Elastic Security vs Rapid7 InsightIDR comparison

Elastic and Rapid7 are both solutions in the Security Information and Event Management (SIEM) category. Elastic is ranked #5 with an average rating of 7.7, while Rapid7 is ranked #9 with an average rating of 8.1. Elastic holds a 7.3% mindshare in SIEM, compared to Rapid7’s 2.3% mindshare. Additionally, 85% of Elastic users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.

Elastic Security

Read 61 Elastic Security reviews

11,545 Views
9,631 Comparison Views

85% willing to recommend

Rapid7 InsightIDR

Read 31 Rapid7 InsightIDR reviews

5,221 Views
2,921 Comparison Views

95% willing to recommend

Elastic Security

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Rapid7 InsightIDR and Elastic Security are both powerful cybersecurity solutions. Rapid7 InsightIDR offers notable benefits in support and ease of deployment, while Elastic Security excels in features and overall value, despite a potentially higher price point.

Features: Rapid7 InsightIDR is praised for robust incident detection and response capabilities. Users value its automated threat detection and customizable dashboards. Elastic Security stands out with comprehensive search and analytics functionalities, providing detailed security monitoring. Differences are evident as Elastic Security offers deeper data analytics, making it superior for users requiring extensive monitoring.

Room for Improvement: Users suggest Rapid7 InsightIDR could benefit from enhanced integration with third-party tools and more customizable alerts. Elastic Security reviews indicate a need for improved ease of use and better documentation. Rapid7 needs stronger integration features, while Elastic Security requires enhancements in usability.

Ease of Deployment and Customer Service: Rapid7 InsightIDR is noted for a straightforward deployment process and highly responsive customer support. Elastic Security, while offering good deployment flexibility, sometimes requires more technical expertise, and users feel customer service can be inconsistent. Therefore, Rapid7 InsightIDR is favored for ease of deployment and superior customer service.

Pricing and ROI: Rapid7 InsightIDR users find the setup cost reasonable and appreciate the ROI in quicker threat responses. Elastic Security may have a steeper learning curve, but users feel the comprehensive features justify the investment. While Rapid7 InsightIDR is seen as cost-effective, Elastic Security is perceived as offering higher value despite potentially higher costs.

To learn more, read our detailed Elastic Security vs. Rapid7 InsightIDR Report (Updated: October 2024).

Buyer's Guide

Elastic Security vs. Rapid7 InsightIDR

October 2024

Download the complete report

Helped 816,192 peers since 2012

Categories and Ranking

Elastic Security

Ranking in Security Information and Event Management (SIEM)

5th

Ranking in Endpoint Detection and Response (EDR)

16th

Ranking in Extended Detection and Response (XDR)

8th

Average Rating

7.6

Number of Reviews

Ranking in other categories

Log Management (5th), Security Orchestration Automation and Response (SOAR) (6th)

Rapid7 InsightIDR

Ranking in Security Information and Event Management (SIEM)

9th

Ranking in Endpoint Detection and Response (EDR)

20th

Ranking in Extended Detection and Response (XDR)

15th

Average Rating

8.4

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (3rd), Threat Deception Platforms (5th)

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Elastic Security is 7.3%, down from 9.1% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.3%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Gajewski Marek

Chief Technology Officer & Co-founder at CS2

Provides good anomaly detection and connectivity reporting

We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.

Read full review

JensWolf

Systems Administrator at Gernandt & Danielsson Advokatbyrå KB

A solution that offers easy setup and deployment phases, along with great scalability and stability

I rate the initial setup a ten out of ten. The solution's initial setup was very straightforward. The solution is deployed on an on-premises and cloud model. The cloud services are provided by Rapid7. The solution can be deployed in half a day or four hours in a small environment. I was the only person involved in the product's deployment phase.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The feature that we have found the most valuable is scalability."

"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."

"ELK is open-source, and it will give you the framework you need to build everything from scratch."

"One of the most valuable features of this solution is that it is more flexible than AlienVault."

"The product has huge integration varieties available."

"I like the indexing of the logs."

"The scalability is good. It can be scaled easily in the production environment."

"ELK documentation is very good, so never needed to contact technical support."

More Elastic Security pros

"The solution's initial setup is easy."

"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."

"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."

"I like the tool's user analysis feature."

"Very intuitive and easy to set up."

"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."

"The solution is very scalable in terms of the licensing model."

"I rate Rapid7 nine out of 10 for affordability"

More Rapid7 InsightIDR pros

Cons

"Better integration with third-party APMs would be really good."

"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."

"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."

"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."

"The training that is offered for Elastic is in need of improvement because there is no depth to it."

"The biggest challenge has been related to the implementation."

"The solution's query building is not that intuitive compared to other solutions."

"If you compare this with CrowdStrike or Carbon Black, they can improve."

More Elastic Security cons

"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."

"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."

"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."

"The solution's XDR agents cannot compete with the XDR solutions out there yet."

"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."

"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."

"Needs a better ability to customize the check within the console."

"Cloud risk assessment is one area where I think they need a lot of improvement."

More Rapid7 InsightIDR cons

Pricing and Cost Advice

"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."

"I can say that the product is cheaply priced."

"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."

"We are using the free, open-source version of this solution."

"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."

"The product offers an amazing pricing structure. Price-wise, the product is very competitive."

"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."

"We use the open-source version, so there is no charge for this solution."

More Elastic Security pricing and cost advice

"The pricing is good, and it is not very expensive."

"Accurately predict your licensing counts as this is a subscription based product."

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

"The solution has a mid-range price point in the market"

"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."

"The pricing and licensing are competitive."

"I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability."

"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."

More Rapid7 InsightIDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

816,192 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

10%

Government

10%

University

Computer Software Company

16%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...

See all answers

What do you like most about Elastic Security?

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...

See all answers

What is your experience regarding pricing and costs for Elastic Security?

Compared to other tools, Elastic Security is a cheaper solution.

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

Comparisons

Wazuh vs Elastic Security

Compared 33% of the time

CrowdStrike Falcon vs Elastic Security

Compared 8% of the time

IBM Security QRadar vs Elastic Security

Compared 7% of the time

Microsoft Sentinel vs Elastic Security

Compared 7% of the time

Splunk Enterprise Security vs Elastic Security

Compared 6% of the time

More Elastic Security Competitors

Darktrace vs Rapid7 InsightIDR

Compared 13% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 11% of the time

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 7% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 6% of the time

USM Anywhere vs Rapid7 InsightIDR

Compared 2% of the time

More Rapid7 InsightIDR Competitors

Product Reports

Buyer's Guide

Elastic Security

November 2024

Download Elastic Security product report

Buyer's Guide

Rapid7 InsightIDR

November 2024

Download Rapid7 InsightIDR product report

Also Known As

Elastic SIEM, ELK Logstash

InsightIDR

Learn More

Elastic

Rapid7

Overview

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care

Liberty Wines, Pioneer Telephone, Visier

Buyer's Guide

Elastic Security vs. Rapid7 InsightIDR

October 2024

Free Report: Elastic Security vs. Rapid7 InsightIDR

Find out what your peers are saying about Elastic Security vs. Rapid7 InsightIDR and other solutions. Updated: October 2024.

DOWNLOAD NOW

816,192 professionals have used our research since 2012.

See our Elastic Security vs. Rapid7 InsightIDR report.

See our list of best Security Information and Event Management (SIEM) vendors, best Endpoint Detection and Response (EDR) vendors, and best Extended Detection and Response (XDR) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.