We performed a comparison between Rapid7 InsightIDR and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the analysis, because of the beta structure."
"Ability to get forensics details and also memory exfiltration."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The product's initial setup phase is very easy."
"The solution was relatively easy to deploy."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
"It improved my organization by building a security alerting program."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"The web interface is great — very useful and user-friendly."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"The solution's initial setup is easy."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"Dashboards, including the main screen, provide much-needed information at a glance, without hours of coding and sifting through logs to find it. In case of an actual security incident, I have faith that insightIDR has retained all logs in a secure manner that prevents log tampering as well."
"Using the communication within the security device, it is easier to create plugins."
"Asset discovery seems to be good."
"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."
"It is my "security person" looking at irregularities and letting me know when something has occurred."
"Log-monitoring and alerting enable us to know when things happen that we need to know about."
"The most valuable feature of this solution is security management for PCI DSS."
"In terms of monitoring, my best feature would be the monitoring of components across the network. It monitors the respective nodes and any new node that comes onto the network and provides reports. The reporting dashboards are really helpful for management in terms of making decisions around patch management."
"It brought our logs into one place for review and set up alarms based on changes we were missing due to lack of having one place for everything to go."
"The dashboard isn't easy to access and manage."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Making the portal mobile friendly would be helpful when I am out of office."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"Detections could be improved."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"Inability to get access to compliance reports within the solution."
"The product allows us to make only 30 custom rules."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"Lacks a mobile application."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"More complimentary training needs to be done for use with this tool. If you get into a bind, then it will cost you."
"The reporting aspect could be improved. While there are a lot of different options available, there are still pieces which are missing."
"The lack of mature functionality and expertise in any of those areas is a strong negative."
"It would be hard for any legitimate MSSP to use it."
"One area that has room for improvement is storage. AllienVault is a good place to put logs, but sometimes it's a tough place to go get logs... The logger can only hold so much data. If they improved that, that would help."
"I feel that some areas of improvement would be vulnerability scanning. We use a separate product that seems to do a much better job."
"The solution is a bit complicated. It could be simplified quite a bit."
"Source material on the forums to be more up-to-date with the changes happening within the product. Forums being out-of-date with information due to the changes makes troubleshooting a little more difficult - specific to the HIDS agents."
Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. Rapid7 InsightIDR is rated 8.4, while USM Anywhere is rated 8.4. The top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and LogRhythm SIEM. See our Rapid7 InsightIDR vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.