Try our new research platform with insights from 80,000+ expert users

NetWitness Platform vs Rapid7 InsightIDR comparison

NetWitness and Rapid7 are both solutions in the Security Information and Event Management (SIEM) category. NetWitness is ranked #29 with an average rating of 8.0, while Rapid7 is ranked #15 with an average rating of 8.1. NetWitness holds a 0.6% mindshare in SIEM, compared to Rapid7’s 2.6% mindshare. Additionally, 75% of NetWitness users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.
NetWitness Platform
Read 37 NetWitness Platform reviews
  • 1,052 Views
  • 579 Comparison Views
75% willing to recommend
Rapid7 InsightIDR
Read 32 Rapid7 InsightIDR reviews
  • 3,876 Views
  • 1,926 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

NetWitness Platform and Rapid7 InsightIDR compete in the cybersecurity tools category. Rapid7 InsightIDR seems to have the upper hand due to better features and customer service, despite NetWitness Platform being more affordable.

Features: NetWitness Platform offers robust threat detection, analytics, and comprehensive visibility. Rapid7 InsightIDR is favored for its simplicity, effective incident detection, and user-friendliness, leading to quicker threat identification.

Room for Improvement: NetWitness Platform needs enhancements in configuration complexity, integration with other tools, and easier deployment. Rapid7 InsightIDR could improve its alerting system, provide more customization options, and enhance its reporting features.

Ease of Deployment and Customer Service: NetWitness Platform is criticized for its lengthy deployment process and the need for expert handling. Rapid7 InsightIDR stands out with smoother deployment and better user support, making it easier to implement.

Pricing and ROI: NetWitness Platform is known for lower setup costs and decent ROI, but requires additional investment in expertise. Rapid7 InsightIDR, while more expensive, offers higher ROI due to its advanced features and effective threat management, justifying the higher cost.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed NetWitness Platform vs. Rapid7 InsightIDR Report (Updated: June 2025).
Buyer's Guide
NetWitness Platform vs. Rapid7 InsightIDR
June 2025
Download the complete report
Helped 856,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

NetWitness Platform
Ranking in Security Information and Event Management (SIEM)
29th
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
37
Ranking in other categories
Log Management (38th)
Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
15th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
User Entity Behavior Analytics (UEBA) (5th), Endpoint Detection and Response (EDR) (26th), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (16th)
 

Mindshare comparison

As of June 2025, in the Security Information and Event Management (SIEM) category, the mindshare of NetWitness Platform is 0.6%, down from 0.8% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.6%, down from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

MOTASHIM Al Razi - PeerSpot reviewer
It is a stable solution, but they should make the user interface easier to understand
The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.
Read full review
Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features are the threat prediction and network forensics."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"The product's initial setup phase was not at all difficult."
"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
More NetWitness Platform pros
"Log search allows us to dive deep into aggregated logs and query all event types at once.​"
"I like that it's a cloud-based solution."
"I rate Rapid7 nine out of 10 for affordability"
"Simple configuration and automatically syncs to the cloud platform."
"The solution is easy to use, and the interface is intuitive."
"Great coverage of all systems within our network from endpoint to firewall."
"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."
More Rapid7 InsightIDR pros
 

Cons

"The multi-tenant capabilities are lagging compared to IBM QRadar."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"The tool's integration capability isn't so great."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
More NetWitness Platform cons
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"I feel it would greatly benefit from more supported log sources."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses.​"
"Lacks a mobile application."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"The searching feature in Rapid7 InsightIDR needs to evolve"
More Rapid7 InsightIDR cons
 

Pricing and Cost Advice

"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."
"There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
"Compared to the competition, the is price is not that high."
"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
"Our license is for one year."
More NetWitness Platform pricing and cost advice
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"The pricing and licensing are competitive."
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"Rapid7 InsightIDR's pricing is reasonable."
"The solution has a mid-range price point in the market"
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
More Rapid7 InsightIDR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
856,873 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Financial Services Firm
18%
Government
6%
Energy/Utilities Company
5%
Computer Software Company
15%
Financial Services Firm
9%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
See all answers
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
See all answers
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
See all answers
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
See all answers
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightIDR?
The product pricing is very cheap.
See all answers
 

Comparisons

Splunk Enterprise Security vs NetWitness Platform Logo
Splunk Enterprise Security vs NetWitness Platform
Compared 24% of the time
IBM Security QRadar vs NetWitness Platform Logo
IBM Security QRadar vs NetWitness Platform
Compared 20% of the time
Elastic Security vs NetWitness Platform Logo
Elastic Security vs NetWitness Platform
Compared 13% of the time
RSA enVision vs NetWitness Platform Logo
RSA enVision vs NetWitness Platform
Compared 11% of the time
Trellix Network Detection and Response vs NetWitness Platform Logo
Trellix Network Detection and Response vs NetWitness Platform
Compared 9% of the time
More NetWitness Platform Competitors
Darktrace vs Rapid7 InsightIDR Logo
Darktrace vs Rapid7 InsightIDR
Compared 10% of the time
Microsoft Sentinel vs Rapid7 InsightIDR Logo
Microsoft Sentinel vs Rapid7 InsightIDR
Compared 9% of the time
Rapid7 InsightVM vs Rapid7 InsightIDR Logo
Rapid7 InsightVM vs Rapid7 InsightIDR
Compared 8% of the time
CrowdStrike Falcon vs Rapid7 InsightIDR Logo
CrowdStrike Falcon vs Rapid7 InsightIDR
Compared 5% of the time
Splunk Enterprise Security vs Rapid7 InsightIDR Logo
Splunk Enterprise Security vs Rapid7 InsightIDR
Compared 5% of the time
More Rapid7 InsightIDR Competitors
 

Product Reports

Buyer's Guide
NetWitness Platform
May 2025
NetWitness Platform reportDownload NetWitness Platform product report
Buyer's Guide
Rapid7 InsightIDR
May 2025
Rapid7 InsightIDR reportDownload Rapid7 InsightIDR product report
 

Also Known As

RSA Security Analytics
InsightIDR
 

Overview

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7
 

Sample Customers

Los Angeles World Airports, Reply
Liberty Wines, Pioneer Telephone, Visier
Buyer's Guide
NetWitness Platform vs. Rapid7 InsightIDR
June 2025
Free Report: NetWitness Platform vs. Rapid7 InsightIDR
Find out what your peers are saying about NetWitness Platform vs. Rapid7 InsightIDR and other solutions. Updated: June 2025.
DOWNLOAD NOW
856,873 professionals have used our research since 2012.
See our NetWitness Platform vs. Rapid7 InsightIDR report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.