Coming October 25: PeerSpot Awards will be announced! Learn more

Rapid7 InsightIDR vs Rapid7 InsightVM comparison

Cancel
You must select at least 2 products to compare!
Devo Logo
Read 15 Devo reviews
13,793 views|5,331 comparisons
Rapid7 Logo
10,429 views|7,051 comparisons
Rapid7 Logo
14,699 views|10,795 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Rapid7 InsightIDR and Rapid7 InsightVM based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Rapid7 InsightIDR vs. Rapid7 InsightVM report (Updated: September 2022).
633,952 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events.""The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable.""The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them.""The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way.""The strength of Devo is not only in that it is pretty intuitive, but it gives you the flexibility and creativity to merge feeds. The prime examples would be using the synthesis or union tables that give you phenomenal capabilities... The ability to use a synthesis or union table to combine all those feeds and make heads or tails of what's going on, and link it to go down a thread, is functionality that I hadn't seen before.""The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean.""In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time.""The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us."

More Devo Pros →

"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days.""Simple configuration and automatically syncs to the cloud platform.""Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log.""It is a very stable solution.""Very intuitive and easy to set up."

More Rapid7 InsightIDR Pros →

"The feature that I have found most valuable is its dashboards.""The product is scalable.""Using Rapid7, we can install a scan engine, we can do our VPN connections, and we can conduct internal scans of remote sites. We prefer the web application. It's smarter and more accurate from an application perspective.""Rapid7 have a good distribution network with good support and market presence.""The reports in Rapid7 InsightVM are useful when compared to competitors.""When it comes to the process, installation is very easy and does not take long.""The assessment is most valuable.""It's very scalable."

More Rapid7 InsightVM Pros →

Cons
"I would like to have the ability to create more complex dashboards.""We only use the core functionality and one of the reasons for this is that their security operation center needs improvement.""The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets.""Devo has a lot of cloud connectors, but they need to do a little bit of work there. They've got good integrations with the public cloud, but there are a lot of cloud SaaS systems that they still need to work with on integrations, such as Salesforce and other SaaS providers where we need to get access logs.""From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments.""The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc.""Technical support could be better.""Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data."

More Devo Cons →

"Inability to get access to compliance reports within the solution.""Lacks a mobile application.""One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level.""The dashboard is an area that could be simplified.""InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."

More Rapid7 InsightIDR Cons →

"The on-premise updates could improve from Rapid7 InsightVM.""It is still not a fully cloud-based solution. It will be helpful for customers if it is a complete cloud solution. It is a hybrid solution at the moment.""The product does not have the capability to do dynamic scanning of non-web applications.""The reporting is very bad when you compare it with other vulnerability assessment tools.""All products have room for increased security and Rapid7 InsightVM is no exception.""InsightVM could be improved by providing passive scanning as an option.""There are end-user needs and expectations that are being overlooked in the development that could be addressed by appointing a customer advisory board.""Some of our customers want to be completely cloud based, and Rapid7 doesn't offer this as an option."

More Rapid7 InsightVM Cons →

Pricing and Cost Advice
  • "I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."
  • "Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."
  • "[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."
  • "Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
  • "Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
  • "Our licensing fees are billed annually and per terabyte."
  • "I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
  • "Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."
  • More Devo Pricing and Cost Advice →

  • "It is a reasonably priced solution."
  • "It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
  • More Rapid7 InsightIDR Pricing and Cost Advice →

  • "Its price is too high. My only concern or issue with Rapid7 is its pricing."
  • "Comparing the price with the value that we receive, I am not happy with it."
  • "The license is annual and this is the optimal approach when it comes to most software."
  • "In some cases, we procure the licenses. In some cases, the customers directly buy the license from Rapid7."
  • "Licensing fees are paid on a yearly basis."
  • "We have an annual license to use Rapid7 InsightVM and if we want to extend it, we will possibly choose more than one year."
  • "Pricing is reasonable because we pay according to asset usage. We can define our assets and sites according to our preference."
  • "InsightVM is an expensive product, especially compared to its competitors, at around a million NOK per year."
  • More Rapid7 InsightVM Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    633,952 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Devo, like other vendors, doesn't charge extra for playbooks and automation. That way, you are only paying for the side… more »
    Top Answer:I need more empowerment in reporting. For example, when I'm using Qlik or Power BI in terms of reporting for the… more »
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR)… more »
    Top Answer:The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It… more »
    Top Answer:It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year.
    Top Answer:You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You… more »
    Top Answer:The risk score that they provide makes it easier to find out the biggest risks. It helped the security officers to… more »
    Top Answer:Its licensing is yearly. Everything is included in the price for one year.
    Comparisons
    Also Known As
    InsightIDR
    InsightVM, NeXpose
    Learn More
    Overview

    Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

    Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

    Rapid7 InsightVM is a comprehensive vulnerability management platform that protects your systems from attackers and is easy to scale. The solution provides easy access to vulnerability management, application security, detection and response, external threat intelligence, orchestration and automation, and more. Rapid7 InsightVM is ideal for security, IT, and DevOps teams, helping them reduce risk by enabling them to detect and respond to attacks quickly.

    Rapid7 InsightVM Features

    Rapid7 InsightVM has many valuable key features. Some of the most useful ones include:

    • Automated containment: With this feature, you can decrease exposure from vulnerabilities by automatically implementing temporary (or permanent) compensating controls via your network access control (NAC) systems, firewalls, and endpoint detection and response tools.
    • Policy assessment: Rapid7 InsightVM offers pre-built scan templates for common compliance requirements. The solution helps you take clear, actionable steps to compliance once you have assessed your risk posture. In addition, Rapid7 InsightVM’s Custom Policy Builder allows you to modify existing benchmarks or create new policies from scratch.
    • REST API: Rapid7 InsightVM REST API is easy to use and was built to easily automate virtually any aspect of vulnerability management, from data collection to risk analysis.
    • Live dashboards: Rapid7 InsightVM includes dashboards that are live and interactive by nature. The live dashboards enable you to create custom cards and full dashboards for anyone in your organization and allow you to track progress of your security program.
    • Automation-assisted patching: Rapid7 InsightVM’s automation-assisted patching gives you the autonomy to make key decisions in your patching process, such as your approval to apply certain patches to certain vulnerabilities.
    • Real risk prioritization: Rapid7 InsightVM makes it simple to know which vulnerabilities need to be prioritized and where your riskiest assets lie.
    • Goals and SLA’s: This feature enables you to make and track progress toward your goals and service level agreements (SLAs) at an appropriate pace.

    Rapid7 InsightVM Benefits

    There are many benefits to implementing Rapid7 InsightVM. Some of the biggest advantages the solution offers include:

    • Attack surface monitoring for maintained visibility: By leveraging attack surface monitoring with Project Sonar (a Rapid7 research project that regularly scans the internet to gain insights into global exposure to common vulnerabilities), you can gain more control of all of your external-facing assets, both known and unknown.
    • Container security: Rapid7 InsightVM integrates with your CI/CD tools, public container repositories, and private repositories to assess container images for vulnerabilities during the build process even before they are deployed.
    • Lightweight endpoint agent: Rapid7 InsightVM unifies data so you only need to install a single agent for continuous vulnerability assessment, incident detection, and log data collection.
    • Easily assign and track remediation duties: Using Rapid7 InsightVM, IT and security teams can assign as well as track remediation duties without having to deal with remediation reports, complex spreadsheets, or back-and-forth email tags.
    • Integration with cloud services and virtual infrastructure: Rapid7 InsightVM provides full visibility into risk across your physical, virtual, and cloud infrastructure.
    • Integrated threat feeds: Rapid7 InsightVM is designed with integrated threat feeds, giving you a dynamic view that shows you which threats are most relevant to your environment, enabling you to better protect against current, impending threats so you can react quickly to critical vulnerabilities.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Rapid7 InsightVM solution.

    An owner at a tech services company says, "I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps."

    PeerSpot user Kimeang S., Technical Consultant at Yip Intsoi, mentions, "The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at."

    A Director of Information Technology at a government explains, "The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."

    Offer
    See Devo in Action

    See how Devo allows you to free yourself from data management, and make machine data and insights accessible.

    Learn more about Rapid7 InsightIDR
    Learn more about Rapid7 InsightVM
    Sample Customers
    United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
    Liberty Wines, Pioneer Telephone, Visier
    ACS, Acosta, AllianceData, amazon.com, biogen idec, CBRE, CATERPILLAR, Deloitte, COACH, GameStop, IBM
    Top Industries
    REVIEWERS
    Computer Software Company63%
    Comms Service Provider13%
    Retailer13%
    Insurance Company13%
    VISITORS READING REVIEWS
    Computer Software Company22%
    Comms Service Provider14%
    Financial Services Firm9%
    Government9%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Comms Service Provider15%
    Financial Services Firm7%
    Government6%
    REVIEWERS
    Financial Services Firm15%
    Comms Service Provider15%
    Computer Software Company15%
    Insurance Company10%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Comms Service Provider12%
    Financial Services Firm8%
    Government8%
    Company Size
    REVIEWERS
    Small Business24%
    Midsize Enterprise18%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise16%
    Large Enterprise62%
    REVIEWERS
    Small Business46%
    Midsize Enterprise31%
    Large Enterprise23%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise20%
    Large Enterprise53%
    REVIEWERS
    Small Business42%
    Midsize Enterprise21%
    Large Enterprise37%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise16%
    Large Enterprise61%
    Buyer's Guide
    Security Information and Event Management (SIEM)
    September 2022
    Find out what your peers are saying about Splunk, IBM, Microsoft and others in Security Information and Event Management (SIEM). Updated: September 2022.
    633,952 professionals have used our research since 2012.

    Rapid7 InsightIDR is ranked 13th in Security Information and Event Management (SIEM) with 5 reviews while Rapid7 InsightVM is ranked 5th in Vulnerability Management with 22 reviews. Rapid7 InsightIDR is rated 8.2, while Rapid7 InsightVM is rated 7.6. The top reviewer of Rapid7 InsightIDR writes "Initial setup is quick, there is no need to pay for hardware, and it's easy to scale". On the other hand, the top reviewer of Rapid7 InsightVM writes "Broad capabilities make this scanning solution able to cover a lot of ground". Rapid7 InsightIDR is most compared with Microsoft Sentinel, Darktrace, Splunk, IBM QRadar and Exabeam Fusion SIEM, whereas Rapid7 InsightVM is most compared with Tenable Nessus, Qualys VM, Tenable.sc, Tenable.io Vulnerability Management and Rapid7 Metasploit.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.