Try our new research platform with insights from 80,000+ expert users

NetWitness Platform vs Rapid7 InsightIDR comparison

NetWitness and Rapid7 are both solutions in the Security Information and Event Management (SIEM) category. NetWitness is ranked #31 with an average rating of 8.3, while Rapid7 is ranked #15 with an average rating of 7.8. NetWitness holds a 0.8% mindshare in SIEM, compared to Rapid7’s 2.2% mindshare. Additionally, 75% of NetWitness users are willing to recommend the solution, compared to 96% of Rapid7 users who would recommend it.
NetWitness Platform
Read 36 NetWitness Platform reviews
  • 1,929 Views
  • 1,196 Comparison Views
75% willing to recommend
Rapid7 InsightIDR
Read 32 Rapid7 InsightIDR reviews
  • 6,636 Views
  • 3,252 Comparison Views
96% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

NetWitness Platform and Rapid7 InsightIDR compete in the cybersecurity tools category. Rapid7 InsightIDR seems to have the upper hand due to better features and customer service, despite NetWitness Platform being more affordable.

Features: NetWitness Platform offers robust threat detection, analytics, and comprehensive visibility. Rapid7 InsightIDR is favored for its simplicity, effective incident detection, and user-friendliness, leading to quicker threat identification.

Room for Improvement: NetWitness Platform needs enhancements in configuration complexity, integration with other tools, and easier deployment. Rapid7 InsightIDR could improve its alerting system, provide more customization options, and enhance its reporting features.

Ease of Deployment and Customer Service: NetWitness Platform is criticized for its lengthy deployment process and the need for expert handling. Rapid7 InsightIDR stands out with smoother deployment and better user support, making it easier to implement.

Pricing and ROI: NetWitness Platform is known for lower setup costs and decent ROI, but requires additional investment in expertise. Rapid7 InsightIDR, while more expensive, offers higher ROI due to its advanced features and effective threat management, justifying the higher cost.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed NetWitness Platform vs. Rapid7 InsightIDR Report (Updated: December 2025).
Buyer's Guide
NetWitness Platform vs. Rapid7 InsightIDR
December 2025
Download the complete report
Helped 881,082 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

NetWitness Platform
Ranking in Security Information and Event Management (SIEM)
31st
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
36
Ranking in other categories
Log Management (34th)
Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
15th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
User Entity Behavior Analytics (UEBA) (7th), Endpoint Detection and Response (EDR) (22nd), Threat Deception Platforms (4th), Extended Detection and Response (XDR) (18th)
 

Mindshare comparison

As of January 2026, in the Security Information and Event Management (SIEM) category, the mindshare of NetWitness Platform is 0.8%, up from 0.6% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.2%, down from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Market Share Distribution
ProductMarket Share (%)
Rapid7 InsightIDR2.2%
NetWitness Platform0.8%
Other97.0%
Security Information and Event Management (SIEM)
 

Featured Reviews

MOTASHIM Al Razi - PeerSpot reviewer
MOTASHIM Al Razi
CISO at One Bank Limited
It is a stable solution, but they should make the user interface easier to understand
The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.
Read full review
SohailHyder - PeerSpot reviewer
SohailHyder
Head of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"The most valuable features are the threat prediction and network forensics."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"The solution is really scalable for the high-end power, enterprise customer."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"The most valuable feature is the security that it provides."
"NetWitness Platform offers flexibility for deployment and robust integration capabilities."
More NetWitness Platform pros
"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."
"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."
"Log search allows us to dive deep into aggregated logs and query all event types at once.​"
"Rapid7's reporting is more robust than Tenable's."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"​​User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
More Rapid7 InsightIDR pros
 

Cons

"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"More customizability is required, which is something that they need to improve on."
"Technical support could be improved."
"The user interface is a little bit difficult for new users and it needs to be improved."
"The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"The solution should have more integration capabilities with different platforms."
"The log system is a bit complex and has room for improvement."
More NetWitness Platform cons
"Cloud risk assessment is one area where I think they need a lot of improvement."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"I feel it would greatly benefit from more supported log sources."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"The main problem lies in the processes within the client's operating systems."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"Inability to get access to compliance reports within the solution."
"The APIs can be further improved in Rapid7."
More Rapid7 InsightIDR cons
 

Pricing and Cost Advice

"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."
"It is cheap."
"Our license is for one year."
"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."
"It provides tools to assist in selecting the appropriate license and usage scenarios."
"The tool is very expensive, so I rate the pricing a ten out of ten. The solution has an annual subscription."
"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
"We are on an annual license for the use of the solution."
More NetWitness Platform pricing and cost advice
"It is a reasonably priced solution."
"The pricing is good, and it is not very expensive."
"The solution has a mid-range price point in the market"
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
"Rapid7 InsightIDR is priced very well and is cost-effective."
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"​Accurately predict your licensing counts as this is a subscription based product.​"
More Rapid7 InsightIDR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
881,082 professionals have used our research since 2012.
 

Comparison Review

VS
Vinod Shankar
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Performing Arts
9%
Computer Software Company
8%
Manufacturing Company
7%
Computer Software Company
11%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise7
Large Enterprise20
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise5
Large Enterprise6
 

Questions from the Community

What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
See all answers
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
See all answers
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
See all answers
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
See all answers
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightIDR?
The product pricing is very cheap.
See all answers
 

Comparisons

IBM Security QRadar vs NetWitness Platform Logo
IBM Security QRadar vs NetWitness Platform
Compared 13% of the time
Splunk Enterprise Security vs NetWitness Platform Logo
Splunk Enterprise Security vs NetWitness Platform
Compared 9% of the time
Elastic Security vs NetWitness Platform Logo
Elastic Security vs NetWitness Platform
Compared 7% of the time
Microsoft Sentinel vs NetWitness Platform Logo
Microsoft Sentinel vs NetWitness Platform
Compared 5% of the time
Trellix Network Detection and Response vs NetWitness Platform Logo
Trellix Network Detection and Response vs NetWitness Platform
Compared 5% of the time
More NetWitness Platform Competitors
Rapid7 InsightVM vs Rapid7 InsightIDR Logo
Rapid7 InsightVM vs Rapid7 InsightIDR
Compared 6% of the time
Microsoft Sentinel vs Rapid7 InsightIDR Logo
Microsoft Sentinel vs Rapid7 InsightIDR
Compared 5% of the time
Splunk Enterprise Security vs Rapid7 InsightIDR Logo
Splunk Enterprise Security vs Rapid7 InsightIDR
Compared 5% of the time
CrowdStrike Falcon vs Rapid7 InsightIDR Logo
CrowdStrike Falcon vs Rapid7 InsightIDR
Compared 4% of the time
Darktrace vs Rapid7 InsightIDR Logo
Darktrace vs Rapid7 InsightIDR
Compared 4% of the time
More Rapid7 InsightIDR Competitors
 

Product Reports

Buyer's Guide
NetWitness Platform
January 2026
NetWitness Platform reportDownload NetWitness Platform product report
Buyer's Guide
Rapid7 InsightIDR
January 2026
Rapid7 InsightIDR reportDownload Rapid7 InsightIDR product report
 

Also Known As

RSA Security Analytics
InsightIDR
 

Overview

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7
 

Sample Customers

Los Angeles World Airports, Reply
Liberty Wines, Pioneer Telephone, Visier
Buyer's Guide
NetWitness Platform vs. Rapid7 InsightIDR
December 2025
Free Report: NetWitness Platform vs. Rapid7 InsightIDR
Find out what your peers are saying about NetWitness Platform vs. Rapid7 InsightIDR and other solutions. Updated: December 2025.
DOWNLOAD NOW
881,082 professionals have used our research since 2012.
See our NetWitness Platform vs. Rapid7 InsightIDR report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.