Elastic Security vs Rapid7 InsightIDR comparison

Elastic and Rapid7 are both solutions in the Security Information and Event Management (SIEM) category. Elastic is ranked #5 with an average rating of 7.7, while Rapid7 is ranked #9 with an average rating of 8.2. Elastic holds a 6.6% mindshare in SIEM, compared to Rapid7’s 2.5% mindshare. Additionally, 86% of Elastic users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.

Elastic Security

Read 64 Elastic Security reviews

9,624 Views
8,079 Comparison Views

86% willing to recommend

Rapid7 InsightIDR

Read 32 Rapid7 InsightIDR reviews

4,184 Views
2,604 Comparison Views

95% willing to recommend

Elastic Security

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Rapid7 InsightIDR and Elastic Security are both powerful cybersecurity solutions. Rapid7 InsightIDR offers notable benefits in support and ease of deployment, while Elastic Security excels in features and overall value, despite a potentially higher price point.

Features: Rapid7 InsightIDR is praised for robust incident detection and response capabilities. Users value its automated threat detection and customizable dashboards. Elastic Security stands out with comprehensive search and analytics functionalities, providing detailed security monitoring. Differences are evident as Elastic Security offers deeper data analytics, making it superior for users requiring extensive monitoring.

Room for Improvement: Users suggest Rapid7 InsightIDR could benefit from enhanced integration with third-party tools and more customizable alerts. Elastic Security reviews indicate a need for improved ease of use and better documentation. Rapid7 needs stronger integration features, while Elastic Security requires enhancements in usability.

Ease of Deployment and Customer Service: Rapid7 InsightIDR is noted for a straightforward deployment process and highly responsive customer support. Elastic Security, while offering good deployment flexibility, sometimes requires more technical expertise, and users feel customer service can be inconsistent. Therefore, Rapid7 InsightIDR is favored for ease of deployment and superior customer service.

Pricing and ROI: Rapid7 InsightIDR users find the setup cost reasonable and appreciate the ROI in quicker threat responses. Elastic Security may have a steeper learning curve, but users feel the comprehensive features justify the investment. While Rapid7 InsightIDR is seen as cost-effective, Elastic Security is perceived as offering higher value despite potentially higher costs.

To learn more, read our detailed Elastic Security vs. Rapid7 InsightIDR Report (Updated: March 2025).

Buyer's Guide

Elastic Security vs. Rapid7 InsightIDR

March 2025

Download the complete report

Helped 844,944 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Elastic Security

Ranking in Security Information and Event Management (SIEM)

5th

Ranking in Endpoint Detection and Response (EDR)

16th

Ranking in Extended Detection and Response (XDR)

8th

Average Rating

7.8

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Log Management (7th), Security Orchestration Automation and Response (SOAR) (6th)

Rapid7 InsightIDR

Ranking in Security Information and Event Management (SIEM)

9th

Ranking in Endpoint Detection and Response (EDR)

18th

Ranking in Extended Detection and Response (XDR)

14th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (2nd), Threat Deception Platforms (5th)

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Elastic Security is 6.6%, down from 9.4% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.5%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Gajewski Marek

Chief Technology Officer & Co-founder at CS2

Provides good anomaly detection and connectivity reporting

We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.

Read full review

Asim Naeem

Principal IT Security & Compliance at IBEX Holdings Ltd

Providing comprehensive insight into alerts while working towards AI enhancement

I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The stability of the solution is good."

"ELK is open-source, and it will give you the framework you need to build everything from scratch."

"Elastic Security makes data communication easier."

"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."

"The product has huge integration varieties available."

"Elastic Security is very customizable, and the dashboards are very easy to build."

"The solution is quite stable. The performance has been good."

"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."

More Elastic Security pros

"The platform offers unlimited storage and agent-based solutions."

"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."

"It is a very stable solution."

"Very intuitive and easy to set up."

"I definitely recommend Rapid7 InsightIDR."

"The UI is very good."

"The solution is very stable and works very well for what I need it to do."

"Features for user behavior analytics and the rules for attack review are good."

More Rapid7 InsightIDR pros

Cons

"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."

"The solution could offer better reporting features."

"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."

"Elastic Security could improve the documentation. It would help if they were more simple and clean."

"There is room for improvement in the Kibana dashboard and in the asset management for the program."

"It could use maybe a little more on the Linux side."

"There isn't really a very good user experience. You need a lot of training."

"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."

More Elastic Security cons

"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."

"The solution's XDR agents cannot compete with the XDR solutions out there yet."

"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."

"There is a future in AI with Rapid7, however, it is not fully operated. There are certain limitations with Rapid7 that I am working on."

"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."

"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."

"The searching feature in Rapid7 InsightIDR needs to evolve"

"The ability to tune the collector for custom logs would greatly help."

More Rapid7 InsightIDR cons

Pricing and Cost Advice

"The product offers an amazing pricing structure. Price-wise, the product is very competitive."

"The solution is free."

"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."

"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."

"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."

"The solution is not expensive and costs around ten dollars a month."

"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."

"Elastic Security is free to use."

More Elastic Security pricing and cost advice

"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."

"The pricing of the solution depends on the user. But there is a yearly licensing cost."

"I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability."

"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."

"It is a reasonably priced solution."

"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."

"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

More Rapid7 InsightIDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

844,944 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Government

10%

Financial Services Firm

Comms Service Provider

Computer Software Company

16%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...

See all answers

What do you like most about Elastic Security?

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...

See all answers

What is your experience regarding pricing and costs for Elastic Security?

Elastic Security is considered cost-effective, especially at lower EPS levels. However, a direct comparison was not made due to different pricing structures.

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

Comparisons

Wazuh vs Elastic Security

Compared 23% of the time

CrowdStrike Falcon vs Elastic Security

Compared 9% of the time

IBM Security QRadar vs Elastic Security

Compared 7% of the time

Splunk Enterprise Security vs Elastic Security

Compared 6% of the time

Microsoft Sentinel vs Elastic Security

Compared 5% of the time

More Elastic Security Competitors

Darktrace vs Rapid7 InsightIDR

Compared 10% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 9% of the time

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 8% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 5% of the time

Splunk Enterprise Security vs Rapid7 InsightIDR

Compared 5% of the time

More Rapid7 InsightIDR Competitors

Product Reports

Buyer's Guide

Elastic Security

March 2025

Download Elastic Security product report

Buyer's Guide

Rapid7 InsightIDR

March 2025

Download Rapid7 InsightIDR product report

Also Known As

Elastic SIEM, ELK Logstash

InsightIDR

Overview

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care

Liberty Wines, Pioneer Telephone, Visier

Buyer's Guide

Elastic Security vs. Rapid7 InsightIDR

March 2025

Free Report: Elastic Security vs. Rapid7 InsightIDR

Find out what your peers are saying about Elastic Security vs. Rapid7 InsightIDR and other solutions. Updated: March 2025.

DOWNLOAD NOW

844,944 professionals have used our research since 2012.

See our Elastic Security vs. Rapid7 InsightIDR report.

See our list of best Security Information and Event Management (SIEM) vendors, best Endpoint Detection and Response (EDR) vendors, and best Extended Detection and Response (XDR) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.