Try our new research platform with insights from 80,000+ expert users

IBM Security QRadar vs Rapid7 InsightIDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM Security QRadar
Ranking in Security Information and Event Management (SIEM)
4th
Ranking in User Entity Behavior Analytics (UEBA)
1st
Ranking in Endpoint Detection and Response (EDR)
17th
Ranking in Extended Detection and Response (XDR)
11th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
207
Ranking in other categories
Log Management (6th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th)
Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
9th
Ranking in User Entity Behavior Analytics (UEBA)
2nd
Ranking in Endpoint Detection and Response (EDR)
18th
Ranking in Extended Detection and Response (XDR)
14th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
Threat Deception Platforms (5th)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of IBM Security QRadar is 8.7%, down from 9.7% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.5%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Q&A Highlights

Navin Rehnius - PeerSpot reviewer
Aug 10, 2021
 

Featured Reviews

Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.
Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"What we like about QRadar and the models that IBM has, is it can go from a small-to-medium enterprise to a larger organization, and it gives you the same value."
"The most valuable features are all the implementations, the plug-ins, and the User Behavior Analytics (UBA)."
"The product has plenty of features and capabilities."
"I really like the feature we have with the logs, that if there are any credit card numbers being used, like a PII, you can just use rejects and you can mask it. This is a really good feature in QRadar."
"The detection rate is good and the false positive rate is low."
"It helps us discover any threats with their alerts and tracking."
"The rule engine is very easy to use — very flexible."
"The web interface is great — very useful and user-friendly."
"Simple configuration and automatically syncs to the cloud platform."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"The alerting to drive investigations and remediation has been its most valuable feature.​"
"Great coverage of all systems within our network from endpoint to firewall."
"I rate Rapid7 nine out of 10 for affordability"
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"The solution is easy to use, and the interface is intuitive."
 

Cons

"I would like to see a more user-friendly product."
"The product does not have a team for investigating malware."
"I would like to see a better GUI."
"For future updates, I'd like to see more advanced threat intelligence features integrated with AI. This would help with analyzing traffic patterns and improving protection. QRadar currently doesn't integrate with AI for threat analysis. However, AI could enhance its capabilities by learning traffic patterns and automatically blocking or quarantining suspicious traffic. This would be especially useful when administrators are not actively monitoring. AI could help by analyzing incoming and outgoing traffic and adjusting policies accordingly."
"Ideally we would like a mobile version so that any alert that comes in will notify us in a mobile app, or by using SMS integration."
"The initial setup requires that you have somebody with the proper skill set, and it would help if the configuration were easier."
"IBM technical support is always terrible."
"I need a solution which will send alerts in the event of any behavior."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"I feel it would greatly benefit from more supported log sources."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"Inability to get access to compliance reports within the solution."
 

Pricing and Cost Advice

"It is overly expensive and overly complex in terms of licensing. They have many different appliances, which makes it extremely difficult to choose the technology. It is very difficult to choose the technology or QRadar components that you should be deploying. They have improved some of it in the last few years. They have made it slightly easy with the fact that you can now buy virtual versions of all the appliances, which is good, but it is still very fragmented. For instance, on some of the smaller appliances, there is no upgrade path. So, if you exceed the capacity of the appliance, you have to buy a bigger appliance, which is not helpful because it is quite a major cost. If you want to add more disks to the system, they'll say that you can't."
"It is costlier as compared to the other alternatives available in the market."
"Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost."
"There is a license required for this solution and it is an annual payment. I have found all solutions in the category to be expensive, including Splunk."
"Pricing (based on EPS) will be more accurate."
"The solution is costly and the price differs depending on the vendor you use."
"There are different types of subscriptions available. We were on an annual subscription, but our customers typically choose the two years subscription option."
"The tool's price is high."
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"Rapid7 InsightIDR is priced very well and is cost-effective."
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"The solution has a mid-range price point in the market"
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Answers from the Community

Navin Rehnius - PeerSpot reviewer
Aug 10, 2021
Aug 10, 2021
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, remember that any EDR/XDR should integrate to the SIEM/SOAR and a strong threat intel source. If you consider SOC outsourcing take your time and find one you can integrate like a virtual team member. They a...
2 out of 12 answers
KM
Jul 26, 2021
I haven't used these big-name ones like Splunk etc. but I feel they're overpriced. I think they charge an arm and a leg for each module. The ROI justification is not there. Why not try a cheaper and robust alternative like Elasticsearch?
KA
Jul 26, 2021
We are using LogRthythm SIEM complete case management and offer SIEM/SOC as service.
 

Top Industries

By visitors reading reviews
Educational Organization
23%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
Computer Software Company
16%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
The cost depends. The price I negotiated varies by region and relationship with the OEM. Cost is not shared due to another procurement team handling negotiations, but it was reasonable as far as I ...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
What needs improvement with Rapid7 InsightIDR?
There is a future in AI with Rapid7, however, it is not fully operated. There are certain limitations with Rapid7 that I am working on. I have already opened a list of features with Rapid7, and the...
 

Also Known As

IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
InsightIDR
 

Overview

 

Sample Customers

Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about IBM Security QRadar vs. Rapid7 InsightIDR and other solutions. Updated: March 2025.
842,767 professionals have used our research since 2012.