FortiSOAR vs. Rapid7 InsightConnect

Most organization with medium & maturity SOC struggle with alert fatigue & false positives with addressing alert volume is result in increasing risk of critical alerts being masked by trivial one , in this situation FortiSOAR help in case management : rapidly response in case of crises also. FortiSOAR is designed very well where Fortinet have other stack of security component also like Fortinet NGFW & Forti SIEM etc.. Fortinet NGFW can and generate the FortiSOAR instance through FortiCloud for Customer . However In absence of FortiFabric it require lot of connectors to work well the solution.

Incentivized

Where Rapid7 InsightConnect excels is in environments needing the whole suite of virus protection and monitoring. In our environment we use it to make sure we have visibility over all endpoints, servers, hosts, and clusters to make sure that there are no vulnerabilities being left unattended too. It is also best in large environments. Since there are many endpoints, the automation from Rapid7 helps manage them all in an efficient manner.

Incentivized

• User-friendly interface and easy to read data on the panels.
• Perfect for vulnerability management.
• Great integration with different security operations center platforms.
• Customized panels.
• Setting User Permissions.
• Scheduled asset scans with reports.

Incentivized

• The most significant difference is that we no longer have to examine endpoints and devices separately.
• The cost.
• The impact on the safety and efficiency of our business.

Incentivized

• Training Services- Fortinet offers courses geared towards administration and designed and development of FortiSOAR , Which required multiples access , we need all training services with self pace basis , I think here Fortinet need to improve.
• Licensing Model- Being as a new technology Licensing model should be crystal & Clear, be it Concurrent Users or The number of FortiSOAR nodes there should be no ambiguity .

Incentivized

• It would be great if Rapid7 InsightConnect could be configured based on pre determined specifications when installing the agent.
• We've noticed that at times, there are certain network parameters needed in order for Rapid7 to collect and report data efficiently.
• Sometimes there are issues with the discovery scan in Rapid7 making it hard to configure in the beginning.

Incentivized

It's incredibly easy to set up, to use, to detect threats. It's easy to change, tweek and very quick to resolve all issues

Incentivized

Done prove of concept (POC) thoroughly , where we judged the solution on every aspect & We came to know FortiSOAR will work well in our environment as it is blended with features like Case managements , Product Flexibility * Scalable Architecture . These features were much required to optimum use of our SOC solution. Since we have all the Fortinet security stack in our environment it helped us a lot in selection (POC) and also commercially.

Incentivized

Palo Alto was slightly cheaper, but more complex and would need the training to be effective. Splunk was comparative from a price standpoint, but the automation features of Rapid7 InsightConnect outweighed those of Splunk SOAR. Honestly, all of these are great choices, but for our environment, it made more sense to go with Rapid7.

Incentivized

• Improved compliance control and risk management.
• Improved the business process.
• Improved incident visibility.

Incentivized

• The automation and integration we set up in the dev cycle helped us provide evidence in audits
• The automation and integration we set up in the dev cycle helped us fix vulns in our software prior to implementation thus increasing our security
• Automations save massive time and headache's between infosec and devs

Incentivized