No more typing reviews! Try our Samantha, our new voice AI agent.

Google Security Operations vs Rapid7 InsightIDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 29, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Google Security Operations
Ranking in Security Information and Event Management (SIEM)
28th
Average Rating
8.8
Reviews Sentiment
7.5
Number of Reviews
6
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (13th), AI-Powered Cybersecurity Platforms (12th)
Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
25th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
User Entity Behavior Analytics (UEBA) (11th), Endpoint Detection and Response (EDR) (47th), Threat Deception Platforms (6th), Extended Detection and Response (XDR) (28th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Google Security Operations is 1.3%, up from 1.0% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.2%, down from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Rapid7 InsightIDR2.2%
Google Security Operations1.3%
Other96.5%
Security Information and Event Management (SIEM)
 

Featured Reviews

CK
Technical Lead at a transportation company with 1,001-5,000 employees
Simplified detection rules and SOAR workflows have improved compliance-focused operations
One improvement I am looking for is silent log source monitoring. If some feed or some host went offline or was not pulling any logs into Google Security Operations, I would want better visibility. Silent host monitoring would make a significant difference because it is very hard to track which host went down, and there are many false positives as a result. I think there is a lot of room for scalability improvements, particularly in the integration of third-party applications. Currently, I have to write a script and use a cloud run function to pull logs. If there were direct ingestion by simply providing an API key and some sort of client certificate, it would be much easier.
SohailHyder - PeerSpot reviewer
Head Of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Without hyperbole, I have never, in my entire career, encountered a vendor or a vendor community as awesome as Siemplify. Siemplify and the Siemplify Community quite literally made it possible for our SOC to increase almost five-fold in our number of clients and number of analysts and to go from a Monday to Friday 9-5 shop to a 24/7 shop all in the span of under a year and a half and all while continually adding capabilities and improving the services we offer to our clients."
"The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations with other security operation solutions, enhancing our flexibility. The user interface is generally straightforward, although recent changes may require some adjustment and Siemplify's integrations and capabilities offer potential support for various compliance requirements."
"The valuable parts of Google Security Operations include how easy it is to write parsers or detection rules, and it is well-advanced in the analytical part."
"The most valuable feature of Siemplify is the playbooks that can be created."
"Google SecOps is extremely useful for threat detection and hunting."
"Google Security Operations helps meet all the important regulatory compliance across all verticals."
"Overall, Google SecOps is a very useful service for security operations."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"The solution is very cost-effective because they are not charging based on the EPS but on the number of assets."
"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."
"The UI is very good."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
 

Cons

"I can give customer service a rating of six because it is very hard sometimes to keep up with the support."
"Building the playbooks could be easier and the integration could improve. It is a difficult process, such as what API connections need to be made."
"The main improvement could be in the accuracy and detail provided in threat descriptions."
"We often encounter minor issues that could be improved, but we maintain communication with the developers and submit feature requests. Recently, I requested enhancements such as improved search functionality within playbooks and expanded options for exporting case data."
"I'm inclined to say that I'd love to see some Machine Learning capabilities integrated into the platform, however, I just attended a demo this morning where Siemplify gave a sneak peek into some Machine Learning capabilities that they are currently developing and have roadmapped for release soon."
"I'd like to be able to get the compliance report within the solution which is currently not possible."
"The APIs can be further improved in Rapid7."
"The main problem lies in the processes within the client's operating systems."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"Needs a better ability to customize the check within the console."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"The product allows us to make only 30 custom rules."
"Inability to get access to compliance reports within the solution."
 

Pricing and Cost Advice

Information not available
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
"The pricing and licensing are competitive."
"It is more reasonably priced than other vendors."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"Rapid7 InsightIDR is priced very well and is cost-effective."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Manufacturing Company
10%
University
7%
Outsourcing Company
6%
Manufacturing Company
9%
Financial Services Firm
9%
Computer Software Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Large Enterprise3
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise5
Large Enterprise6
 

Questions from the Community

What is your experience regarding pricing and costs for Siemplify?
The pricing for Google SecOps and Microsoft Sentinel is almost the same, with no significant differences.
What needs improvement with Siemplify?
A potential area of improvement for Google Security Operations could be cost. I think Google has already started developing AI SOC and Agentic SOC, so I do not have any other suggestions for improv...
What is your primary use case for Siemplify?
Google Security Operations is the main tool that my clients use for the security operations of their companies.
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What needs improvement with Rapid7 InsightIDR?
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature...
What is your primary use case for Rapid7 InsightIDR?
I am working with Rapid7 InsightOps and Rapid7 InsightIDR because the requirement is as such from the customer side, particularly the banks. Whatever the requirement is, these are the products that...
 

Also Known As

Siemplify ThreatNexus
InsightIDR
 

Overview

 

Sample Customers

FedEx Mondelez Intenrational Check Point Trustwave Atos Cyberint Bae Systems Crowe Longwall Security Telefonica Nordea HCL
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about Google Security Operations vs. Rapid7 InsightIDR and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.