Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Rapid7 InsightIDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Security
Ranking in Security Information and Event Management (SIEM)
5th
Ranking in Endpoint Detection and Response (EDR)
16th
Ranking in Extended Detection and Response (XDR)
8th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
64
Ranking in other categories
Log Management (7th), Security Orchestration Automation and Response (SOAR) (6th)
Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
9th
Ranking in Endpoint Detection and Response (EDR)
18th
Ranking in Extended Detection and Response (XDR)
14th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
User Entity Behavior Analytics (UEBA) (2nd), Threat Deception Platforms (5th)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Elastic Security is 6.6%, down from 9.4% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.5%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

SyedAli17 - PeerSpot reviewer
Centralized monitoring improves security posture through rapid data processing
The processing part of Elastic Security ( /products/elastic-security-reviews ) is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.
Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The product has huge integration varieties available."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"The most valuable feature is the machine learning capability."
"What customers found most valuable in Elastic Security feature-wise is the search capability, in particular, the way of writing the search query and the speed of searching for results."
"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
"I like the tool's user analysis feature."
"I definitely recommend Rapid7 InsightIDR."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"Log search allows us to dive deep into aggregated logs and query all event types at once.​"
"The solution's initial setup is easy."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"InsightIDR helps us investigate an environment to discover information about incidents."
 

Cons

"The solution should generate an automatic product that integrates with ELK Stack to use artificial intelligence."
"It could use maybe a little more on the Linux side."
"This solution is very hard to implement."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"The interface could be more user friendly because it is sometimes hard to deal with."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"The main problem lies in the processes within the client's operating systems."
"Needs a better ability to customize the check within the console."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"There are certain limitations with Rapid7 that I am working on."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
 

Pricing and Cost Advice

"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
"There is no charge for using the open-source version."
"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"Compared to other tools, Elastic Security is a cheaper solution."
"The solution is not expensive and costs around ten dollars a month."
"This is an open-source product, so there are no costs."
"Rapid7 InsightIDR's pricing is reasonable."
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"The solution has a mid-range price point in the market"
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Government
10%
Financial Services Firm
9%
Comms Service Provider
7%
Computer Software Company
16%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Since Elastic Security is community-based, it does not require significant costs. This is beneficial for SMEs as they do not need extensive budgets for security solutions.
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
 

Also Known As

Elastic SIEM, ELK Logstash
InsightIDR
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about Elastic Security vs. Rapid7 InsightIDR and other solutions. Updated: March 2025.
848,716 professionals have used our research since 2012.