Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Rapid7 InsightIDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024
 

Categories and Ranking

Elastic Security
Ranking in Security Information and Event Management (SIEM)
5th
Ranking in Endpoint Detection and Response (EDR)
16th
Ranking in Extended Detection and Response (XDR)
8th
Average Rating
7.6
Number of Reviews
61
Ranking in other categories
Log Management (5th), Security Orchestration Automation and Response (SOAR) (6th)
Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
9th
Ranking in Endpoint Detection and Response (EDR)
20th
Ranking in Extended Detection and Response (XDR)
15th
Average Rating
8.4
Number of Reviews
31
Ranking in other categories
User Entity Behavior Analytics (UEBA) (3rd), Threat Deception Platforms (5th)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Elastic Security is 7.3%, down from 9.1% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.3%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Gajewski Marek - PeerSpot reviewer
Aug 13, 2024
Provides good anomaly detection and connectivity reporting
I use Elastic Security to aggregate all logs from different devices in one place. It works pretty well and provides one overview of everything The solution's most valuable features are anomaly detection and connectivity reporting. Elastic Security also has many automation capabilities, which can…
JensWolf - PeerSpot reviewer
Sep 28, 2023
A solution that offers easy setup and deployment phases, along with great scalability and stability
I use Rapid7 InsightIDR to collect logs and information from throughout our company's entire IT environment The most valuable feature of the solution is the single pane of glass that allows me to see all the information in one spot. I can see at one spot to see all the information from all the…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The tool's functionality is good for overall security and incident response times."
"The most valuable feature is the machine learning capability."
"The feature that we have found the most valuable is scalability."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"The stability of the solution is good."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
"I like the tool's user analysis feature."
"Log search allows us to dive deep into aggregated logs and query all event types at once.​"
"The alerting to drive investigations and remediation has been its most valuable feature.​"
"I rate Rapid7 nine out of 10 for affordability"
"Great coverage of all systems within our network from endpoint to firewall."
"Very intuitive and easy to set up."
 

Cons

"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"I want to find an automatic security system in the tool, like a SOAR solution. I am looking forward to seeing a SOAR system in the tool."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"I feel it would greatly benefit from more supported log sources."
"The APIs can be further improved in Rapid7."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"They should add more configuration and security features to it."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"The main problem lies in the processes within the client's operating systems."
 

Pricing and Cost Advice

"When compared to other products, the price is average or on the low side."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"Compared to other tools, Elastic Security is a cheaper solution."
"We use the open-source version, so there is no charge for this solution."
"Compared to other products such as Dynatrace, this is one of the cheaper options."
"There is no charge for using the open-source version."
"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
"The price is reasonable. It probably costs the same as ArcSight and LogRhythm SIEM. FortiSIEM might cost less than Elastic Security. There are no hidden or additional costs."
"It is a reasonably priced solution."
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"The pricing and licensing are competitive."
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"The pricing is good, and it is not very expensive."
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
10%
University
7%
Computer Software Company
16%
Financial Services Firm
8%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Compared to other tools, Elastic Security is a cheaper solution.
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
 

Also Known As

Elastic SIEM, ELK Logstash
InsightIDR
 

Learn More

 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about Elastic Security vs. Rapid7 InsightIDR and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.