terms of being able to track applications with more detail and have changes made being monitored into one source."
"The USM is a work horse, no matter what devices or the number of logs we throw at it, the system processes them in real time, correlates the events, and alerts on only events that need human review."
"The other big selling feature for us was its integration capabilities with all the other security-based products."
"Vulnerability scanning helped out shortcomings of what was not patched in the past and what needed to be patched. This assisted with fine tuning the environment for compliance."
"Any unusual behaviour, we can monitor. We have alerts set up to be sent when we receive signs of any unusual behaviour."
"It has streamlined log aggregation and analysis to meet organizational and regulatory needs."
"Asset discovery and vulnerability scanner are good features. The integration between this solution and OTX, which is an AlienVault platform for Open Threat Exchange, is also a valuable feature. It is also quick and easy to deploy, so you can quickly engage with a customer's environment."
"It has allowed us to see what is happening on our servers."
"Cannot be used on mobile devices with a secure connection."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The SIEM could be improved."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The support needs improvement."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"Needs a better ability to customize the check within the console."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."
"The main problem lies in the processes within the client's operating systems."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
"The dashboard could be improved as well as the level of customization."
"The solution already has quite good tools, however, they need better integration tools for linking with Office 365, Google Suite, and so on."
"Pay attention to false-positive event automatic correlations."
"I'd like to see a dashboard that's a little more descriptive."
"The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."
"The reporting aspect could be improved. While there are a lot of different options available, there are still pieces which are missing."
"The only complex area of the setup was writing the custom scripts."
"In the future, I would like to see all these features of the solution working properly."
Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. Rapid7 InsightIDR is rated 8.4, while USM Anywhere is rated 8.4. The top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and LogRhythm SIEM. See our Rapid7 InsightIDR vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.