We performed a comparison between Elastic Security and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"Microsoft 365 Defender is a stable solution."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"It's very customizable, which is quite helpful."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
"The product has huge integration varieties available."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."
"Features for user behavior analytics and the rules for attack review are good."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"The solution is easy to use, and the interface is intuitive."
"Rapid7's reporting is more robust than Tenable's."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"The logs could be better."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"I would like more ways to manage permissions and restrict access to certain users."
"We'd like better premium support."
"Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"It's a little bit of a learning curve to understand the logic of searching for things and trying to find what you're looking for in Elastic Security."
"Technical support could respond faster."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"The main problem lies in the processes within the client's operating systems."
"Inability to get access to compliance reports within the solution."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"They should add more configuration and security features to it."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
Elastic Security doesn't meet the minimum requirements to be ranked in Extended Detection and Response (XDR) with 58 reviews while Rapid7 InsightIDR is ranked 15th in Extended Detection and Response (XDR) with 29 reviews. Elastic Security is rated 7.6, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, Microsoft Defender for Endpoint and Datadog, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and CrowdStrike Falcon. See our Elastic Security vs. Rapid7 InsightIDR report.
See our list of best EDR (Endpoint Detection and Response) vendors, best Extended Detection and Response (XDR) vendors, and best Security Information and Event Management (SIEM) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.