Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightIDR vs USM Anywhere comparison

Rapid7 and LevelBlue are both solutions in the Security Information and Event Management (SIEM) category. Rapid7 is ranked #9 with an average rating of 8.1, while LevelBlue is ranked #31 with an average rating of 7.3. Rapid7 holds a 2.3% mindshare in SIEM, compared to LevelBlue’s 1.2% mindshare. Additionally, 95% of Rapid7 users are willing to recommend the solution, compared to 92% of LevelBlue users who would recommend it.
Rapid7 InsightIDR
Read 31 Rapid7 InsightIDR reviews
  • 5,221 Views
  • 2,921 Comparison Views
95% willing to recommend
USM Anywhere
Read 114 USM Anywhere reviews
  • 3,529 Views
  • 2,406 Comparison Views
92% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

USM Anywhere and Rapid7 InsightIDR compete in the comprehensive security information and event management (SIEM) solutions category. Rapid7 InsightIDR holds an edge due to its advanced threat detection capabilities despite its higher pricing.

Features: USM Anywhere offers unified management of multiple security capabilities, intuitive workflows, and streamlined operations. Rapid7 InsightIDR includes advanced threat detection, user behavior analytics, and robust integration capabilities.

Room for Improvement: USM Anywhere could benefit from more in-depth reporting options, enhanced automation, and improved data insights. Rapid7 InsightIDR requires better support for custom log ingestion, more flexible reporting tools, and greater customization options.

Ease of Deployment and Customer Service: USM Anywhere is praised for straightforward deployment and strong support. Rapid7 InsightIDR integrates easily with existing infrastructures but has mixed reviews on customer service.

Pricing and ROI: USM Anywhere is cost-effective, providing a good balance of features for the price, ensuring strong ROI. Rapid7 InsightIDR, though higher in cost, delivers significant returns with its advanced capabilities, making the higher initial investment worthwhile.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Rapid7 InsightIDR vs. USM Anywhere Report (Updated: November 2024).
Buyer's Guide
Rapid7 InsightIDR vs. USM Anywhere
November 2024
Download the complete report
Helped 816,192 peers since 2012
 

Categories and Ranking

Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
9th
Ranking in Endpoint Detection and Response (EDR)
20th
Average Rating
8.4
Number of Reviews
31
Ranking in other categories
User Entity Behavior Analytics (UEBA) (3rd), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (15th)
USM Anywhere
Ranking in Security Information and Event Management (SIEM)
31st
Ranking in Endpoint Detection and Response (EDR)
51st
Average Rating
8.4
Number of Reviews
114
Ranking in other categories
Log Management (34th), Compliance Management (11th)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Rapid7 InsightIDR is 2.3%, down from 2.5% compared to the previous year. The mindshare of USM Anywhere is 1.2%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

JensWolf - PeerSpot reviewer
A solution that offers easy setup and deployment phases, along with great scalability and stability
I rate the initial setup a ten out of ten. The solution's initial setup was very straightforward. The solution is deployed on an on-premises and cloud model. The cloud services are provided by Rapid7. The solution can be deployed in half a day or four hours in a small environment. I was the only person involved in the product's deployment phase.
Read full review
Omer Jamil - PeerSpot reviewer
An easy-to-deploy tool that needs to improve its vulnerability scanning feature
To those who plan to use the solution, I would suggest that they go through the documentation and online training models available for free, as it can help you deploy the product quickly while also being helpful in areas where there is a need to understand correlation and monitoring. I rate the overall product a seven out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"It is a very stable solution."
"It improved my organization by building a security alerting program."
"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"Great coverage of all systems within our network from endpoint to firewall."
"The solution is very scalable in terms of the licensing model."
"I like the tool's user analysis feature."
More Rapid7 InsightIDR pros
"Using the communication within the security device, it is easier to create plugins."
"This solution can completely detect and prevent incidents on your network."
"Asset discovery and vulnerability scanner are good features. The integration between this solution and OTX, which is an AlienVault platform for Open Threat Exchange, is also a valuable feature. It is also quick and easy to deploy, so you can quickly engage with a customer's environment."
"The main menu: You can see everything there, what is happening on the servers, and in the logs, you can view more details of each event."
"Any unusual behaviour, we can monitor. We have alerts set up to be sent when we receive signs of any unusual behaviour."
"In terms of monitoring, my best feature would be the monitoring of components across the network. It monitors the respective nodes and any new node that comes onto the network and provides reports. The reporting dashboards are really helpful for management in terms of making decisions around patch management."
"It has powerful threat detection, incident response, and compliance management."
"Log-monitoring and alerting enable us to know when things happen that we need to know about."
More USM Anywhere pros
 

Cons

"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"The product allows us to make only 30 custom rules."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"Lacks a mobile application."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
More Rapid7 InsightIDR cons
"There is room for improvement in Log parsing."
"We've had some stability problems, not a lot, but a few. Updates seem to be the worst. That seems to be when the stability problems come up."
"Support can be slow at times, but the quality is high. Posted knowledge base articles could use improvement."
"In the future, I would like to see all these features of the solution working properly."
"The UI and overall processes need a little bit more love. This shows in the error banners that come up when you select certain things. There isn't a day that goes by that the UI doesn't error out and I can't view events for an alarm."
"We develop additional rules and scripts to make it more usable."
"The reporting aspect could be improved. While there are a lot of different options available, there are still pieces which are missing."
"The lack of mature functionality and expertise in any of those areas is a strong negative."
More USM Anywhere cons
 

Pricing and Cost Advice

"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"The pricing and licensing are competitive."
"It is a reasonably priced solution."
More Rapid7 InsightIDR pricing and cost advice
"So far, it has been a good solution for a tight budget."
"​The price point is good.​"
"Pricing is very competitive with other products and you get much more functionality from AlienVault."
"Negotiate the best package for your environment."
"The licensing fees are dependent on usage."
"Do the one month trial and try to work out the kinks during it, as it has free support and service hours."
"I don't know exactly, but I know it is based on the number of logs and the retention duration, such as 30 days or something like that. So, the smallest package is about 500 a month for 30 days of logs. There is a virtual machine. You need resources for it. It is a log collecting VM. They provide the software, and you just have to load a virtual machine. So, you're going to incur some CPU RAM and storage for wherever this log collecting appliance is running, which typically is in our cloud and on our platform for the customer."
"The price for this solution is very good, but since the features do not work the price is expensive."
More USM Anywhere pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
816,192 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
8%
Manufacturing Company
8%
Government
6%
Computer Software Company
18%
Educational Organization
9%
Financial Services Firm
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
See all answers
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightIDR?
The product pricing is very cheap.
See all answers
What do you like most about AT&T AlienVault USM?
The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
See all answers
What is your experience regarding pricing and costs for AT&T AlienVault USM?
The price is really variable depending on what tier the customer is subscribing to. I think USM Anywhere recently started a 125, a 250, and then 500 and 1000 tier. So it depends on the organization...
See all answers
What needs improvement with AT&T AlienVault USM?
The only issue that you need to bypass is the issue with integration with some other log sources, some other application security applications. The issue is still present. The process of collecting...
See all answers
 

Comparisons

Darktrace vs Rapid7 InsightIDR Logo
Darktrace vs Rapid7 InsightIDR
Compared 13% of the time
Microsoft Sentinel vs Rapid7 InsightIDR Logo
Microsoft Sentinel vs Rapid7 InsightIDR
Compared 11% of the time
Rapid7 InsightVM vs Rapid7 InsightIDR Logo
Rapid7 InsightVM vs Rapid7 InsightIDR
Compared 7% of the time
CrowdStrike Falcon vs Rapid7 InsightIDR Logo
CrowdStrike Falcon vs Rapid7 InsightIDR
Compared 6% of the time
Tanium vs Rapid7 InsightIDR Logo
Tanium vs Rapid7 InsightIDR
Compared 2% of the time
More Rapid7 InsightIDR Competitors
Wazuh vs USM Anywhere Logo
Wazuh vs USM Anywhere
Compared 19% of the time
AlienVault OSSIM vs USM Anywhere Logo
AlienVault OSSIM vs USM Anywhere
Compared 19% of the time
Splunk Enterprise Security vs USM Anywhere Logo
Splunk Enterprise Security vs USM Anywhere
Compared 11% of the time
IBM Security QRadar vs USM Anywhere Logo
IBM Security QRadar vs USM Anywhere
Compared 9% of the time
Microsoft Sentinel vs USM Anywhere Logo
Microsoft Sentinel vs USM Anywhere
Compared 8% of the time
More USM Anywhere Competitors
 

Product Reports

Buyer's Guide
Rapid7 InsightIDR
November 2024
Rapid7 InsightIDR reportDownload Rapid7 InsightIDR product report
Buyer's Guide
USM Anywhere
October 2024
USM Anywhere reportDownload USM Anywhere product report
 

Also Known As

InsightIDR
AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
 

Learn More

Rapid7
Video not available
LevelBlue
 

Overview

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

Discover

  • Network asset discovery
  • Software & services discovery
  • AWS asset discovery
  • Azure asset discovery
  • Google Cloud Platform asset discovery

Analyze

  • SIEM event correlation, auto-prioritized alarms
  • User activity monitoring
  • Up to 90-days of online, searchable events

Detect

  • Cloud intrusion detection (AWS, Azure, GCP)
  • Network intrusion detection (NIDS)
  • Host intrusion detection (HIDS)
  • Endpoint Detection and Response (EDR)

Respond

  • Forensics querying
  • Automate & orchestrate response
  • Notifications and ticketing

Assess

  • Vulnerability scanning
  • Cloud infrastructure assessment
  • User & asset configuration
  • Dark web monitoring

Report

  • Pre-built compliance reporting templates
  • Pre-built event reporting templates
  • Customizable views and dashboards
  • Log storage
 

Sample Customers

Liberty Wines, Pioneer Telephone, Visier
Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
Buyer's Guide
Rapid7 InsightIDR vs. USM Anywhere
November 2024
Free Report: Rapid7 InsightIDR vs. USM Anywhere
Find out what your peers are saying about Rapid7 InsightIDR vs. USM Anywhere and other solutions. Updated: November 2024.
DOWNLOAD NOW
816,192 professionals have used our research since 2012.
See our Rapid7 InsightIDR vs. USM Anywhere report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.