NetWitness Platform vs Rapid7 InsightIDR comparison

NetWitness and Rapid7 are both solutions in the Security Information and Event Management (SIEM) category. NetWitness is ranked #32 with an average rating of 8.0, while Rapid7 is ranked #13 with an average rating of 8.2. NetWitness holds a 0.6% mindshare in SIEM, compared to Rapid7’s 2.5% mindshare. Additionally, 75% of NetWitness users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.

NetWitness Platform

Read 37 NetWitness Platform reviews

1,067 Views
682 Comparison Views

75% willing to recommend

Rapid7 InsightIDR

Read 32 Rapid7 InsightIDR reviews

4,038 Views
2,556 Comparison Views

95% willing to recommend

NetWitness Platform

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

NetWitness Platform and Rapid7 InsightIDR compete in the cybersecurity tools category. Rapid7 InsightIDR seems to have the upper hand due to better features and customer service, despite NetWitness Platform being more affordable.

Features: NetWitness Platform offers robust threat detection, analytics, and comprehensive visibility. Rapid7 InsightIDR is favored for its simplicity, effective incident detection, and user-friendliness, leading to quicker threat identification.

Room for Improvement: NetWitness Platform needs enhancements in configuration complexity, integration with other tools, and easier deployment. Rapid7 InsightIDR could improve its alerting system, provide more customization options, and enhance its reporting features.

Ease of Deployment and Customer Service: NetWitness Platform is criticized for its lengthy deployment process and the need for expert handling. Rapid7 InsightIDR stands out with smoother deployment and better user support, making it easier to implement.

Pricing and ROI: NetWitness Platform is known for lower setup costs and decent ROI, but requires additional investment in expertise. Rapid7 InsightIDR, while more expensive, offers higher ROI due to its advanced features and effective threat management, justifying the higher cost.

To learn more, read our detailed NetWitness Platform vs. Rapid7 InsightIDR Report (Updated: April 2025).

Buyer's Guide

NetWitness Platform vs. Rapid7 InsightIDR

April 2025

Download the complete report

Helped 851,604 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

NetWitness Platform

Ranking in Security Information and Event Management (SIEM)

32nd

Average Rating

7.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Log Management (38th)

Rapid7 InsightIDR

Ranking in Security Information and Event Management (SIEM)

13th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (3rd), Endpoint Detection and Response (EDR) (24th), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (15th)

Mindshare comparison

As of May 2025, in the Security Information and Event Management (SIEM) category, the mindshare of NetWitness Platform is 0.6%, down from 0.8% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.5%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

MdZaman

IT manager at a agriculture with 10,001+ employees

Really scalable for enterprise customers

The solution should have more integration capabilities with different platforms. The API is nearly open and scalable, so the solution can integrate with many platforms. The solution has more than 200 log sources in the scalability to support, but this is its limit. Installation is pretty easy. However, there are a couple of modules involved, so it is not as easy as it could be. We are talking about a distributed module, not a single-module type. This is what makes things a bit complex, instead of easier. I rate it as a seven out of ten on its installation and configuration capabilities.

Read full review

Asim Naeem

Principal IT Security & Compliance at IBEX Holdings Ltd

Providing comprehensive insight into alerts while working towards AI enhancement

I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable feature is the correlation. It can report in real-time and monitor the management."

"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."

"The product has a user-friendly interface and a valuable feature for threat intelligence integration."

"The most valuable features are the integration and ease of use."

"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."

"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"

"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."

"Their technical support responds quickly and are knowledgable."

More NetWitness Platform pros

"The solution's initial setup is easy."

"The platform offers unlimited storage and agent-based solutions."

"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."

"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."

"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."

"Simple configuration and automatically syncs to the cloud platform."

"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."

"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."

More Rapid7 InsightIDR pros

Cons

"Health monitoring of the event sources and devices."

"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."

"The initial setup was complex because it takes a lot of time to complete the implementation."

"The log system is a bit complex and has room for improvement."

"There is no support for this product in this country, so problems have to be resolved through global technical teams."

"The tool's integration capability isn't so great."

"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."

"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."

More NetWitness Platform cons

"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."

"The dashboard is an area that could be simplified."

"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."

"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."

"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."

"The integration capabilities of the solution have certain shortcomings where improvements are required."

"The APIs can be further improved in Rapid7."

"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."

More Rapid7 InsightIDR cons

Pricing and Cost Advice

"The product is expensive."

"The tool is very expensive, so I rate the pricing a ten out of ten. The solution has an annual subscription."

"We are on an annual license for the use of the solution."

"The product price was reasonable for my region and the market."

"The licenses are good but the cost is very expensive."

"Our license is for one year."

"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."

"It’s cheaper to run virtual machines in a VMware environment."

More NetWitness Platform pricing and cost advice

"Rapid7 InsightIDR is priced very well and is cost-effective."

"It is a reasonably priced solution."

"The pricing of the solution depends on the user. But there is a yearly licensing cost."

"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."

"The solution has a mid-range price point in the market"

"It is more reasonably priced than other vendors."

"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."

"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help."

More Rapid7 InsightIDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

851,604 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

18%

Financial Services Firm

17%

Government

Insurance Company

Computer Software Company

16%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about NetWitness Platform?

The product's initial setup phase was not at all difficult.

See all answers

What is your experience regarding pricing and costs for NetWitness Platform?

The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.

See all answers

What needs improvement with NetWitness Platform?

There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

Comparisons

Splunk Enterprise Security vs NetWitness Platform

Compared 23% of the time

IBM Security QRadar vs NetWitness Platform

Compared 17% of the time

Elastic Security vs NetWitness Platform

Compared 13% of the time

Trellix Network Detection and Response vs NetWitness Platform

Compared 10% of the time

RSA enVision vs NetWitness Platform

Compared 9% of the time

More NetWitness Platform Competitors

Darktrace vs Rapid7 InsightIDR

Compared 10% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 9% of the time

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 8% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 5% of the time

Splunk Enterprise Security vs Rapid7 InsightIDR

Compared 5% of the time

More Rapid7 InsightIDR Competitors

Product Reports

Buyer's Guide

NetWitness Platform

May 2025

Download NetWitness Platform product report

Buyer's Guide

Rapid7 InsightIDR

May 2025

Download Rapid7 InsightIDR product report

Also Known As

RSA Security Analytics

InsightIDR

Overview

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

Sample Customers

Los Angeles World Airports, Reply

Liberty Wines, Pioneer Telephone, Visier

Buyer's Guide

NetWitness Platform vs. Rapid7 InsightIDR

April 2025

Free Report: NetWitness Platform vs. Rapid7 InsightIDR

Find out what your peers are saying about NetWitness Platform vs. Rapid7 InsightIDR and other solutions. Updated: April 2025.

DOWNLOAD NOW

851,604 professionals have used our research since 2012.

See our NetWitness Platform vs. Rapid7 InsightIDR report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.