We performed a comparison between Fortinet FortiSIEM and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"The most valuable feature is the dashboard. CMDB database collects data from a lot of pre-configured devices."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"One of the most valuable features is that we can combine SOC and NOC operations in the same tool. We can provide NOC and SOC services in the same tool for two separate teams. There are plenty of third-party solutions that integrate with FortiSIEM. All these solutions already have a ready integration, and we have the possibility to create a custom connector for these solutions. Its reports are also very good."
"It's very easy for anyone to work with."
"There are things like dashboards and reports (pre-configured and custom) that let me know that things are operating the way they should be, and when they are not."
"The event correlation is pretty robust. The GUI is pretty good."
"We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"Very intuitive and easy to set up."
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"Log search allows us to dive deep into aggregated logs and query all event types at once."
"User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
"I would like to see more integration with other platforms."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"There could be more AI features included in the product."
"The performance can be improved. Sometimes it takes a long time to fetch data."
"The reporting feature is not very attractive for the upper management and I am not able to perform complex/nested queries."
"The stability of the product is an area of concern where improvements are required."
"Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome."
"The log collection and configuration management are not great."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"The APIs can be further improved in Rapid7."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"Inability to get access to compliance reports within the solution."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 30 reviews. Fortinet FortiSIEM is rated 7.6, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, Microsoft Sentinel and Zabbix, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and Microsoft Defender for Identity. See our Fortinet FortiSIEM vs. Rapid7 InsightIDR report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
