Elastic Security vs Rapid7 InsightIDR comparison

Elastic and Rapid7 are both solutions in the Security Information and Event Management (SIEM) category. Elastic is ranked #5 with an average rating of 7.7, while Rapid7 is ranked #9 with an average rating of 8.2. Elastic holds a 6.6% mindshare in SIEM, compared to Rapid7’s 2.5% mindshare. Additionally, 86% of Elastic users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.

Elastic Security

Read 64 Elastic Security reviews

9,624 Views
8,079 Comparison Views

86% willing to recommend

Rapid7 InsightIDR

Read 32 Rapid7 InsightIDR reviews

4,184 Views
2,604 Comparison Views

95% willing to recommend

Elastic Security

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Rapid7 InsightIDR and Elastic Security are both powerful cybersecurity solutions. Rapid7 InsightIDR offers notable benefits in support and ease of deployment, while Elastic Security excels in features and overall value, despite a potentially higher price point.

Features: Rapid7 InsightIDR is praised for robust incident detection and response capabilities. Users value its automated threat detection and customizable dashboards. Elastic Security stands out with comprehensive search and analytics functionalities, providing detailed security monitoring. Differences are evident as Elastic Security offers deeper data analytics, making it superior for users requiring extensive monitoring.

Room for Improvement: Users suggest Rapid7 InsightIDR could benefit from enhanced integration with third-party tools and more customizable alerts. Elastic Security reviews indicate a need for improved ease of use and better documentation. Rapid7 needs stronger integration features, while Elastic Security requires enhancements in usability.

Ease of Deployment and Customer Service: Rapid7 InsightIDR is noted for a straightforward deployment process and highly responsive customer support. Elastic Security, while offering good deployment flexibility, sometimes requires more technical expertise, and users feel customer service can be inconsistent. Therefore, Rapid7 InsightIDR is favored for ease of deployment and superior customer service.

Pricing and ROI: Rapid7 InsightIDR users find the setup cost reasonable and appreciate the ROI in quicker threat responses. Elastic Security may have a steeper learning curve, but users feel the comprehensive features justify the investment. While Rapid7 InsightIDR is seen as cost-effective, Elastic Security is perceived as offering higher value despite potentially higher costs.

To learn more, read our detailed Elastic Security vs. Rapid7 InsightIDR Report (Updated: March 2025).

Buyer's Guide

Elastic Security vs. Rapid7 InsightIDR

March 2025

Download the complete report

Helped 845,406 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Elastic Security

Ranking in Security Information and Event Management (SIEM)

5th

Ranking in Endpoint Detection and Response (EDR)

16th

Ranking in Extended Detection and Response (XDR)

8th

Average Rating

7.8

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Log Management (7th), Security Orchestration Automation and Response (SOAR) (6th)

Rapid7 InsightIDR

Ranking in Security Information and Event Management (SIEM)

9th

Ranking in Endpoint Detection and Response (EDR)

18th

Ranking in Extended Detection and Response (XDR)

14th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (2nd), Threat Deception Platforms (5th)

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Elastic Security is 6.6%, down from 9.4% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.5%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Gajewski Marek

Chief Technology Officer & Co-founder at CS2

Provides good anomaly detection and connectivity reporting

We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.

Read full review

Asim Naeem

Principal IT Security & Compliance at IBEX Holdings Ltd

Providing comprehensive insight into alerts while working towards AI enhancement

I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"One of the most valuable features of this solution is that it is more flexible than AlienVault."

"Elastic Security is cost-effective compared to Defender and CrowdStrike."

"It's not very complicated to install Elastic."

"The solution is quite stable. The performance has been good."

"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."

"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."

"The most valuable feature is the speed, as it responds in a very short time."

"The most valuable feature is the ability to collect authentication information from service providers."

More Elastic Security pros

"Very intuitive and easy to set up."

"Simple configuration and automatically syncs to the cloud platform."

"The solution is easy to use, and the interface is intuitive."

"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."

"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."

"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."

"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."

"Great coverage of all systems within our network from endpoint to firewall."

More Rapid7 InsightIDR pros

Cons

"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."

"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."

"This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."

"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."

"I would like more ways to manage permissions and restrict access to certain users."

"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."

"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."

"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."

More Elastic Security cons

"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."

"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."

"The integration capabilities of the solution have certain shortcomings where improvements are required."

"There is a future in AI with Rapid7, however, it is not fully operated. There are certain limitations with Rapid7 that I am working on."

"The dashboard is an area that could be simplified."

"They should add more configuration and security features to it."

"The ability to tune the collector for custom logs would greatly help."

"Cloud risk assessment is one area where I think they need a lot of improvement."

More Rapid7 InsightIDR cons

Pricing and Cost Advice

"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."

"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."

"Elastic Security is free to use."

"Affordable but with additional costs"

"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."

"We are using the free, open-source version of this solution."

"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."

"Compared to other tools, Elastic Security is a cheaper solution."

More Elastic Security pricing and cost advice

"The pricing of the solution depends on the user. But there is a yearly licensing cost."

"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help."

"It is more reasonably priced than other vendors."

"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."

"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."

"It is a reasonably priced solution."

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

"The pricing and licensing are competitive."

More Rapid7 InsightIDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

845,406 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Government

10%

Financial Services Firm

Comms Service Provider

Computer Software Company

16%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...

See all answers

What do you like most about Elastic Security?

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...

See all answers

What is your experience regarding pricing and costs for Elastic Security?

Elastic Security is considered cost-effective, especially at lower EPS levels. However, a direct comparison was not made due to different pricing structures.

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

Comparisons

Wazuh vs Elastic Security

Compared 23% of the time

CrowdStrike Falcon vs Elastic Security

Compared 9% of the time

IBM Security QRadar vs Elastic Security

Compared 7% of the time

Splunk Enterprise Security vs Elastic Security

Compared 6% of the time

Microsoft Sentinel vs Elastic Security

Compared 5% of the time

More Elastic Security Competitors

Darktrace vs Rapid7 InsightIDR

Compared 10% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 9% of the time

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 8% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 5% of the time

Splunk Enterprise Security vs Rapid7 InsightIDR

Compared 5% of the time

More Rapid7 InsightIDR Competitors

Product Reports

Buyer's Guide

Elastic Security

March 2025

Download Elastic Security product report

Buyer's Guide

Rapid7 InsightIDR

March 2025

Download Rapid7 InsightIDR product report

Also Known As

Elastic SIEM, ELK Logstash

InsightIDR

Overview

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care

Liberty Wines, Pioneer Telephone, Visier

Buyer's Guide

Elastic Security vs. Rapid7 InsightIDR

March 2025

Free Report: Elastic Security vs. Rapid7 InsightIDR

Find out what your peers are saying about Elastic Security vs. Rapid7 InsightIDR and other solutions. Updated: March 2025.

DOWNLOAD NOW

845,406 professionals have used our research since 2012.

See our Elastic Security vs. Rapid7 InsightIDR report.

See our list of best Security Information and Event Management (SIEM) vendors, best Endpoint Detection and Response (EDR) vendors, and best Extended Detection and Response (XDR) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.