Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightIDR vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
14th
Ranking in Extended Detection and Response (XDR)
17th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
User Entity Behavior Analytics (UEBA) (5th), Endpoint Detection and Response (EDR) (26th), Threat Deception Platforms (5th)
Wazuh
Ranking in Security Information and Event Management (SIEM)
2nd
Ranking in Extended Detection and Response (XDR)
5th
Average Rating
7.4
Reviews Sentiment
6.7
Number of Reviews
48
Ranking in other categories
Log Management (1st)
 

Mindshare comparison

As of August 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Rapid7 InsightIDR is 2.5%, down from 2.6% compared to the previous year. The mindshare of Wazuh is 11.8%, down from 16.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"The solution is very stable and works very well for what I need it to do."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."
"The solution is easy to use, and the interface is intuitive."
"The platform offers unlimited storage and agent-based solutions."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"The product is easy to customize."
"The configuration assessment and Pile integrity monitoring features are decent."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"Overall, I rate Wazuh a nine out of ten."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"The deployment is easy and they provide very good documentation."
"We found the MITRE framework mapping and the agent enrollment service to be the most valuable features of Wazuh."
 

Cons

"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses.​"
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"There are certain limitations with Rapid7 that I am working on."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"Inability to get access to compliance reports within the solution."
"The product allows us to make only 30 custom rules."
"Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."
"Wazuh has a drawback with regard to Unix systems. The solution does not allow us to do real-time monitoring for Unix systems. If usage increases, it would be a heavy fall on the other SIEM solutions or event monitoring solutions."
"The tool does not provide CTI to monitor darknet."
"An issue I noticed is with tag values in certain rules not functioning properly."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"It would be great if there could be customization for the decoder portion."
"A lack of certain features creates limitations."
"Since it's an open-source tool, scalability is the main issue."
 

Pricing and Cost Advice

"The solution has a mid-range price point in the market"
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"Rapid7 InsightIDR's pricing is reasonable."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"The pricing is good, and it is not very expensive."
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
"Wazuh is a cheaply priced product."
"We use the free version of Wazuh."
"Wazuh is an open-source tool."
"Wazuh is an open-source tool, which means it is freely available for use."
"It is a free-of-cost solution."
"Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
"Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
"My client uses the open-source version of Wazuh."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
865,295 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Manufacturing Company
8%
Financial Services Firm
7%
Government
7%
Computer Software Company
15%
Comms Service Provider
9%
University
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
What do you like most about Wazuh?
Wazuh is its flexibility and open-source nature, which allows us to tailor threat detection and response across diverse client environments. Its integration capabilities with SOAR, cloud platforms,...
What needs improvement with Wazuh?
That would require me to discuss with the Wazuh team regarding areas that could be improved, as I have numerous ideas. From a developer's perspective, this is a Linux system with an active communit...
What is your primary use case for Wazuh?
Wazuh is a SIEM platform with various applications in today's environment. Compliance checks have helped with regulatory requirements. I pulled in PCI DSS to check for file integrity monitoring. I ...
 

Comparisons

 

Also Known As

InsightIDR
No data available
 

Overview

 

Sample Customers

Liberty Wines, Pioneer Telephone, Visier
Information Not Available
Find out what your peers are saying about Rapid7 InsightIDR vs. Wazuh and other solutions. Updated: July 2025.
865,295 professionals have used our research since 2012.