Fortinet FortiSIEM vs Rapid7 InsightIDR comparison

Cancel
You must select at least 2 products to compare!
Devo Logo
Read 16 Devo reviews
14,305 views|5,499 comparisons
Fortinet Logo
15,586 views|8,430 comparisons
Rapid7 Logo
11,293 views|7,309 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Fortinet FortiSIEM and Rapid7 InsightIDR based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Fortinet FortiSIEM vs. Rapid7 InsightIDR Report (Updated: November 2022).
656,474 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way.""The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them.""The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is.""In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time.""The most useful feature for us, because of some of the issues we had previously, was the simplicity of log integrations. It's much easier with this platform to integrate log sources that might not have standard logging and things like that.""The most valuable feature is that it has native MSSP capabilities and maintains perfect data separation. It does all of that in a very easy-to-manage cloud-based solution.""It's very, very versatile.""Those 400 days of hot data mean that people can look for trends and at what happened in the past. And they can not only do so from a security point of view, but even for operational use cases. In the past, our operational norm was to keep live data for only 30 days. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. That's one reason that having 400 days of live data is pretty huge. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics."

More Devo Pros →

"One of the most valuable features is that we can combine SOC and NOC operations in the same tool. We can provide NOC and SOC services in the same tool for two separate teams. There are plenty of third-party solutions that integrate with FortiSIEM. All these solutions already have a ready integration, and we have the possibility to create a custom connector for these solutions. Its reports are also very good.""We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers.""FortiSIEM provides a single PIN to monitor SOC and NOC. It's a nice tool for integration and monitoring. It provides multiple categories for monitoring based on security designations like low, medium, and high.""FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication.""We have found the most important features in Fortinet FortiSIEM to be the correlation, file utility check, latest file, and hash changes. These features are important for us.""It's a very nice solution to work with.""The event correlation is pretty robust. The GUI is pretty good.""The CMDB and the device discovery features are most valuable."

More Fortinet FortiSIEM Pros →

"Simple configuration and automatically syncs to the cloud platform.""Rapid7's reporting is more robust than Tenable's.""It is a very stable solution.""Very intuitive and easy to set up.""Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log.""The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."

More Rapid7 InsightIDR Pros →

Cons
"Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better.""We only use the core functionality and one of the reasons for this is that their security operation center needs improvement.""There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space.""Technical support could be better.""Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data.""I would like to have the ability to create more complex dashboards.""An admin who is trying to audit user activity usually cannot go beyond a day in the UI. I would like to have access to pages and pages of that data, going back as far as the storage we have, so I could look at every command or search or deletion or anything that a user has run. As an admin, that would really help. Going back just a day in the UI is not going to help, and that means I have to find a different way to do that.""There are some issues from an availability and functionality standpoint, meaning the tool is somewhat slow. There were some slow response periods over the past six to nine months, though it has yet to impact us terribly as we are a relatively small shop. We've noticed it, however, so Devo could improve the responsiveness."

More Devo Cons →

"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature.""FortiSIEM is not a market leader in the SIEM space.""Areas for improvement would be the ease of use and the integration with Fortinet's own products.""There is no proper guide for integration or configuration.""We expect the latest patch from Fortinet FortiSIEM to give the ability to work with signature files.""The policy editing should be easier. Right now, it's too hard.""An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS.""The interface needs some improvements because it's a bit cumbersome when you're trying to view items. It takes some time to get used to. Additionally, sometimes the scrolling does not work."

More Fortinet FortiSIEM Cons →

"Lacks a mobile application.""Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps.""Inability to get access to compliance reports within the solution.""One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level.""InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment.""The dashboard is an area that could be simplified."

More Rapid7 InsightIDR Cons →

Pricing and Cost Advice
  • "I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."
  • "Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."
  • "[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."
  • "Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
  • "Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
  • "Our licensing fees are billed annually and per terabyte."
  • "I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
  • "Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."
  • More Devo Pricing and Cost Advice →

  • "Its price can be better. We are Fortinet partners, so we can get discounts, but its price can be an issue at the beginning for others. There is a licensing scheme for every case. There are three licensing schemes that we can choose from."
  • "The price of Fortinet FortiSIEM is a lot less when compared to other solutions."
  • "They have a yearly subscription."
  • "The solution is available for both, perpetual and subscription licenses."
  • "Manageable, however would be better as pay as you go versus CapEX."
  • "The price of Fortinet FortiSIEM was reasonable compared to other solutions."
  • "There are additional features that cost more than the standard licensing fees."
  • "This is probably more on the lower cost end of the spectrum compared to competing products. Fortinet's license model is based on events per second, which makes sense, but that's not typical. It makes it very hard to calculate what your costs are going to be as you scale the platform because some log sources, such as firewall logs, are very noisy, and there are lots and lots of events per second, but some of them are not. So, it becomes a bit of a science experiment trying to guess what your costs are going to be as you scale the solution. This is where other competing products perhaps have a more straightforward license model."
  • More Fortinet FortiSIEM Pricing and Cost Advice →

  • "It is a reasonably priced solution."
  • "It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
  • More Rapid7 InsightIDR Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    656,474 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Devo, like other vendors, doesn't charge extra for playbooks and automation. That way, you are only paying for the side… more »
    Top Answer:I need more empowerment in reporting. For example, when I'm using Qlik or Power BI in terms of reporting for the… more »
    Top Answer:They should offer better visibility, more correlation tools and a better understanding of the network. Fortinet… more »
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR)… more »
    Top Answer:Rapid7's reporting is more robust than Tenable's.
    Top Answer:It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year.
    Comparisons
    Also Known As
    FortiSIEM, AccelOps
    InsightIDR
    Learn More
    Overview

    Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

    FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.

    Companies around the world use FortiSIEM for the following use cases:

    • Threat management and intelligence that provide situational awareness and anomaly detection
    • Alleviating compliance mandate concerns for PCI, HIPAA and SOX
    • Managing “alert overload”
    • Handling the “too many tools” reporting issue
    • Addressing the MSPs/MSSPs pain of meeting service level agreements

    Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

    Offer
    See Devo in Action

    See how Devo allows you to free yourself from data management, and make machine data and insights accessible.

    Learn more about Fortinet FortiSIEM
    Learn more about Rapid7 InsightIDR
    Sample Customers
    United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
    FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
    Liberty Wines, Pioneer Telephone, Visier
    Top Industries
    REVIEWERS
    Computer Software Company50%
    Comms Service Provider10%
    Retailer10%
    Insurance Company10%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider12%
    Government9%
    Financial Services Firm9%
    REVIEWERS
    Comms Service Provider27%
    Financial Services Firm10%
    Computer Software Company10%
    Retailer7%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider17%
    Government9%
    Manufacturing Company5%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Comms Service Provider13%
    Financial Services Firm7%
    Government7%
    Company Size
    REVIEWERS
    Small Business21%
    Midsize Enterprise21%
    Large Enterprise58%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise16%
    Large Enterprise62%
    REVIEWERS
    Small Business43%
    Midsize Enterprise24%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise21%
    Large Enterprise52%
    REVIEWERS
    Small Business50%
    Midsize Enterprise29%
    Large Enterprise21%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise21%
    Large Enterprise53%
    Buyer's Guide
    Fortinet FortiSIEM vs. Rapid7 InsightIDR
    November 2022
    Find out what your peers are saying about Fortinet FortiSIEM vs. Rapid7 InsightIDR and other solutions. Updated: November 2022.
    656,474 professionals have used our research since 2012.

    Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 22 reviews while Rapid7 InsightIDR is ranked 13th in Security Information and Event Management (SIEM) with 6 reviews. Fortinet FortiSIEM is rated 7.4, while Rapid7 InsightIDR is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It has robust event correlation and good GUI, but their technical support should be better, and it should support more nonstandard log sources". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Initial setup is quick, there is no need to pay for hardware, and it's easy to scale". Fortinet FortiSIEM is most compared with Microsoft Sentinel, Splunk, IBM QRadar, PRTG Network Monitor and Zabbix, whereas Rapid7 InsightIDR is most compared with Microsoft Sentinel, Darktrace, Splunk, Rapid7 InsightVM and Microsoft Defender for Identity. See our Fortinet FortiSIEM vs. Rapid7 InsightIDR report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.