Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs Rapid7 InsightIDR comparison

LogRhythm and Rapid7 are both solutions in the Security Information and Event Management (SIEM) category. LogRhythm is ranked #7 with an average rating of 7.6, while Rapid7 is ranked #9 with an average rating of 8.1. LogRhythm holds a 3.6% mindshare in SIEM, compared to Rapid7’s 2.6% mindshare. Additionally, 89% of LogRhythm users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.
LogRhythm SIEM
Read 172 LogRhythm SIEM reviews
  • 7,946 Views
  • 4,617 Comparison Views
89% willing to recommend
Rapid7 InsightIDR
Read 31 Rapid7 InsightIDR reviews
  • 5,093 Views
  • 2,897 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

LogRhythm SIEM and Rapid7 InsightIDR are both prominent security information and event management solutions. Rapid7 InsightIDR generally appears to be the superior option due to its robust feature set and ease of use, even though LogRhythm SIEM scores favorably in terms of pricing and support.

Features: LogRhythm SIEM offers comprehensive log management, advanced threat detection, and customizable dashboards. Rapid7 InsightIDR is praised for its user-friendly design, threat intelligence, and behavioral analysis capabilities.

Room for Improvement: LogRhythm SIEM users suggest improvements in reporting capabilities, integration with third-party tools, and a smoother user experience. Rapid7 InsightIDR users recommend enhancements in incident response automation, increased API functionalities, and further streamlining of the user interface.

Ease of Deployment and Customer Service: LogRhythm SIEM users report a steeper learning curve during deployment and appreciate the extensive customer service. Rapid7 InsightIDR users find the deployment process straightforward and value the accessible support team.

Pricing and ROI: LogRhythm SIEM is noted for its competitive pricing and favorable ROI, making it a cost-effective option. Rapid7 InsightIDR, though perceived as higher in cost, is viewed as worth the investment due to its extensive features and efficiency, thus providing strong ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed LogRhythm SIEM vs. Rapid7 InsightIDR Report (Updated: December 2024).
Buyer's Guide
LogRhythm SIEM vs. Rapid7 InsightIDR
December 2024
Download the complete report
Helped 824,053 peers since 2012
 

Categories and Ranking

LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
172
Ranking in other categories
Log Management (10th)
Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
9th
Average Rating
8.4
Reviews Sentiment
7.5
Number of Reviews
31
Ranking in other categories
User Entity Behavior Analytics (UEBA) (3rd), Endpoint Detection and Response (EDR) (20th), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (15th)
 

Mindshare comparison

As of December 2024, in the Security Information and Event Management (SIEM) category, the mindshare of LogRhythm SIEM is 3.6%, down from 5.0% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.6%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Joseph W. - PeerSpot reviewer
Has pre-built pieces for third party vendors and does not take a long time to implement
One of the main features that I like about LogRhythm SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us. We use the Event Log Filtering feature a lot. We use it for simple troubleshooting tasks like when a user is logged out, to more important tasks like trying to investigate a threat. As far as its effect on productivity, we can go and search instead of trying to troubleshoot and guess what is causing an error. We can identify what the program is or where the hiccup is. LogRhythm helped us to identify a lot of blind spots. Originally, we didn't have a SIEM tool. We had auditors say that this is something that we should be doing. My management team asked me to go and find a product, and I researched a bunch of them and found LogRhythm. It really opened our eyes to see how much traffic we have, whether it's other IP addresses that are scanning us or external users trying to hit certain ports that could then get closed. It helped us tighten down some of those firewall rules that may have been left open unintentionally through other changes. It helped us a lot early on to identify who was trying to communicate with us or, essentially, who was trying to attack us. As far as our overall security posture, our SIEM tool was the initial push that really got us going into identifying where all of our threats were. We expanded over the seven years that we've had it, and I implemented at least eight other products that are all security related because the SIEM tool indicated the need to identify other risks. It really helped us as an organization to identify risks and move forward to a more secure environment.
Read full review
Gerard Konan - PeerSpot reviewer
Helps in the management of compliance, secret events and information
One of our customers had a Huawei firewall and we required help to do the configuration. However, the installation was easy with other standard vendors like Cisco and Check Point. The product's deployment got completed in four to five days and we required three people to handle it. One person was in charge of the portal's initial set up and the other one handled the integration of on-premises devices. The third one took care of Office 365 integration.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Alarms are the most valuable feature. We also like the dashboard and how things are at your fingertips. The fact that we can now edit the report templates is going to be a great thing."
"In general, the visibility of events and advanced analysis of events are good."
"It has centralized monitoring for our security operations. Therefore, it improves our analysts' work."
"Even other products we have that feed into it, instead of having to watch all of them we only have to watch one. For example, we have CrowdStrike, so instead of having to pay attention that solution - because their dashboard doesn't really pop when an alarm comes up - we can see issues with the red on the LogRhythm alarm. That is very nice."
"The GUI is very intuitive and the solution has good integration."
"We have to be able to show the evidence, and LogRhythm does a great job of putting it forward and making it easy to create reports with nice looking dashboards, which show off what we are doing as a security program."
"The Web Console is my favorite. It enables me, at a glance, to see the health of the environments."
"The most useful feature that I've found so far is the search function. I like all the different ways you're able to search through metadata and the different ways you're able to correlate or search through logs to find out what's going on."
More LogRhythm SIEM pros
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"Great coverage of all systems within our network from endpoint to firewall."
"Features for user behavior analytics and the rules for attack review are good."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"It improved my organization by building a security alerting program."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
More Rapid7 InsightIDR pros
 

Cons

"The reporting on the dashboard should be improved from a management perspective. It would be helpful if they adjusted the colors and the presentation to make things clearer and easier to read."
"When we had version 7.2.6, there were a lot of issues deploying that version and with the indexing. The indexer was unstable. So, we were not able to use the platform when we were on that version until we were able to upgrade to 7.3.4."
"I would like to see APIs well-documented and public facing, so we can get to them all."
"It should have some more message monitoring features. It can also have some free message monitoring tools."
"LogRhythm SIEM can improve its user interface. The current interface is quite complex and can be challenging to navigate. While it offers many valuable features, understanding how to access and utilize them efficiently takes time. Simplifying the client console's user interface would significantly enhance the user experience and make it more user-friendly."
"My biggest complaint is documentation. Everyone tells me, "We have documentation on the Community site." I have searched for different types of documentation on numerous occasions, and it might be there, but it's not easily findable."
"NextGen SIEM's integration with other software is good but could be improved."
"Better integration with different services is needed, as there are quite a few platforms that we use that don't integrate very smoothly with LogRhythm."
More LogRhythm SIEM cons
"Cloud risk assessment is one area where I think they need a lot of improvement."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses.​"
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"I feel it would greatly benefit from more supported log sources."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
More Rapid7 InsightIDR cons
 

Pricing and Cost Advice

"Look for whatever will give you the most value. That's the main point. It is not one size fits all."
"It costs a great amount, but its pricing is competitive with some of the other vendors. For licensing and support, we pay about 20,000. There are no additional costs or anything like that."
"I would recommend that whatever sales quotes to them upfront, they will probably go up. Because they are probably going to outgrow that very quickly or once they start getting everything into it, they are going to have to move up anyway."
"LogRhythm's licensing is based on MPS. There are some add-on features like advanced UEBA, the cloud component for advanced UEBA, and SIEM."
"The support which allows more customized to the environment when we are deploying new systems is called Professional Service and is very expensive. The technical annual support and there is an annual fee."
"In the context of our country, the price of this solution is too high."
"Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product."
"When it comes time to renew, they say, "This is what you are using. This is what we can do for you." So, they work with you on pricing."
More LogRhythm SIEM pricing and cost advice
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
"Rapid7 InsightIDR's pricing is reasonable."
"The solution has a mid-range price point in the market"
"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
"It is a reasonably priced solution."
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
More Rapid7 InsightIDR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
824,053 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
45%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
Computer Software Company
16%
Financial Services Firm
8%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
See all answers
What needs improvement with LogRhythm NextGen SIEM?
The integration is slightly difficult with other assets, like EDR technologies or firewalls. Also, the back end is not as user-friendly as other solutions like IBM QRadar. The technical support is ...
See all answers
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
See all answers
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
See all answers
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightIDR?
The product pricing is very cheap.
See all answers
 

Comparisons

IBM Security QRadar vs LogRhythm SIEM Logo
IBM Security QRadar vs LogRhythm SIEM
Compared 14% of the time
Splunk Enterprise Security vs LogRhythm SIEM Logo
Splunk Enterprise Security vs LogRhythm SIEM
Compared 13% of the time
Wazuh vs LogRhythm SIEM Logo
Wazuh vs LogRhythm SIEM
Compared 7% of the time
LogRhythm Axon vs LogRhythm SIEM Logo
LogRhythm Axon vs LogRhythm SIEM
Compared 6% of the time
Fortinet FortiSIEM vs LogRhythm SIEM Logo
Fortinet FortiSIEM vs LogRhythm SIEM
Compared 5% of the time
More LogRhythm SIEM Competitors
Darktrace vs Rapid7 InsightIDR Logo
Darktrace vs Rapid7 InsightIDR
Compared 12% of the time
Microsoft Sentinel vs Rapid7 InsightIDR Logo
Microsoft Sentinel vs Rapid7 InsightIDR
Compared 11% of the time
Rapid7 InsightVM vs Rapid7 InsightIDR Logo
Rapid7 InsightVM vs Rapid7 InsightIDR
Compared 8% of the time
CrowdStrike Falcon vs Rapid7 InsightIDR Logo
CrowdStrike Falcon vs Rapid7 InsightIDR
Compared 6% of the time
Splunk Enterprise Security vs Rapid7 InsightIDR Logo
Splunk Enterprise Security vs Rapid7 InsightIDR
Compared 5% of the time
More Rapid7 InsightIDR Competitors
 

Product Reports

Buyer's Guide
LogRhythm SIEM
December 2024
LogRhythm SIEM reportDownload LogRhythm SIEM product report
Buyer's Guide
Rapid7 InsightIDR
November 2024
Rapid7 InsightIDR reportDownload Rapid7 InsightIDR product report
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
InsightIDR
 

Learn More

LogRhythm
Rapid7
 

Overview

LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:

● Streamlined workflow

● Secure data access

● Real-time visibility

● A unified user experience

● Management customization

Security information and event management (SIEM) solutions have been evolving for over a decade; their core functionality still acts as the most effective foundation for any organization’s technology stack. A SIEM solution enables an organization to centrally collect data across its entire network environment to gain real-time visibility into activity that may pose a risk to the organization. SIEM technology addresses threats before they become significant financial risks while simultaneously helping better manage an organization’s assets.

LogRhythm SIEM has many key features and capabilities, including:

High-Performance Log Management: LogRhythm SIEM offers structured and unstructured search capabilities which allows users to swiftly search across an organization’s vast data to easily find answers, identify IT and security issues, and troubleshoot issues. Users can efficiently process and index terabytes of log data daily.

Network and Endpoint Monitoring: Forensic sensors allow users to gain deep visibility into endpoint and network activity. Users can see behavioral anomalies and better respond to incidents.

SmartResponse™ Automation: LogRhythm SIEM allows users to centrally execute pre-staged actions that automate incident investigatory tasks and responses.

Automated Machine Analytics: LogRhythm SIEM's AI Engine continuously analyzes all collected security incidents and forensic data. Security teams are delivered precise, real-time intelligence about risk-prioritized threats.

Case and Security Incident Management: LogRhythm SIEM offers an integrated workflow so that threats don’t slip through the cracks. Collaboration tools help centrally manage and track investigations.

User and entity behavior analytics (UEBA): Embedded deterministic UEBA monitoring helps protect against insider threats.

Security orchestration, automation, and response (SOAR): LogRhythm SIEM includes our embedded SOAR solution to increase efficiency and higher-quality incident response with low mean time to response (MTTR).

Benefits to Using LogRhythm SIEM

The platform offers great value to security and IT operations. Users have the ability to map their security and IT operations to existing frameworks such as NIST and MITRE ATT&CK.

● The platform offers broad integration across security and IT vendors: Users benefit from support for integration with hundreds of security and IT solutions. In turn, this further extends SIEM capabilities and data collection.

● The platform provides compliance adherence, enforcement, and reporting: The prebuilt compliance modules automatically detect violations as they occur and remove the burden of manually reviewing audit logs.

Reviews from Real Users

LogRhythm SIEM stands out among its competitors for a number of reasons. Two major ones are its ability to be customized and its quick performance of queries.

Jason G., a senior cybersecurity engineer, writes, "I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."

Andy W., principal consultant at ITSEC Asia, notes, “LogRhythm SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions.”

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Liberty Wines, Pioneer Telephone, Visier
Buyer's Guide
LogRhythm SIEM vs. Rapid7 InsightIDR
December 2024
Free Report: LogRhythm SIEM vs. Rapid7 InsightIDR
Find out what your peers are saying about LogRhythm SIEM vs. Rapid7 InsightIDR and other solutions. Updated: December 2024.
DOWNLOAD NOW
824,053 professionals have used our research since 2012.
See our LogRhythm SIEM vs. Rapid7 InsightIDR report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.