Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightIDR vs USM Anywhere comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
9th
Ranking in Endpoint Detection and Response (EDR)
18th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
User Entity Behavior Analytics (UEBA) (2nd), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (14th)
USM Anywhere
Ranking in Security Information and Event Management (SIEM)
31st
Ranking in Endpoint Detection and Response (EDR)
53rd
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
115
Ranking in other categories
Log Management (42nd), Compliance Management (12th)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Rapid7 InsightIDR is 2.5%, down from 2.7% compared to the previous year. The mindshare of USM Anywhere is 0.9%, down from 2.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.
Kris Nawani - PeerSpot reviewer
Offers complete coverage without the need to install additional software
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools The solution offers complete coverage without the need to install additional software, as it is maintained by the vendor. It helps in saving…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The platform offers unlimited storage and agent-based solutions."
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
"Very intuitive and easy to set up."
"Dashboards, including the main screen, provide much-needed information at a glance, without hours of coding and sifting through logs to find it. In case of an actual security incident, I have faith that insightIDR has retained all logs in a secure manner that prevents log tampering as well."
"I like the tool's user analysis feature."
"Great coverage of all systems within our network from endpoint to firewall."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"The solution provides satisfying native integration features"
"The vulnerability scanning is helpful to identify the areas that need patching or fixes installed."
"The pricing is amazing and really cheap."
"It is my "security person" looking at irregularities and letting me know when something has occurred."
"It provides a single pane of glass view, coupled with a whole security ecosystem. The ability to manage everything from a central point, including vulnerability assessments, asset management - including the services provided by the various hosts, NIDS, HIDS, etc. - provides a very efficient way of dealing with things."
"Using the communication within the security device, it is easier to create plugins."
"The new cloud-based panel is excellent both for client review as well as for our SOC to review and respond to threats. It is much easier to configure and use than the previous solution from AlienVault.​"
"There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems."
"The most valuable feature is vulnerability management because it gives you insight into your environment to know what systems need to be updated or patched."
 

Cons

"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"The product allows us to make only 30 custom rules."
"They should add more configuration and security features to it."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"Windows log collection works with HIDS, but documentation is sparse and confusing."
"Its reporting tools need improvements. It would be good if they can provide integration with other ticketing systems. Currently, we only have integration with Slack and Jira. It is also a bit slow, and its replication engine can be improved."
"Adding a parsing interface for the customers would make AT&T AlienVault USM better."
"The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."
"It was easy on PoC, but when we got to the product it was different story. We had to learn the product again and got feeling that the PoC was a different product."
"USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it."
"Their threat intelligence platform needs to be broadened. They should integrate it with more threat intelligence platforms. For the threat feed that they get from open intelligence, I would like them to add a few premium threat intelligence platforms. They can provide a bundle in which AlienVault has the threat intelligence background of other premium products."
"For creating new rules, you have to be familiar with regular expressions. I feel there could be something built-in to make sure that process is easier."
 

Pricing and Cost Advice

"It is more reasonably priced than other vendors."
"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
"Rapid7 InsightIDR's pricing is reasonable."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"It is a reasonably priced solution."
"The licensing fees are dependent on usage."
"Negotiate the best package for your environment."
"Do the one month trial and try to work out the kinks during it, as it has free support and service hours."
"Pricing is very competitive with other products and you get much more functionality from AlienVault."
"It's saved security costs."
"Use the AlienVault team. They are helpful and the documentation that they provide is second to none."
"The price of this solution is reasonable, which is one of the reasons why we selected it over other solutions."
"They charge a license based on the storage. ATT AlienVault USM is a less expensive solution than IBM QRadar."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
Computer Software Company
20%
Financial Services Firm
9%
Comms Service Provider
7%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
What do you like most about AT&T AlienVault USM?
The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
What needs improvement with AT&T AlienVault USM?
There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.
 

Also Known As

InsightIDR
AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
 

Overview

 

Sample Customers

Liberty Wines, Pioneer Telephone, Visier
Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
Find out what your peers are saying about Rapid7 InsightIDR vs. USM Anywhere and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.