Elastic Security vs Rapid7 InsightIDR comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Elastic Security and Rapid7 InsightIDR based on real PeerSpot user reviews.

Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Elastic Security vs. Rapid7 InsightIDR Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability.""Microsoft 365 Defender is a stable solution.""The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI.""The EDR and the way it automatically responds to ransomware and other attacks are valuable features.""It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces.""Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit.""Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations.""Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."

More Microsoft Defender XDR Pros →

"The most valuable features are the speed, detail, and visualization. It has the latest standards.""Elastic Security is a highly flexible platform that can be implemented anywhere.""The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed.""ELK is open-source, and it will give you the framework you need to build everything from scratch.""It's very customizable, which is quite helpful.""I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users.""The product has huge integration varieties available.""It is the best open-source product for people working in SO, managing and analyzing logs."

More Elastic Security Pros →

"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities.""Features for user behavior analytics and the rules for attack review are good.""We were able to identify criminals attempting to login from China and put a stop on their IP locations.""The solution is easy to use, and the interface is intuitive.""Rapid7's reporting is more robust than Tenable's.""I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company.""The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days.""InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."

More Rapid7 InsightIDR Pros →

Cons
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist.""The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better.""This solution could be improved if it included features such as those offered by Malwarebytes.""The logs could be better.""In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time.""The user interface of Microsoft 365 Defender could improve. They could make it simpler.""It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team.""Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."

More Microsoft Defender XDR Cons →

"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data.""I would like more ways to manage permissions and restrict access to certain users.""We'd like better premium support.""Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price.""The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there.""It's a little bit of a learning curve to understand the logic of searching for things and trying to find what you're looking for in Elastic Security.""Technical support could respond faster.""The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."

More Elastic Security Cons →

"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already.""The main problem lies in the processes within the client's operating systems.""Inability to get access to compliance reports within the solution.""It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required.""They should add more configuration and security features to it.""It would be useful to import threat intelligence in YARA format along with known incorrect email addresses.​""The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources.""Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."

More Rapid7 InsightIDR Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."
  • More Microsoft Defender XDR Pricing and Cost Advice →

  • "We use the open-source version, so there is no charge for this solution."
  • "We are using the free, open-source version of this solution."
  • "Elastic Stack is an open-source tool. You don't have to pay anything for the components."
  • "There is no charge for using the open-source version."
  • "This is an open-source product, so there are no costs."
  • "It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
  • "It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
  • "Compared to other products such as Dynatrace, this is one of the cheaper options."
  • More Elastic Security Pricing and Cost Advice →

  • "​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
  • "The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
  • "Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
  • "​Accurately predict your licensing counts as this is a subscription based product.​"
  • "The pricing and licensing are competitive."
  • "Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
  • "It is a reasonably priced solution."
  • "It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
  • More Rapid7 InsightIDR Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Scanning, vulnerability reporting, and the dashboard are the most valuable features.
    Top Answer:While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment.
    Top Answer:While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a… more »
    Top Answer:With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times… more »
    Top Answer:It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten.
    Top Answer:The product offers an amazing pricing structure. Price-wise, the product is very competitive.
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is… more »
    Top Answer:During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its… more »
    Top Answer:We chose Rapid7 because of its price. IBM QRadar charges us based on data storage. Rapid7 InsightIDR charges us based on… more »
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    Elastic SIEM, ELK Logstash
    InsightIDR
    Learn More
    Interactive Demo
    Elastic
    Demo Not Available
    Rapid7
    Demo Not Available
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


    Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

    Additional offerings and benefits:

    • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
    • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
    • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

    Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

    Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
    Liberty Wines, Pioneer Telephone, Visier
    Top Industries
    REVIEWERS
    Manufacturing Company18%
    Financial Services Firm12%
    Government12%
    Computer Software Company12%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    REVIEWERS
    Financial Services Firm30%
    Computer Software Company26%
    Healthcare Company13%
    Comms Service Provider9%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government9%
    Comms Service Provider7%
    REVIEWERS
    Comms Service Provider21%
    Computer Software Company21%
    Security Firm14%
    Non Tech Company14%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Manufacturing Company8%
    Financial Services Firm8%
    Government6%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise24%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise18%
    Large Enterprise57%
    REVIEWERS
    Small Business59%
    Midsize Enterprise18%
    Large Enterprise23%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise18%
    Large Enterprise57%
    REVIEWERS
    Small Business61%
    Midsize Enterprise21%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise20%
    Large Enterprise54%
    Buyer's Guide
    Elastic Security vs. Rapid7 InsightIDR
    March 2024
    Find out what your peers are saying about Elastic Security vs. Rapid7 InsightIDR and other solutions. Updated: March 2024.
    765,386 professionals have used our research since 2012.

    Elastic Security doesn't meet the minimum requirements to be ranked in Extended Detection and Response (XDR) with 58 reviews while Rapid7 InsightIDR is ranked 15th in Extended Detection and Response (XDR) with 29 reviews. Elastic Security is rated 7.6, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, Microsoft Defender for Endpoint and Datadog, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and CrowdStrike Falcon. See our Elastic Security vs. Rapid7 InsightIDR report.

    See our list of best EDR (Endpoint Detection and Response) vendors, best Extended Detection and Response (XDR) vendors, and best Security Information and Event Management (SIEM) vendors.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.