No more typing reviews! Try our Samantha, our new voice AI agent.

Rapid7 InsightIDR vs Sumo Logic Security comparison

Rapid7 and Sumo Logic are both solutions in the Security Information and Event Management (SIEM) category. Rapid7 is ranked #25 with an average rating of 7.0, while Sumo Logic is ranked #20 with an average rating of 7.3. Rapid7 holds a 2.1% mindshare in SIEM, compared to Sumo Logic’s 1.6% mindshare. Additionally, 96% of Rapid7 users are willing to recommend the solution, compared to 92% of Sumo Logic users who would recommend it.
Rapid7 InsightIDR
Read 32 Rapid7 InsightIDR reviews
  • 10,529 Views
  • 5,370 Comparison Views
96% willing to recommend
Sumo Logic Security
Read 25 Sumo Logic Security reviews
  • 5,479 Views
  • 3,781 Comparison Views
92% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

Sumo Logic Security and Rapid7 InsightIDR compete in the security analytics and threat detection category. Based on the results, Rapid7 InsightIDR seems to have the upper hand due to its comprehensive features, although Sumo Logic Security's integration capabilities are highly valued in certain environments.

Features: Sumo Logic Security is valued for its real-time analytics, integration with multiple data sources, and scalability. Rapid7 InsightIDR stands out with incident response automation, comprehensive threat intelligence, and proactive threat management through automated responses.

Room for Improvement: Sumo Logic Security needs to enhance its alerting system, incident management workflows, and user interface. Rapid7 InsightIDR requires better scalability, more in-depth reporting features, and an easier setup process for some environments.

Ease of Deployment and Customer Service: Sumo Logic Security offers a straightforward deployment process and reliable support, though the initial setup can be complex. Rapid7 InsightIDR's deployment is praised for its simplicity, and its customer support is highly responsive.

Pricing and ROI: Sumo Logic Security is cost-effective with a favorable ROI but has a high initial setup cost. Rapid7 InsightIDR users consider the solution worth its higher price due to superior features and better long-term ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Rapid7 InsightIDR vs. Sumo Logic Security Report (Updated: June 2026).
Buyer's Guide
Rapid7 InsightIDR vs. Sumo Logic Security
June 2026
Download the complete report
Helped 900,838 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
25th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
User Entity Behavior Analytics (UEBA) (12th), Endpoint Detection and Response (EDR) (47th), Threat Deception Platforms (6th), Extended Detection and Response (XDR) (28th)
Sumo Logic Security
Ranking in Security Information and Event Management (SIEM)
20th
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
25
Ranking in other categories
Log Management (21st), Security Orchestration Automation and Response (SOAR) (13th)
 

Mindshare comparison

As of June 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Rapid7 InsightIDR is 2.1%, down from 2.6% compared to the previous year. The mindshare of Sumo Logic Security is 1.6%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Sumo Logic Security1.6%
Rapid7 InsightIDR2.1%
Other96.3%
Security Information and Event Management (SIEM)
 

Featured Reviews

SohailHyder - PeerSpot reviewer
SohailHyder
Head Of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.
Read full review
MR
Migell Roberts
Senior Security Analyst at City Electric Supply Company
Security insights have enabled faster incident response and streamlined cross-team collaboration
To improve Sumo Logic Security, I would appreciate the tool being easier to use from a search perspective. For example, we have a few teams that want to use the tool itself, but they are not as savvy when it comes to creating searches from the core platform. I understand that Mobot has come out and is in the works, and it really does assist non-savvy users when it comes to querying the platform. As far as that is concerned, I wish that could be improved a bit more, but I do know that that is in the works. I would add that I wish for improved documentation. For example, we are using Sumo Playbooks and automation integrations along with that, but I have found that there has been a lack of documentation, very little to none at all when it comes to that. With regards to automation integrations as well, there are very few details included in them. I would also appreciate the AWS automation integrations to be more secure because currently, they are using access keys, which involves a user rather than roles, which is the security best practice recommended by AWS. I chose eight out of ten because to make it a nine or ten, I would lean heavily on the documentation. A lot of the times when we get around to configuring things such as playbooks or trying to understand playbooks, what I found was that documentation sometimes is not up to date or documentation is lacking. There are instances also where some security best practices are not being followed. So, if we are able to set up an integration that is not only secure, following security best practices, and has complete documentation, I believe it would alleviate the issue of having to go back and forth with support to check the documentation and things of that nature. My impression of the built-in threat intelligence feature in Sumo Logic Security is that it is comprehensive, but I would say that it could do a little bit better. For example, we have the TAXI feeds, which is STIX and TAXI integrated into the core platform, but the issue I am running into is that I am able to use that feed into a CSE alert; however, I am not able to see the contents of that feed. If I integrate CISA, which we do have integrated, I cannot see what IOCs are in that feed in the core platform, and I hope that is the case because, in order for us to better tune our alerts, we need to be able to see what is in the contents of that threat intelligence feed.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like the tool's user analysis feature."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"I've used other products such as QRadar and other SIEM solutions and I find this solution is much more simplified and user-friendly."
"Previously, when something happened, such as when a hacker was attacking one of our customers, we were always behind, or we did not know that we were hacked until the ransomware started, but with the Rapid7 solution, at every step, we could online see what a person was doing, and we could prevent ransomware."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"The most valuable features have to do with ease-of-use, as it is easy to check the events, investigate suspicious activities, and do forensic analysis, and the web interface is great — very useful and user-friendly."
"It improved my organization by building a security alerting program."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
More Rapid7 InsightIDR pros
"Sumo Logic Security has positively impacted my organization by increasing engagement with different teams."
"Sumo Logic does give a lot of monitoring ability, even ingesting logs and integrating dashboard reports."
"I have no concerns about the stability of the product, and I feel it handles the stress we put on it very well."
"The troubleshooting part of Sumo Logic has solved a lot, e.g., if there is any downtime on the website, so we have reduced our downtime by a lot with Sumo Logic because we can easily troubleshoot issues."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"It works with all our main applications, so the integration with those products is pretty seamless from my standpoint."
"We love the product and haven't had any bad experiences with it."
More Sumo Logic Security pros
 

Cons

"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"Rapid7's customer support is awful. They didn't respond at all."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses.​"
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
More Rapid7 InsightIDR cons
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"The solution should improve its UI."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"A more transparent roadmap as to what Sumo Logic Security is trying to achieve would be beneficial. Sumo often gives information in three-month cycles, which makes it hard for planning purposes."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"I don't recommend this product."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
More Sumo Logic Security cons
 

Pricing and Cost Advice

"The pricing is good, and it is not very expensive."
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"Rapid7 InsightIDR is priced very well and is cost-effective."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"It is a reasonably priced solution."
More Rapid7 InsightIDR pricing and cost advice
"We chose to go through the AWS Marketplace because it makes it a lot easier when we bill our customers. Rather than having to get multiple different sources of information then correlate a monthly bill for our customers, it is just included in the AWS usage charges."
"The pricing is a little high, but for the features that we receive from Sumo Logic, it suits the price. For some small organizations, the price might be a little high."
"The license pricing model is based on the events that are processed through the solution."
"Storing logs in Sumo Logic Security is charged GB-wise, which is a little higher than other products."
"Purchasing the solution through the AWS Marketplace is very easy."
"The AWS Marketplace pricing is borderline. Every annual renewal, we always contemplate if we are getting what we think we could out of it or could we do it cheaper with some other product."
"The pricing is good. It's not an issue for us."
"If we went to ELK Stack, which is open source, it would have been less costly, but it would have required more development from our side."
More Sumo Logic Security pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
900,838 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
9%
Financial Services Firm
9%
Computer Software Company
8%
Comms Service Provider
7%
Manufacturing Company
12%
Financial Services Firm
11%
Outsourcing Company
10%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise5
Large Enterprise6
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise4
Large Enterprise16
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
See all answers
What needs improvement with Rapid7 InsightIDR?
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature...
See all answers
What is your primary use case for Rapid7 InsightIDR?
I am working with Rapid7 InsightOps and Rapid7 InsightIDR because the requirement is as such from the customer side, particularly the banks. Whatever the requirement is, these are the products that...
See all answers
What is your experience regarding pricing and costs for Sumo Logic Security?
I would say that the pricing for Sumo Logic Security is in the medium part of the market. If you go to the well-known vendors such as Azure Sentinel or other tools like Splunk, you are going to fin...
See all answers
What needs improvement with Sumo Logic Security?
I would say there are a few more things that Sumo Logic Security can improve on. It is not the tool; it is a technical part. From the app point of view, I would say when we need to include a few la...
See all answers
What is your primary use case for Sumo Logic Security?
I use Sumo Logic Security.
See all answers
 

Comparisons

Microsoft Sentinel vs Rapid7 InsightIDR Logo
Microsoft Sentinel vs Rapid7 InsightIDR
Compared 4% of the time
Splunk Enterprise Security vs Rapid7 InsightIDR Logo
Splunk Enterprise Security vs Rapid7 InsightIDR
Compared 4% of the time
Vectra AI vs Rapid7 InsightIDR Logo
Vectra AI vs Rapid7 InsightIDR
Compared 3% of the time
Adlumin Security Operations vs Rapid7 InsightIDR Logo
Adlumin Security Operations vs Rapid7 InsightIDR
Compared 3% of the time
IBM Security QRadar vs Rapid7 InsightIDR Logo
IBM Security QRadar vs Rapid7 InsightIDR
Compared 3% of the time
More Rapid7 InsightIDR Competitors
Panther vs Sumo Logic Security Logo
Panther vs Sumo Logic Security
Compared 11% of the time
Splunk Enterprise Security vs Sumo Logic Security Logo
Splunk Enterprise Security vs Sumo Logic Security
Compared 8% of the time
Microsoft Sentinel vs Sumo Logic Security Logo
Microsoft Sentinel vs Sumo Logic Security
Compared 5% of the time
IBM Security QRadar vs Sumo Logic Security Logo
IBM Security QRadar vs Sumo Logic Security
Compared 5% of the time
Elastic Security vs Sumo Logic Security Logo
Elastic Security vs Sumo Logic Security
Compared 4% of the time
More Sumo Logic Security Competitors
 

Product Reports

Buyer's Guide
Rapid7 InsightIDR
June 2026
Rapid7 InsightIDR reportDownload Rapid7 InsightIDR product report
Buyer's Guide
Sumo Logic Security
May 2026
Sumo Logic Security reportDownload Sumo Logic Security product report
 

Also Known As

InsightIDR
No data available
 

Overview

Rapid7 InsightIDR is a cloud-based security information and event management solution known for its user behavior analytics, offering rapid detection and response capabilities while facilitating seamless integration across systems.

Rapid7 InsightIDR is designed to enhance threat detection and investigation through its efficient user behavior analytics and advanced threat intelligence framework. The platform's cloud-based deployment ensures rapid setup and comprehensive event monitoring across diverse IT environments, including endpoints and Office 365. Its intuitive interface supports seamless data collection, honing in on threat detection through honeypot utilization and intelligent alerting. However, it is noted for lacking some customization features and better integration, especially with Microsoft and ITSMs.

What are the key features of Rapid7 InsightIDR?
  • User Behavior Analytics: Detects threats by analyzing patterns and anomalies.
  • Cloud Deployment: Enables quick setup and scalability.
  • Comprehensive Monitoring: Monitors events across systems and platforms like Office 365.
  • Honeypots and Alerting: Utilizes honeypots to reduce false positives and alert fatigue.
  • Threat Intelligence Framework: Supports effective threat hunting and remediation.
What benefits should users consider in reviews when evaluating Rapid7 InsightIDR?
  • Enhanced Detection: Improves threat detection with user behavior analysis.
  • Easy Integration: Integrates across systems for a streamlined security approach.
  • Rapid Response: Facilitates quick action against identified threats.
  • Operational Efficiency: Offers a cohesive view of security operations.

Rapid7 InsightIDR is prominently used in security operation centers to manage events, detect threats, and respond effectively. Industries apply it for network behavior monitoring, compliance, and vulnerability management. Companies integrate it with security tools to boost threat investigation, ensuring full SIEM functionalities and robust log management capacities. Its application spans behavioral and intrusion analytics, aiding in monitoring and addressing malicious activities.

Rapid7

Sumo Logic Security offers efficient event monitoring with customizable alerts, centralized log search, and real-time threat detection. It supports multi-cloud environments and integrates with threat intelligence, reducing workload with AI-driven analytics.

Sumo Logic Security empowers organizations with advanced logging and monitoring solutions, facilitating comprehensive security event management. Its robust log search and comparison features, combined with user-friendly dashboards, enable quick event analysis. The platform's multi-cloud support and real-time threat detection are notable features, seamlessly integrating automated log correlation and AI analytics to optimize user experience. Despite needing enhancements in querying and dashboard functionalities, Sumo Logic Security remains a reliable choice for application log management, IT asset visibility, and incident alerting. Organizations utilize it for threat detection, posture monitoring, and compliance audits, in platforms like AWS, focusing on security insights and performance monitoring.

What are the key features of Sumo Logic Security?
  • Log Search: Facilitates centralized search and event analysis.
  • Custom Alerts: Offers flexibility in monitoring specific security events.
  • AI-driven Analytics: Reduces workload and speeds up response times.
  • Real-time Detection: Ensures swift threat identification and mitigation.
  • Multi-cloud Support: Enables integrations across cloud environments.
What benefits can users expect from Sumo Logic Security?
  • Ease of Implementation: Quick setup and deployment processes.
  • Cost-effective Pricing: Provides value-driven investment with supportive customer service.
  • Responsive UI: Enhances user experience and efficiency in operations.
  • Compliance Audits: Facilitates thorough security audits and reporting.

Organizations in industries like finance and technology implement Sumo Logic Security to maintain security and compliance, leveraging its advanced monitoring and alerting capabilities. Teams focus on application troubleshooting and forensic analysis, ensuring robust security posture and effective incident response across cloud-based environments.

Sumo Logic
 

Sample Customers

Liberty Wines, Pioneer Telephone, Visier
Information Not Available
Buyer's Guide
Rapid7 InsightIDR vs. Sumo Logic Security
June 2026
Free Report: Rapid7 InsightIDR vs. Sumo Logic Security
Find out what your peers are saying about Rapid7 InsightIDR vs. Sumo Logic Security and other solutions. Updated: June 2026.
DOWNLOAD NOW
900,838 professionals have used our research since 2012.
See our Rapid7 InsightIDR vs. Sumo Logic Security report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.