Elastic Security vs Rapid7 InsightIDR comparison

Elastic and Rapid7 are both solutions in the Security Information and Event Management (SIEM) category. Elastic is ranked #5 with an average rating of 7.7, while Rapid7 is ranked #9 with an average rating of 8.1. Elastic holds a 7.7% mindshare in SIEM, compared to Rapid7’s 2.6% mindshare. Additionally, 85% of Elastic users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.

Elastic Security

Read 62 Elastic Security reviews

11,560 Views
9,584 Comparison Views

85% willing to recommend

Rapid7 InsightIDR

Read 31 Rapid7 InsightIDR reviews

5,093 Views
2,897 Comparison Views

95% willing to recommend

Elastic Security

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Rapid7 InsightIDR and Elastic Security are both powerful cybersecurity solutions. Rapid7 InsightIDR offers notable benefits in support and ease of deployment, while Elastic Security excels in features and overall value, despite a potentially higher price point.

Features: Rapid7 InsightIDR is praised for robust incident detection and response capabilities. Users value its automated threat detection and customizable dashboards. Elastic Security stands out with comprehensive search and analytics functionalities, providing detailed security monitoring. Differences are evident as Elastic Security offers deeper data analytics, making it superior for users requiring extensive monitoring.

Room for Improvement: Users suggest Rapid7 InsightIDR could benefit from enhanced integration with third-party tools and more customizable alerts. Elastic Security reviews indicate a need for improved ease of use and better documentation. Rapid7 needs stronger integration features, while Elastic Security requires enhancements in usability.

Ease of Deployment and Customer Service: Rapid7 InsightIDR is noted for a straightforward deployment process and highly responsive customer support. Elastic Security, while offering good deployment flexibility, sometimes requires more technical expertise, and users feel customer service can be inconsistent. Therefore, Rapid7 InsightIDR is favored for ease of deployment and superior customer service.

Pricing and ROI: Rapid7 InsightIDR users find the setup cost reasonable and appreciate the ROI in quicker threat responses. Elastic Security may have a steeper learning curve, but users feel the comprehensive features justify the investment. While Rapid7 InsightIDR is seen as cost-effective, Elastic Security is perceived as offering higher value despite potentially higher costs.

To learn more, read our detailed Elastic Security vs. Rapid7 InsightIDR Report (Updated: December 2024).

Buyer's Guide

Elastic Security vs. Rapid7 InsightIDR

December 2024

Download the complete report

Helped 824,053 peers since 2012

Categories and Ranking

Elastic Security

Ranking in Security Information and Event Management (SIEM)

5th

Ranking in Endpoint Detection and Response (EDR)

16th

Ranking in Extended Detection and Response (XDR)

8th

Average Rating

7.6

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

Log Management (5th), Security Orchestration Automation and Response (SOAR) (6th)

Rapid7 InsightIDR

Ranking in Security Information and Event Management (SIEM)

9th

Ranking in Endpoint Detection and Response (EDR)

20th

Ranking in Extended Detection and Response (XDR)

15th

Average Rating

8.4

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (3rd), Threat Deception Platforms (5th)

Mindshare comparison

As of December 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Elastic Security is 7.7%, down from 9.8% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.6%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Gajewski Marek

Chief Technology Officer & Co-founder at CS2

Provides good anomaly detection and connectivity reporting

We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.

Read full review

Gerard Konan

Founder & CEO at AGILLY

Helps in the management of compliance, secret events and information

One of our customers had a Huawei firewall and we required help to do the configuration. However, the installation was easy with other standard vendors like Cisco and Check Point. The product's deployment got completed in four to five days and we required three people to handle it. One person was in charge of the portal's initial set up and the other one handled the integration of on-premises devices. The third one took care of Office 365 integration.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."

"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."

"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."

"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."

"We've found the initial setup to be quite straightforward."

"The most valuable features of Elastic Security are it is open-source and provides a high level of security."

"The most valuable feature is the machine learning capability."

"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."

More Elastic Security pros

"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."

"Features for user behavior analytics and the rules for attack review are good."

"Rapid7's reporting is more robust than Tenable's."

"The product works well. Stability-wise, I rate the solution a ten out of ten."

"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."

"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."

"Simple configuration and automatically syncs to the cloud platform."

"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."

More Rapid7 InsightIDR pros

Cons

"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."

"The interface could be more user friendly because it is sometimes hard to deal with."

"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."

"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."

"I want to find an automatic security system in the tool, like a SOAR solution. I am looking forward to seeing a SOAR system in the tool."

"It could use maybe a little more on the Linux side."

"We'd like to see some more artificial intelligence capabilities."

"Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price."

More Elastic Security cons

"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."

"The dashboard is an area that could be simplified."

"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."

"The product allows us to make only 30 custom rules."

"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."

"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."

"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."

"The main problem lies in the processes within the client's operating systems."

More Rapid7 InsightIDR cons

Pricing and Cost Advice

"The solution is free."

"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."

"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."

"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."

"I can say that the product is cheaply priced."

"Elastic Security is free to use."

"The product offers an amazing pricing structure. Price-wise, the product is very competitive."

"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."

More Elastic Security pricing and cost advice

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

"Rapid7 InsightIDR charges us based on the endpoints we connect to."

"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."

"Rapid7 InsightIDR is priced very well and is cost-effective."

"The pricing of the solution depends on the user. But there is a yearly licensing cost."

"Accurately predict your licensing counts as this is a subscription based product."

"The solution has a mid-range price point in the market"

"The pricing and licensing are competitive."

More Rapid7 InsightIDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

824,053 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

10%

Government

10%

University

Computer Software Company

16%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...

See all answers

What do you like most about Elastic Security?

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...

See all answers

What is your experience regarding pricing and costs for Elastic Security?

Elastic Security is cost-effective compared to Defender and CrowdStrike. The pricing is reasonable, especially for Small Medium Enterprises (SMEs), making it a viable option for businesses building...

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

Comparisons

Wazuh vs Elastic Security

Compared 31% of the time

CrowdStrike Falcon vs Elastic Security

Compared 8% of the time

IBM Security QRadar vs Elastic Security

Compared 7% of the time

Microsoft Sentinel vs Elastic Security

Compared 6% of the time

Splunk Enterprise Security vs Elastic Security

Compared 6% of the time

More Elastic Security Competitors

Darktrace vs Rapid7 InsightIDR

Compared 12% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 11% of the time

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 8% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 6% of the time

Microsoft Defender for Identity vs Rapid7 InsightIDR

Compared 2% of the time

More Rapid7 InsightIDR Competitors

Product Reports

Buyer's Guide

Elastic Security

December 2024

Download Elastic Security product report

Buyer's Guide

Rapid7 InsightIDR

December 2024

Download Rapid7 InsightIDR product report

Also Known As

Elastic SIEM, ELK Logstash

InsightIDR

Learn More

Elastic

Rapid7

Overview

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care

Liberty Wines, Pioneer Telephone, Visier

Buyer's Guide

Elastic Security vs. Rapid7 InsightIDR

December 2024

Free Report: Elastic Security vs. Rapid7 InsightIDR

Find out what your peers are saying about Elastic Security vs. Rapid7 InsightIDR and other solutions. Updated: December 2024.

DOWNLOAD NOW

824,053 professionals have used our research since 2012.

See our Elastic Security vs. Rapid7 InsightIDR report.

See our list of best Security Information and Event Management (SIEM) vendors, best Endpoint Detection and Response (EDR) vendors, and best Extended Detection and Response (XDR) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.