You are using an outdated browser. For a faster, safer browsing experience, upgrade for free today.

AT&T AlienVault USM Vs Rapid7 InsightIDR

Cyber Security
byRex Benny

SIEM stands for Security Information and Event Management. SIEM solutions are used for real-time analysis of security alerts and network hardware. This term combines the security software packages from Log Management Systems to Security Log / Event Management, Security Information Management, and Security Event correlation. These features are combined for 360-degree protection. This report compares the two different SIEM tools AT&T AlienVault USM and Rapid7 InsightIDR.

AlienVault USM is a cloud-based security management solution that centralizes threat detection, incident response, and compliance management for cloud, hybrid cloud, and on-premises environments. USM Anywhere includes cloud sensors for monitoring Amazon Web Services (AWS) and Microsoft Azure cloud environments.

AT&T AlienVault USM Anywhere is best for enterprises with a smaller staff and limited security budget with ease of use and ease of deployment. Native file integrity monitoring and end point detection, network traffic analysis and response capability are above average. Rapid7 InsightIDR is strong for deployment and best for comprehensive organizational security. Support or third-party solutions is limited for InsightIDR. Incident management, quick sorting of logs, automated actions and intelligent alerting is the important features of InsightIDR, but the solution is costlier and suitable for mid enterprises.
AT&T AlienVault USM Anywhere is best solution for midsize enterprises compared to Rapid7 InsightIDR. It is suitable for smaller security operations team, cost effective option with more features and number of employees ranging from 50 to 3000. AlienVault is in the market for a couple of years since log time. It will be easy for the analyst and the support engineers to implement and to integrate multiple technologies to the AlienVault USM, even if we didn’t receive support it will be easy to get support from opensource. But when it comes to Rapid7 since it’s a new technology they have built up, it will be very tough to find support and troubleshooting steps to implement and integrate with different technologies.


AlienVault is a good place to put logs, but sometimes it's a tough place to go get logs. Room for improvement is storage, logger can only hold data. AlienVault USM Anywhere, cannot schedule reports. Bug-free but need to be responsive to bugs.

IDS and threat intelligence are very useful, Intuitive and data rich. Not just a log collection and correlation system, bundle of features. Log monitoring and alerting to know when things happen.

Rapid7 InsightIDR combines endpoint forensics, log search and sophisticated dashboards into a single solution. InsightIDR has high artificial intelligence, peer security tools together.