Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightIDR vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
9th
Ranking in Extended Detection and Response (XDR)
14th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
User Entity Behavior Analytics (UEBA) (2nd), Endpoint Detection and Response (EDR) (18th), Threat Deception Platforms (5th)
Wazuh
Ranking in Security Information and Event Management (SIEM)
2nd
Ranking in Extended Detection and Response (XDR)
3rd
Average Rating
7.4
Reviews Sentiment
6.3
Number of Reviews
46
Ranking in other categories
Log Management (1st)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Rapid7 InsightIDR is 2.5%, down from 2.7% compared to the previous year. The mindshare of Wazuh is 14.3%, down from 14.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"I definitely recommend Rapid7 InsightIDR."
"Log search allows us to dive deep into aggregated logs and query all event types at once.​"
"The solution is easy to use, and the interface is intuitive."
"Great coverage of all systems within our network from endpoint to firewall."
"It is a very stable solution."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"The main thing I like about it is that it has an EDR."
"Good for monitoring, active response, and for vulnerabilities."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"The solution is easy to maintain."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"The deployment is easy and they provide very good documentation."
"The most valuable features are the modules and metrics."
 

Cons

"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"The ability to tune the collector for custom logs would greatly help."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"Needs a better ability to customize the check within the console."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
"The only challenge we faced with Wazuh was the lack of direct support."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"Wazuh has a drawback with regard to Unix systems. The solution does not allow us to do real-time monitoring for Unix systems. If usage increases, it would be a heavy fall on the other SIEM solutions or event monitoring solutions."
"So far, the recent updates have addressed most challenges we previously faced."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
 

Pricing and Cost Advice

"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"It is a reasonably priced solution."
"Rapid7 InsightIDR is priced very well and is cost-effective."
"The solution has a mid-range price point in the market"
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"There is not a license required for Wazuh."
"Wazuh is an open-source tool, which means it is freely available for use."
"The product price is neither too high nor too low."
"The solution's cost is above the average."
"Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
"Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
"My client uses the open-source version of Wazuh."
"Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
845,564 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
Computer Software Company
15%
Comms Service Provider
8%
University
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
There is room for improvement by integrating more AI into Wazuh. It requires constant nurturing, as I have to provide it with code and specific requirements. This maintenance can be quite labor-int...
What is your primary use case for Wazuh?
We use Wazuh as a SIEM solution because it is open source, highly customizable, and continually expanding. Our clients can request various solutions for their issues, which Wazuh is able to address.
 

Comparisons

 

Also Known As

InsightIDR
No data available
 

Overview

 

Sample Customers

Liberty Wines, Pioneer Telephone, Visier
Information Not Available
Find out what your peers are saying about Rapid7 InsightIDR vs. Wazuh and other solutions. Updated: February 2025.
845,564 professionals have used our research since 2012.