No more typing reviews! Try our Samantha, our new voice AI agent.

Anvilogic vs Rapid7 InsightIDR comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Anvilogic
Ranking in Security Information and Event Management (SIEM)
11th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
13
Ranking in other categories
AI-SOC (2nd)
Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
25th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
User Entity Behavior Analytics (UEBA) (11th), Endpoint Detection and Response (EDR) (47th), Threat Deception Platforms (6th), Extended Detection and Response (XDR) (28th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Anvilogic is 0.6%, up from 0.3% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.2%, down from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Anvilogic0.6%
Rapid7 InsightIDR2.2%
Other97.2%
Security Information and Event Management (SIEM)
 

Featured Reviews

reviewer2800338 - PeerSpot reviewer
Senior Manager, Threat Prevention Engineering at a tech vendor with 5,001-10,000 employees
Modern threat detection has improved coverage and reduced costs but still needs better UX and flexibility
There is room for growth in the product platform; our detection engineers using Anvilogic every day encounter some frustrating UX experience issues where buttons are not logically placed, and workflows are not working as expected. There is also room for growth in integrating the platform with third parties, as we have encountered limitations in what can be executed via API and what is documented. We are a heavy automation integration team, so having this well documented is important for us. The enterprise capabilities within the platform also seem somewhat limited, as we run into limitations in managing detections at scale and making changes to those detections at scale. Especially at an enterprise level, if we need to add enrichment logic to every single detection deployed, it can be quite onerous; we had to develop custom scripts to manage that. Thus, enhancing enterprise-type features for managing the platform at scale rather than clicking through the GUI is important as we continue to grow. Additionally, the AI capabilities have been somewhat unstable and unintuitive to use, which is key for increasing adoption. One other thing is that the detection logic builder today is somewhat limited in flexibility regarding implementing detections, grouping detections together, and handling alerts when they fire. This might be partly due to our need to adjust to a different platform, but flexibility is key for any enterprise platform to meet our unique business requirements. Having the capability to build custom detection logic not tied to a specific structure would be helpful; although a lot can be done, it often requires working with our account team which is time-consuming and less intuitive.
SohailHyder - PeerSpot reviewer
Head Of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Among those features, the one that has made the biggest difference for our team is the AI capability; we have seen a significant shift in our SOC operations."
"One of the best things about Anvilogic is the partnership, their knowledge, the depth of technical understanding, and the speed at which they respond."
"Before Anvilogic, we had no visibility into our detection coverage. The ability to break it down by industry verticals, such as attackers and adversaries, is valuable."
"We are partnering very closely with Anvilogic and pushing the threshold of detection engineering capabilities; we are only able to do many of these capabilities due to the partnership that we have with Anvilogic, where they are meeting what we need to continually push new innovative solutions."
"The deployment was very simple."
"Anvilogic has positively impacted my organization by helping with both known and unknown threats already present in the current threat landscape, detecting SIEM tools such as Splunk, Microsoft Sentinel, Snowflake, and Databricks, optimizing those tools, and strengthening my organization in the cybersecurity realm."
"By using this detection engineering platform, we can manage the entire detection engineering lifecycle, making it simple to show executives our progress, where we started, where we currently are, and what remains to be done."
"They teach you and give you insights every morning or every week, saying, 'Hey, this is not working, so what do you want. You're getting one or two of these alerts per day. Do you want to squash them from error to warning?' They're always giving you tips on how to improve the efficiency of the system itself."
"It gives all the advantages of a SIEM, however, using clever AI, it looks for patterns of behavior rather than just flooding me with all the alerts."
"The solution's initial setup is easy."
"It improved my organization by building a security alerting program."
"I definitely recommend Rapid7 InsightIDR."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"The alerting to drive investigations and remediation has been its most valuable feature, plus the ability to quickly search multiple logs makes investigations easier."
"The most valuable features have to do with ease-of-use, as it is easy to check the events, investigate suspicious activities, and do forensic analysis, and the web interface is great — very useful and user-friendly."
"The UI is very good."
 

Cons

"Anvilogic can be improved by adding the ability to do on-ingest detections. This is something that we have been having a conversation on for a short time now, but I am hopeful that they will have that in their future roadmap."
"The pricing is slightly edging towards being a bit much for smaller organizations."
"I chose a nine because, while Anvilogic is excellent, there is room for improvement in terms of the false-positive reports that have been presented and the AI pattern that can be improved."
"However, after a year, I noticed limitations, especially concerning issue resolution timeframes."
"The hunting insight needs integrable capability with different platforms to gather all of that insight and show it on a single canvas on Anvilogic. That is the only feature that could improve the way we do operations."
"Anvilogic could be better in areas of the triage dashboard as they're beholden to Splunk's functionality."
"Anvilogic can be improved further by maturing certain intelligence aspects outside of articles. This is an aspect that lacks in most SIEM and secure analytics tools, but personally the framework or "barebone" is in Anvilogic, it just needs further maturing."
"Anvilogic's prebuilt rules and threat scenarios didn't work the best for us because many of the rules were geared toward a Windows environment, whereas we're more of a Mac environment, so many of them didn't necessarily fit with what we have."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"There is a future in AI with Rapid7, however, it is not fully operated. There are certain limitations with Rapid7 that I am working on."
"Needs a better ability to customize the check within the console."
"The APIs can be further improved in Rapid7."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"One thing that springs to mind is easier API integration with ITSMs."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
 

Pricing and Cost Advice

"Anvilogic's pricing has been highly competitive."
"We were an early adopter, so the pricing was definitely good. Because they do not completely replace a SIEM, their pricing is slowly edging towards being a little too much for a smaller organization like ours. It is almost on the border."
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
"It is a reasonably priced solution."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Healthcare Company
8%
Manufacturing Company
8%
Computer Software Company
8%
Manufacturing Company
9%
Financial Services Firm
9%
Computer Software Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business2
Large Enterprise12
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise5
Large Enterprise6
 

Questions from the Community

What is your experience regarding pricing and costs for Anvilogic?
I am from the technical department, so I do not have details about pricing, setup cost, or licensing, as that was handled by my management team.
What needs improvement with Anvilogic?
I chose a nine because, while Anvilogic is excellent, there is room for improvement in terms of the false-positive reports that have been presented and the AI pattern that can be improved.
What is your primary use case for Anvilogic?
Anvilogic serves as my cybersecurity company's platform that provides detection, SIEM support, and SOC investigation, along with the implemented MITRE ATT&CK framework. A specific example of ho...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What needs improvement with Rapid7 InsightIDR?
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature...
What is your primary use case for Rapid7 InsightIDR?
I am working with Rapid7 InsightOps and Rapid7 InsightIDR because the requirement is as such from the customer side, particularly the banks. Whatever the requirement is, these are the products that...
 

Also Known As

No data available
InsightIDR
 

Overview

 

Sample Customers

Information Not Available
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about Anvilogic vs. Rapid7 InsightIDR and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.