Rapid7 InsightIDR Reviews

Name: Rapid7 InsightIDR
Brand: Rapid7
Rating: 4.2 (32 reviews)

Vendor: Rapid7

4.2 out of 5

32 reviews
96% willing to recommend

Leave a review

What is Rapid7 InsightIDR?

Rapid7 InsightIDR is a cloud-based security information and event management solution known for its user behavior analytics, offering rapid detection and response capabilities while facilitating seamless integration across systems.

Get the Rapid7 InsightIDR Buyer's Guide and find out what your peers are saying about Rapid7 InsightIDR, CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and more!

Rapid7 InsightIDR is the #6 ranked solution in top Threat Deception Platforms, #10 ranked solution in top User Entity Behavior Analytics (UEBA) solutions, #23 ranked solution in top Security Information and Event Management (SIEM) solutions, #23 ranked solution in XDR Security products, and #39 ranked solution in EDR tools. PeerSpot users give Rapid7 InsightIDR an average rating of 8.4 out of 10. Rapid7 InsightIDR is most commonly compared to CrowdStrike Falcon: Rapid7 InsightIDR vs CrowdStrike Falcon. Rapid7 InsightIDR is popular among the large enterprise segment, accounting for 46% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 10% of all views.

Helped 893,221 peers since 2012

Featured Rapid7 InsightIDR reviews

SohailHyder

Head Of Cyber Security at Super Secure

Rapid7 InsightIDR is budget-friendly and has a good market position because not everybody can afford to go for LogRhythm or Splunk or QRadar. It is good for a middle-tier organization. In that market, there is competition now. I do not recommend Rapid7 InsightIDR for bigger companies because they trust these big brands such as QRadar or LogRhythm. The general perception is that these are the solutions for big organizations having hundreds of branches or more. Rapid7 InsightIDR fits in the middle tier. The integration of Rapid7 InsightIDR with the security stack works fine because the systems in this part of the world are not so much cloud-driven. They have something around 20% or 30% of services running from the cloud. The rest are usually on-premises. Office 365 is one service that they get from the cloud. Networking typically includes Cisco and Fortinet in their networks. For endpoints, the operating system is usually Windows or Linux, not Mac in an enterprise environment. Windows and Linux can be easily integrated with this solution. The dashboard functionalities of Rapid7 InsightIDR are usually about customer-friendliness. Customers want to have some rich enrichment of the analysis or the ticket alerts or the events that come out with some processing behind the scenes. They feel that it is a more rapid or more intense process at Splunk or LogRhythm or QRadar compared to Rapid7 InsightIDR. For automated threat intelligence features, customers usually go for a full SOAR solution. They want to have playbooks and everything to run. Although Rapid7 InsightIDR does claim that it has integrated SOAR, called InsightConnect, this is not as advanced as a dedicated SOAR solution. LogRhythm solutions or Splunk solution or Sumo Logic solution are doing business here as well. These are considered more rich in features compared to Rapid7 InsightIDR. I rate Rapid7 InsightIDR between a six and seven out of ten.

Read full review

Asim Naeem

Principal IT Security & Compliance at IBEX Holdings Ltd

I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Read full review

reviewer1936950

Director of Solutions and Alliances at a tech services company with 1-10 employees

The product's scalability seems good enough. In our company, we are able to manage a couple of thousand devices comfortably using only one single tenant. Through our company, thousands of users are using the interface of Rapid7 InsightIDR to process data and check incidents. I have implemented data ingestion for couple of thousand devices that include virtual machines, switches, routers and firewalls. For all the aforementioned devices we haven't faced any issues in our company. Rapid7 InsightIDR is used in our company, majorly for medium and enterprise grade customers, where some enterprises have more than 5000 employees and some less than that.

Read full review

Rapid7 InsightIDR mindshare

Product category:

As of May 2026, the mindshare of Rapid7 InsightIDR in the Security Information and Event Management (SIEM) category stands at 2.1%, down from 2.5% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Mindshare Distribution
Product	Mindshare (%)
Rapid7 InsightIDR	2.1%
Splunk Enterprise Security	7.1%
IBM Security QRadar	5.2%
Other	85.6%

Security Information and Event Management (SIEM)

PeerResearch reports based on Rapid7 InsightIDR reviews

Type	Title	Date
Category	Security Information and Event Management (SIEM)	May 9, 2026	Download
Product	Reviews, tips, and advice from real users	May 9, 2026	Download
Comparison	Rapid7 InsightIDR vs Splunk Enterprise Security	May 9, 2026	Download
Comparison	Rapid7 InsightIDR vs IBM Security QRadar	May 9, 2026	Download
Comparison	Rapid7 InsightIDR vs Wazuh	May 9, 2026	Download

Valuable Features

Rapid7 InsightIDR is valued for intelligent alerting, user behavior analytics, and intuitive interface. It integrates threat intelligence natively and provides seamless cloud-based setup with extensive integration. Users appreciate the efficient event management through a unified interface, enhanced visibility, and quick deployment. Additional features include honeypots, threat modeling, and robust endpoint monitoring. The solution effectively detects threats, enables incident investigation, and offers customizable alerts, greatly enhancing overall security posture.

"They can subscribe to Rapid7 because it is more valuable and delivers a greater return on investment."
"The solution is very cost-effective because they are not charging based on the EPS but on the number of assets."
"The solution is very intuitive, it's easy to set up, is absolutely stable, and has a lot of integration with other security products."

Room for Improvement

Users desire easier API integration, improved threat intelligence, and more supported log sources. Enhanced customization for alerts and reports is important. Cloud preference, better digital forensics, and integration with existing tools are emphasized. The interface requires enhancements for investigations, and a more intuitive search feature is sought. Improved data retention options and AI-driven capabilities are requested. Multi-level event grouping, mobile access, and compliance report features are desired additions.

"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"I'd like to be able to get the compliance report within the solution which is currently not possible."
"I'd like to see a mobile application included and some feature related to the generality of segregation for internal users that access the application."

ROI

The ROI from Rapid7 InsightIDR is presumed to be substantial, although an exact figure was never calculated by users.

Pricing

Enterprise users describe Rapid7 InsightIDR's pricing as competitive and cost-effective, with a straightforward licensing model based on the number of assets and retention days. Despite some considering it expensive compared to other SIEM solutions, its pricing model is not based on events per second, offering a substantial advantage. Users experienced varied satisfaction levels, with many finding it affordable and others facing challenges with the Minimum Order Quantity, especially for under 100 devices.

"The solution has a mid-range price point in the market"
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."

Popular Use Cases

Rapid7 InsightIDR is primarily used for security information and event management, focusing on threat detection and response. Users rely on it for event management, log analysis, and behavioral analytics. It combines capabilities like intrusion detection, vulnerability management, and incident response. Organizations utilize it for monitoring user activities and securing access to networks, integrating various security tools to provide a comprehensive overview of alerts and threats within IT infrastructures.

Service and Support

Rapid7 InsightIDR's customer service is generally well-regarded, providing timely, professional, and technically sound support. Many users commend the responsiveness and professionalism, though there are mentions of occasional delays, particularly with complex issues or during escalation to developers. Some express a desire for improvements in the speed of response and multilingual support. Ratings for service quality vary from six to ten out of ten, indicating satisfaction with room for enhancement.

Deployment

Users found Rapid7 InsightIDR's setup straightforward, highlighting its simplicity and the minimal time required for deployment. Many appreciated the assistance offered during installation and the platform's adaptability to various log sources. Installations varied from immediate to a few days, depending on the environment's size, with some needing additional integrations. Most users managed the setup with a small team, but some noted the complexity in larger environments.

Scalability

Rapid7 InsightIDR, being cloud-based, handles scalability with ease. It supports varied environments, accommodating both medium-sized enterprises and larger businesses. Users appreciate its high scalability, emphasizing its suitability for thousands of devices and multiple regions. While some note licensing can limit growth, most find it efficient for managing large amounts of data daily. Typically, businesses find it suitable with ratings for scalability often being high. It's particularly effective for medium-scale industries.

Stability

Rapid7 InsightIDR demonstrates consistent stability, with numerous users highlighting its reliability. Despite occasional issues during maintenance, notifications generally arrive before problems arise. While rare instances of stability challenges exist, they are often resolved by hardware upgrades. Many users appreciate its cloud-based nature, allowing quick bug fixes. Stability ratings frequently reach 9 or 10 out of 10, with few reports of downtime or performance issues. Internet connection quality influences its performance.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Rapid7 InsightIDR Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	19
Midsize Enterprise	5
Large Enterprise	5

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	319
Midsize Enterprise	202
Large Enterprise	445

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

10%

Computer Software Company

Manufacturing Company

Government

Comms Service Provider

University

Construction Company

Retailer

Educational Organization

Performing Arts

Insurance Company

Healthcare Company

Media Company

Outsourcing Company

Non Profit

Real Estate/Law Firm

Legal Firm

Wholesaler/Distributor

Energy/Utilities Company

Marketing Services Firm

Transportation Company

Hospitality Company

Consumer Goods Company

Logistics Company

Leisure / Travel Company

Pharma/Biotech Company

Recreational Facilities/Services Company

Compare Rapid7 InsightIDR with alternative products

Learn more about Rapid7 InsightIDR

Rapid7 InsightIDR is designed to enhance threat detection and investigation through its efficient user behavior analytics and advanced threat intelligence framework. The platform's cloud-based deployment ensures rapid setup and comprehensive event monitoring across diverse IT environments, including endpoints and Office 365. Its intuitive interface supports seamless data collection, honing in on threat detection through honeypot utilization and intelligent alerting. However, it is noted for lacking some customization features and better integration, especially with Microsoft and ITSMs.

What are the key features of Rapid7 InsightIDR?

User Behavior Analytics: Detects threats by analyzing patterns and anomalies.
Cloud Deployment: Enables quick setup and scalability.
Comprehensive Monitoring: Monitors events across systems and platforms like Office 365.
Honeypots and Alerting: Utilizes honeypots to reduce false positives and alert fatigue.
Threat Intelligence Framework: Supports effective threat hunting and remediation.

What benefits should users consider in reviews when evaluating Rapid7 InsightIDR?

Enhanced Detection: Improves threat detection with user behavior analysis.
Easy Integration: Integrates across systems for a streamlined security approach.
Rapid Response: Facilitates quick action against identified threats.
Operational Efficiency: Offers a cohesive view of security operations.

Rapid7 InsightIDR is prominently used in security operation centers to manage events, detect threats, and respond effectively. Industries apply it for network behavior monitoring, compliance, and vulnerability management. Companies integrate it with security tools to boost threat investigation, ensuring full SIEM functionalities and robust log management capacities. Its application spans behavioral and intrusion analytics, aiding in monitoring and addressing malicious activities.

Rapid7 InsightIDR was previously known as InsightIDR.

Rapid7 InsightIDR customers

Liberty Wines, Pioneer Telephone, Visier

Product Categories

Security Information and Event Management (SIEM)

User Entity Behavior Analytics (UEBA)

Endpoint Detection and Response (EDR)

Threat Deception Platforms

Extended Detection and Response (XDR)

Popular Comparisons

CrowdStrike Falcon vs Rapid7 InsightIDR

Cortex XDR by Palo Alto Networks vs Rapid7 InsightIDR

Microsoft Defender for Endpoint vs Rapid7 InsightIDR

Wazuh vs Rapid7 InsightIDR

Splunk Enterprise Security vs Rapid7 InsightIDR

SentinelOne Singularity Endpoint vs Rapid7 InsightIDR

Darktrace vs Rapid7 InsightIDR

IBM Security QRadar vs Rapid7 InsightIDR

Microsoft Sentinel vs Rapid7 InsightIDR

Varonis Platform vs Rapid7 InsightIDR

Huntress Managed EDR vs Rapid7 InsightIDR

Elastic Security vs Rapid7 InsightIDR

Cribl vs Rapid7 InsightIDR

Tanium vs Rapid7 InsightIDR

Trellix Endpoint Security Platform vs Rapid7 InsightIDR

See all alternatives

Rapid7 InsightIDR Reviews Summary
Author info	Rating	Review Summary
Head Of Cyber Security at Super Secure	3.5	I've used Rapid7 InsightIDR for about five years, mainly with banking clients for compliance and threat detection, but it lacks customization and advanced SOAR features compared to Splunk or LogRhythm, making it better suited for mid-tier organizations.
Principal IT Security & Compliance at IBEX Holdings Ltd	3.5	<p>I use Rapid7 InsightIDR for a comprehensive alert overview, integrating it with endpoint and NDR solutions. It offers unlimited storage, user behavior analytics, and MITRE ATT&CK. While AI improvements are needed, incident response time and search capabilities are efficient.</p>
Director of Solutions and Alliances at a tech services company with 1-10 employees	4.0	I am a system integrator for Rapid7 InsightIDR, which serves as the core of our security operations. Its detection rules and integration features are beneficial, though the search capabilities need improvement to simplify incident handling.
Chief Technology Officer at a tech vendor with 51-200 employees	3.5	Rapid7 InsightIDR's intelligence and vulnerability management features are highly valued for their native integration, enhancing detection capabilities. However, the cloud-first approach lacks on-premises support, particularly affecting market acceptance in regions like the Middle East. Improvements in customer support are needed.
Network & Security Engineer at PT. Centrin Online Prima	4.0	I use Rapid7 InsightIDR to detect malicious activities at endpoints in my company. The Insight Agent reveals endpoint risks, but integration needs improvement. AI-enhanced functionalities would be beneficial. I deployed it on AWS without evaluating other solutions.
Country Sales Lead at securic systems	4.0	Rapid7 InsightIDR is user-friendly, cloud-based, and integrates well with EDR solutions, though it needs more development towards XDR capabilities. Compared to QRadar and other established SIEM providers, its licensing and threat intelligence differ significantly, favoring longtime market leaders.
Founder & CEO at AGILLY	4.0	I use Rapid7 InsightIDR for secret events, compliance, and information management. I appreciate its user analysis feature, but find it challenging for log searches and feel that it could benefit from improved dashboards and user-friendly templates.
Cyber Security Trainer and Programmer at Freelancer	4.5	We use Rapid7 InsightIDR for EDR and SIP management, event management, threat detection, and DFIR. It features excellent dashboards and threat alerts, yet needs improved threat intelligence depth. User behavior analytics are positive, enhancing overall security operations.

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	3.1%	97%	140 interviews Add to research
Cortex XDR by Palo Alto Networks	4.2	N/A	96%	110 interviews Add to research

Rapid7 InsightIDR Reviews

What is Rapid7 InsightIDR?

Featured Rapid7 InsightIDR reviews

Rapid7 InsightIDR mindshare

PeerResearch reports based on Rapid7 InsightIDR reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Rapid7 InsightIDR with alternative products

Learn more about Rapid7 InsightIDR

Rapid7 InsightIDR customers

Related questions

Product Categories

Popular Comparisons