Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Rapid7 InsightIDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024
 

Categories and Ranking

Elastic Security
Ranking in Security Information and Event Management (SIEM)
5th
Ranking in Endpoint Detection and Response (EDR)
16th
Ranking in Extended Detection and Response (XDR)
8th
Average Rating
7.6
Number of Reviews
61
Ranking in other categories
Log Management (5th), Security Orchestration Automation and Response (SOAR) (6th)
Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
9th
Ranking in Endpoint Detection and Response (EDR)
20th
Ranking in Extended Detection and Response (XDR)
15th
Average Rating
8.4
Number of Reviews
31
Ranking in other categories
User Entity Behavior Analytics (UEBA) (3rd), Threat Deception Platforms (5th)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Elastic Security is 7.3%, down from 9.1% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.3%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Gajewski Marek - PeerSpot reviewer
Provides good anomaly detection and connectivity reporting
We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.
JensWolf - PeerSpot reviewer
A solution that offers easy setup and deployment phases, along with great scalability and stability
I rate the initial setup a ten out of ten. The solution's initial setup was very straightforward. The solution is deployed on an on-premises and cloud model. The cloud services are provided by Rapid7. The solution can be deployed in half a day or four hours in a small environment. I was the only person involved in the product's deployment phase.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The feature that we have found the most valuable is scalability."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"The product has huge integration varieties available."
"I like the indexing of the logs."
"The scalability is good. It can be scaled easily in the production environment."
"ELK documentation is very good, so never needed to contact technical support."
"The solution's initial setup is easy."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"I like the tool's user analysis feature."
"Very intuitive and easy to set up."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"The solution is very scalable in terms of the licensing model."
"I rate Rapid7 nine out of 10 for affordability"
 

Cons

"Better integration with third-party APMs would be really good."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."
"The training that is offered for Elastic is in need of improvement because there is no depth to it."
"The biggest challenge has been related to the implementation."
"The solution's query building is not that intuitive compared to other solutions."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses.​"
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"Needs a better ability to customize the check within the console."
"Cloud risk assessment is one area where I think they need a lot of improvement."
 

Pricing and Cost Advice

"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
"I can say that the product is cheaply priced."
"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
"We are using the free, open-source version of this solution."
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
"We use the open-source version, so there is no charge for this solution."
"The pricing is good, and it is not very expensive."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
"The solution has a mid-range price point in the market"
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"The pricing and licensing are competitive."
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
816,192 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
10%
University
7%
Computer Software Company
16%
Financial Services Firm
8%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Compared to other tools, Elastic Security is a cheaper solution.
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
 

Also Known As

Elastic SIEM, ELK Logstash
InsightIDR
 

Learn More

 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about Elastic Security vs. Rapid7 InsightIDR and other solutions. Updated: October 2024.
816,192 professionals have used our research since 2012.