Try our new research platform with insights from 80,000+ expert users

ArcSight Analytics vs Rapid7 InsightIDR comparison

OpenText and Rapid7 are both solutions in the User Entity Behavior Analytics (UEBA) category. OpenText is ranked #18, while Rapid7 is ranked #7 with an average rating of 7.8. OpenText holds a 2.2% mindshare in UBA, compared to Rapid7’s 5.6% mindshare. Additionally, 66% of OpenText users are willing to recommend the solution, compared to 96% of Rapid7 users who would recommend it.
ArcSight Analytics
Read 15 ArcSight Analytics reviews
  • 506 Views
  • 481 Comparison Views
66% willing to recommend
Rapid7 InsightIDR
Read 32 Rapid7 InsightIDR reviews
  • 6,636 Views
  • 995 Comparison Views
96% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Feb 4, 2025

Rapid7 InsightIDR and ArcSight Analytics compete in the cybersecurity platform category, focusing on threat detection and response. Rapid7 InsightIDR seems to have the upper hand in ease of use and cost-effectiveness, whereas ArcSight Analytics excels in offering a robust feature set for more advanced security needs.

Features: Rapid7 InsightIDR offers intuitive threat detection, user-friendly integration, and comprehensive forensic depth. ArcSight Analytics provides a powerful correlation engine, customizable dashboards, and complex data analysis capabilities tailored for advanced security environments.

Room for Improvement: Rapid7 InsightIDR could enhance its complex alert management, improve data visualization, and expand integration with third-party solutions. ArcSight Analytics might simplify its user interface, streamline setup and deployment processes, and improve resource management to cater to smaller teams.

Ease of Deployment and Customer Service: Rapid7 InsightIDR ensures streamlined deployment with extensive support, offering a more straightforward onboarding. ArcSight Analytics requires a more complex setup, potentially challenging for organizations with limited resources, though it provides robust capabilities once implemented.

Pricing and ROI: Rapid7 InsightIDR is characterized by lower setup costs and a quicker return on investment, appealing to budget-conscious organizations. Despite its higher initial costs, ArcSight Analytics promises long-term value through its extensive features and scalability, aligning with organizations prioritizing feature-rich solutions.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ArcSight Analytics vs. Rapid7 InsightIDR Report (Updated: December 2025).
Buyer's Guide
ArcSight Analytics vs. Rapid7 InsightIDR
December 2025
Download the complete report
Helped 881,082 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ArcSight Analytics
Ranking in User Entity Behavior Analytics (UEBA)
18th
Average Rating
6.8
Reviews Sentiment
6.7
Number of Reviews
15
Ranking in other categories
No ranking in other categories
Rapid7 InsightIDR
Ranking in User Entity Behavior Analytics (UEBA)
7th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (15th), Endpoint Detection and Response (EDR) (22nd), Threat Deception Platforms (4th), Extended Detection and Response (XDR) (18th)
 

Mindshare comparison

As of January 2026, in the User Entity Behavior Analytics (UEBA) category, the mindshare of ArcSight Analytics is 2.2%, up from 1.0% compared to the previous year. The mindshare of Rapid7 InsightIDR is 5.6%, down from 10.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
User Entity Behavior Analytics (UEBA) Market Share Distribution
ProductMarket Share (%)
Rapid7 InsightIDR5.6%
ArcSight Analytics2.2%
Other92.2%
User Entity Behavior Analytics (UEBA)
 

Q&A Highlights

Navin Rehnius - PeerSpot reviewer
Navin Rehnius
SOC Analyst at Tata Consultancy Services, Ltd
Aug 10, 2021
What SOC product do you recommend?
I haven't used these big-name ones like Splunk etc. but I feel they're overpriced. I think they charge an arm and a leg for each module. The ROI justification is not there. Why not try a cheaper and robust alternative like Elasticsearch?
See all answers
 

Featured Reviews

reviewer1311453 - PeerSpot reviewer
reviewer1311453
Consultant at a tech vendor with 10,001+ employees
Good filtering and reporting tools but can be difficult to use
It can scale as needed. It's not a problem. There are different teams using it. We have CSOC, which is internal, which is onshore, then we have a security operations center that is offshore, which would be in India. The onshore team might be a group of three, and the offshore might be a group of five. Likely, we have eight to ten people in total using the product directly.
Read full review
SohailHyder - PeerSpot reviewer
SohailHyder
Head of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of the most valuable features is the alerts."
"The features I have found most valuable are it capabilities for behavioral analytics and anomaly detection."
"The data collection and the integration with different products are valuable features."
"The correlation engine is good."
"Allows multiple integrations with multiple systems in a stable and flexible fashion."
"ArcSight Analytics has improved our system and network policy monitoring."
"The most valuable features are that you get lots of connectors, which make it easy to log in to my ASM, and lots of prebuilt roles from the company."
"This solution allows us to identify connections for all users."
More ArcSight Analytics pros
"I like that it's a cloud-based solution."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
"Very intuitive and easy to set up."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"Simple configuration and automatically syncs to the cloud platform."
More Rapid7 InsightIDR pros
 

Cons

"I would like to see integration with automation products, such as Phantom Automation."
"The GUI interface is not always intuitive and easy for non-technical users to work with."
"There is a GUI, but it is not complete and lacks functionality that needs to be performed using the console."
"The interactive dashboard is complicated and you need to have training in order to use it, so I think that it could be made easier to use."
"The customer service could be improved, and additional integrations with other APIs could be added."
"It's a difficult product to navigate, it's complex."
"[There is] complexity in maintaining it and managing it. It's not easy to use. It requires a lot of training."
"The reporting and the way it is worded needs to be improved in future releases. The dashboards are quite poorly designed."
More ArcSight Analytics cons
"I feel it would greatly benefit from more supported log sources."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"The dashboard is an area that could be simplified."
"The APIs can be further improved in Rapid7."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
More Rapid7 InsightIDR cons
 

Pricing and Cost Advice

"ArcSight Analytics is a bit expensive compared with other tools in terms of licensing costs, training, hardware implementation, and support."
"My customers pay a yearly licensing fee for ArcSight Analytics."
"In addition to the costs of standard licensing fees, there is the cost of labor for maintenance."
"It can range between $30,000 and $40,000 USD, and can go up to $500,000 and $600,000 USD."
"This solution is expensive."
"The monthly licensing fee is around $20,000. There aren't any costs in addition to the standard licensing fee."
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
"It is a reasonably priced solution."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
"The solution has a mid-range price point in the market"
More Rapid7 InsightIDR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which User Entity Behavior Analytics (UEBA) solutions are best for your needs.
See recommendations
881,082 professionals have used our research since 2012.
 

Answers from the Community

Navin Rehnius - PeerSpot reviewer
Navin Rehnius
SOC Analyst at Tata Consultancy Services, Ltd
Aug 10, 2021
Aug 10, 2021
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, remember that any EDR/XDR should integrate to the SIEM/SOAR and a strong threat intel source. If you consider SOC outsourcing take your time and find one you can integrate like a virtual team member. They a...
2 out of 12 answers
KM
Kumar Mahadevan
IT Infrastructure Analyst at AG Group
Jul 26, 2021
I haven't used these big-name ones like Splunk etc. but I feel they're overpriced. I think they charge an arm and a leg for each module. The ROI justification is not there. Why not try a cheaper and robust alternative like Elasticsearch?
Read full answer
KA
Kashif Ali
Unit Head Titanium (Security Solution) at RapidCompute
Jul 26, 2021
We are using LogRthythm SIEM complete case management and offer SIEM/SOC as service.
Read full answer
See all 12 answers
 

Top Industries

By visitors reading reviews
No data available
Computer Software Company
11%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise4
Large Enterprise7
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise5
Large Enterprise6
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
See all answers
What do you like most about ArcSight Analytics?
ArcSight Analytics is used to get a deeper insight and threat analysis about the network.
See all answers
What is your experience regarding pricing and costs for ArcSight Analytics?
My customers pay a yearly licensing fee for ArcSight Analytics.
See all answers
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightIDR?
The product pricing is very cheap.
See all answers
What needs improvement with Rapid7 InsightIDR?
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature...
See all answers
 

Comparisons

Splunk User Behavior Analytics vs ArcSight Analytics Logo
Splunk User Behavior Analytics vs ArcSight Analytics
Compared 39% of the time
Exabeam vs ArcSight Analytics Logo
Exabeam vs ArcSight Analytics
Compared 37% of the time
Varonis Platform vs ArcSight Analytics Logo
Varonis Platform vs ArcSight Analytics
Compared 24% of the time
More ArcSight Analytics Competitors
Rapid7 InsightVM vs Rapid7 InsightIDR Logo
Rapid7 InsightVM vs Rapid7 InsightIDR
Compared 6% of the time
Microsoft Sentinel vs Rapid7 InsightIDR Logo
Microsoft Sentinel vs Rapid7 InsightIDR
Compared 5% of the time
Splunk Enterprise Security vs Rapid7 InsightIDR Logo
Splunk Enterprise Security vs Rapid7 InsightIDR
Compared 5% of the time
CrowdStrike Falcon vs Rapid7 InsightIDR Logo
CrowdStrike Falcon vs Rapid7 InsightIDR
Compared 4% of the time
Darktrace vs Rapid7 InsightIDR Logo
Darktrace vs Rapid7 InsightIDR
Compared 4% of the time
More Rapid7 InsightIDR Competitors
 

Product Reports

Buyer's Guide
ArcSight Analytics
January 2026
ArcSight Analytics reportDownload ArcSight Analytics product report
Buyer's Guide
Rapid7 InsightIDR
January 2026
Rapid7 InsightIDR reportDownload Rapid7 InsightIDR product report
 

Also Known As

ArcSight User Behavior Analytics, ArcSight UBA
InsightIDR
 

Overview

ArcSight User Behavior Analytics offers enterprises the ability to monitor and detect from internal and external security threats and fraud.

OpenText

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7
 

Sample Customers

Information Not Available
Liberty Wines, Pioneer Telephone, Visier
Buyer's Guide
ArcSight Analytics vs. Rapid7 InsightIDR
December 2025
Free Report: ArcSight Analytics vs. Rapid7 InsightIDR
Find out what your peers are saying about ArcSight Analytics vs. Rapid7 InsightIDR and other solutions. Updated: December 2025.
DOWNLOAD NOW
881,082 professionals have used our research since 2012.
See our ArcSight Analytics vs. Rapid7 InsightIDR report.
See our list of best User Entity Behavior Analytics (UEBA) vendors.

We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.