We performed a comparison between Hillstone I-Series Server Breach Detection System, Rapid7 InsightIDR, and Securonix Next-Gen SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Darktrace, Vectra AI, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS)."One or two people can maintain and support the solution. The maintenance is not difficult."
"The most valuable features of the Hillstone I-Series Server Breach Detection System are the AI detection and monitoring of common threats."
More Hillstone I-Series Server Breach Detection System Pros →
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."
"Features for user behavior analytics and the rules for attack review are good."
"The solution is very stable and works very well for what I need it to do."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"There aren't any positive aspects of the solution. It was a complete failure. There are no redeeming features."
"What I like most is that the threat models and risk scoring are very accurate and very helpful to the analysts on my team. They help highlight the most important things for them to look at."
"Its console is very easy to use and configure. It is very intuitive for our use cases. App integrations are also pretty nice."
"The detection of threats and reduction of false positive alarms as compared to other solutions are valuable features. It has improved threat detection response and reduced a lot of noise from false positives as compared to our previous SIEM solutions."
"The customizability of the tool is valuable. We are able to customize the use cases and create them easily without a large amount of Securonix assistance. It's very flexible. We do not have to rely on Professional Services to modify or create a new use case."
"We can customize our use cases with the tools provided by Securonix. It is an excellent tool that can ingest data in different ways and is very flexible."
"The most valuable feature is what Securonix calls enrichment. Securonix is very powerful because of all the data it can process and automatically enrich. The actionable intelligence it provides is one of its benefits, due to the processing capacity it has."
"The most valuable feature is that it works on user behavior and event rarities."
"The UI dashboard view needs to be improved because it is ugly. If it was more modern it would be better. Additionally, better integration with other databases would be good."
"Hillstone I-Series Server Breach Detection System can improve by having more anti-spam features that will hopefully eliminate all of the other threats."
More Hillstone I-Series Server Breach Detection System Cons →
"They should add more configuration and security features to it."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"I feel it would greatly benefit from more supported log sources."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"It could be improved a little bit more for admin users. There should be more administrative options related to security for admin users. For example, for forensic purposes, the admin should be able to stop a specific user from erasing some information. I would be helpful in certain situations, such as during an internal fraud."
"There is room for improvement in the product's integration with ServiceNow and in the reporting features."
"We thought they were going to be a great product, however, they're actually not great at all as an MSP."
"The technical support of the solution is an area with shortcomings and needs improvement."
"The solution could provide more automation."
"We have a lot of users who, because they're engineers and they're bringing down product data - where, at times, a top-level product could be 10,000 or 15,000 objects - it's difficult for us to determine what should be a concern and what shouldn't be a concern. We work with the Securonix folks to try to come up with better ways to identify that."
"Sometimes, there is instability in the data in terms of the customization of the time. I have sometimes observed discrepancies in the data, which is something they should work on. They should bring more stability to time customization. If we are seeing a particular data, when we change the time zone, there should be the same data. There should not be any discrepancy."
"The incident response area should be improved."
More Hillstone I-Series Server Breach Detection System Pricing and Cost Advice →