Rapid7 InsightIDR vs Vectra AI comparison

Read 44 Vectra AI reviews

4,587 Views
2,383 Comparison Views

97% willing to recommend

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Vectra AI and Rapid7 InsightIDR are key security platforms competing in advanced threat detection and security intelligence. Rapid7 InsightIDR has an edge with its extensive features.

Features: Vectra AI is known for advanced threat detection, enhancing network visibility and real-time analysis. Rapid7 InsightIDR features comprehensive threat intelligence and insightful reporting, along with enhanced endpoint visibility, offering an appealing feature set.

Room for Improvement: Vectra AI could improve integration flexibility, report customization, and user interface intuitiveness. Rapid7 InsightIDR needs better log management, alert accuracy, and integration capabilities, which could enhance user experience.

Ease of Deployment and Customer Service: Vectra AI is praised for straightforward deployment and consistent support, while Rapid7 InsightIDR is easy to use but could improve deployment speed and support responsiveness to match Vectra AI's service levels.

Pricing and ROI: Vectra AI offers competitive pricing with significant ROI due to detection accuracy and efficiency. Rapid7 InsightIDR is considered costly but provides substantial ROI through its extensive features, valued by users for long-term investment.

To learn more, read our detailed Rapid7 InsightIDR vs. Vectra AI Report (Updated: March 2025).

Rapid7 InsightIDR vs. Vectra AI

Download the complete report

Helped 845,040 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Rapid7 InsightIDR

Ranking in Extended Detection and Response (XDR)

14th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (9th), User Entity Behavior Analytics (UEBA) (2nd), Endpoint Detection and Response (EDR) (18th), Threat Deception Platforms (5th)

Vectra AI

Ranking in Extended Detection and Response (XDR)

15th

Average Rating

8.6

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Intrusion Detection and Prevention Software (IDPS) (3rd), Network Detection and Response (NDR) (2nd), Identity Threat Detection and Response (ITDR) (10th), AI-Powered Cybersecurity Platforms (6th)

Mindshare comparison

As of April 2025, in the Extended Detection and Response (XDR) category, the mindshare of Rapid7 InsightIDR is 2.7%, up from 2.0% compared to the previous year. The mindshare of Vectra AI is 3.4%, up from 3.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Extended Detection and Response (XDR)

Featured Reviews

Asim Naeem

Principal IT Security & Compliance at IBEX Holdings Ltd

Providing comprehensive insight into alerts while working towards AI enhancement

I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Read full review

Mohammad Alkurdi

Owner at Fortibits

Innovative detection features enhance monitoring

The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The platform offers unlimited storage and agent-based solutions."

"It is a very stable solution."

"I rate Rapid7 nine out of 10 for affordability"

"Dashboards, including the main screen, provide much-needed information at a glance, without hours of coding and sifting through logs to find it. In case of an actual security incident, I have faith that insightIDR has retained all logs in a secure manner that prevents log tampering as well."

"The product works well. Stability-wise, I rate the solution a ten out of ten."

"Simple configuration and automatically syncs to the cloud platform."

"I like the tool's user analysis feature."

"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."

More Rapid7 InsightIDR pros

"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."

"Most of their use cases, including deployment, are managed by the tool itself, requiring less manual input from our team."

"The automatic filtering that they provide is valuable. The logic inside that makes some detections instead of us is very useful. We are confident that if we are just looking into it and there is nothing, nothing could happen."

"It's easy to manage, and I love the UX. It's very well designed. When we are looking for something, it's quite easy to find it."

"The key feature for me for Detect for Office 365 is that it can also concentrate all the information and detection at one point, the same as the network solution does. This is the key feature for me because, while accessing data from Office 365 is possible using Microsoft interfaces, they are not really user-friendly and are quite confusing to use. But Detect for Office 365 is aggregating all the info, and it's only the interesting stuff."

"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."

"It has reduced the time it takes to respond to attacks. That comes back to the proactive point. It makes us able to lower down in the kill chain, we can react now, rather than reacting to incidents that happened, we can see an instant, in some cases, as it's being implemented, or as it's being launched."

"The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment."

More Vectra AI pros

Cons

"Inability to get access to compliance reports within the solution."

"The solution's XDR agents cannot compete with the XDR solutions out there yet."

"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."

"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."

"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."

"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."

"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."

"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."

More Rapid7 InsightIDR cons

"One thing which I have found where there could be improvement is with regard to the architecture, a little bit: how the brains and sensors function. It needs more flexibility with regard to the brain. If there were some flexibility in that regard, that would be helpful, because changing the mode of the brain is complex. In some cases, the change is permanent. You cannot revert it."

"We are using SMB 3.0, which is an encrypted protocol. When we get some alerts or something, we cannot go deep into the protocol to see what's wrong because it's encrypted. We need to decrypt the protocol in another way, which is quite difficult. We might go back to SMB 2.0 just for this reason, but that's not a good solution."

"I'd like to be able to get granular reports and to be able to output them into formats that are customizable and more useful. The reporting GUI is lacking."

"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."

"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."

"I would like to see a bit more strategic metrics instead of technical data. Information that I could show to my executive management team or board would be valuable."

"I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats."

"There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack."

More Vectra AI cons

Pricing and Cost Advice

"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."

"Rapid7 InsightIDR's pricing is reasonable."

"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."

"It is more reasonably priced than other vendors."

"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help."

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

"I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability."

"The pricing of the solution depends on the user. But there is a yearly licensing cost."

More Rapid7 InsightIDR pricing and cost advice

"The solution's pricing was 50 percent lower than the other vendors shortlisted."

"From a pricing perspective, they are very commercially competitive. From a licensing perspective, just be conscious that some of their future cloud solutions come with additional subscriptions. Also, if you're outside of the US, you will get charged freight for the device back to your country."

"From a licensing perspective, the Vectra detect platform is pretty doable. Also, the hardware prices are nothing that we're not used to. The stream part is a little overpriced compared to the detect part. The reason is that you need to stream data to detect events anyway, so the data is in there. The only thing that's not available is the UI to be able to look at the stream data, which is also on the appliances but is just not activated. That's mainly the thing that we want to improve on."

"There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."

"It is an expensive solution, but it's not the most expensive we've seen. We also know how much we're going to pay, unlike with some other providers where all of a sudden our license explodes."

"The pricing is very good. It's less expensive than many of the tools out there."

"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."

"The license is based on the concurrent IP addresses that it's investigating. We have 9,800 to 10,000 IP addresses."

More Vectra AI pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

845,040 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

16%

Financial Services Firm

Manufacturing Company

Government

Financial Services Firm

13%

Computer Software Company

13%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

What is the biggest difference between Corelight and Vectra AI?

The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...

What do you like most about Vectra AI?

The solution is currently used as a central threat detection and response system.

What is your experience regarding pricing and costs for Vectra AI?

It is very acceptable when you compare it with Darktrace, for example.

Darktrace vs Rapid7 InsightIDR

Comparisons

Compared 10% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 9% of the time

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 8% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 5% of the time

Trend Vision One vs Rapid7 InsightIDR

Compared 2% of the time

More Rapid7 InsightIDR Competitors

Darktrace vs Vectra AI

Compared 32% of the time

ExtraHop Reveal(x) vs Vectra AI

Compared 11% of the time

Corelight vs Vectra AI

Compared 6% of the time

Cisco Secure Network Analytics vs Vectra AI

Compared 6% of the time

Fortinet FortiNDR vs Vectra AI

Compared 2% of the time

More Vectra AI Competitors

Product Reports

Rapid7 InsightIDR

Download Rapid7 InsightIDR product report

Download Vectra AI product report

Also Known As

InsightIDR

Vectra Networks, Vectra AI NDR

Overview

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?

High accuracy in identifying threat locations
Aggregation of alerts into single incidents
24/7 threat detection
Visibility into the entire attack lifecycle
Risk score aggregation
Effective triaging of alerts
Integration with other tools

What benefits or ROI should users look for?

Enhanced threat detection and prioritization
Comprehensive network visibility
Reduction in false positives
Better incident response capabilities
Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

Sample Customers

Liberty Wines, Pioneer Telephone, Visier

Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association

Rapid7 InsightIDR vs. Vectra AI