Rapid7 InsightIDR vs Trellix ESM comparison

Rapid7 and Trellix are both solutions in the Security Information and Event Management (SIEM) category. Rapid7 is ranked #14 with an average rating of 7.8, while Trellix is ranked #27 with an average rating of 8.0. Rapid7 holds a 2.1% mindshare in SIEM, compared to Trellix’s 1.2% mindshare. Additionally, 96% of Rapid7 users are willing to recommend the solution, compared to 76% of Trellix users who would recommend it.

Rapid7 InsightIDR

Read 32 Rapid7 InsightIDR reviews

6,954 Views
3,407 Comparison Views

96% willing to recommend

Trellix ESM

Read 38 Trellix ESM reviews

2,163 Views
1,947 Comparison Views

76% willing to recommend

Rapid7 InsightIDR

Trellix ESM

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

Trellix ESM and Rapid7 InsightIDR are competitive SIEM solutions. Rapid7 InsightIDR's robust features make it the preferred choice, despite Trellix ESM excelling in support and pricing.

Features: Trellix ESM is known for advanced threat detection, customizable dashboards, and strong support. Rapid7 InsightIDR stands out with a user-friendly design, integration with multiple third-party tools, and more comprehensive SIEM capabilities.

Room for Improvement: Trellix ESM needs enhancements in scalability, reporting capabilities, and user interface. Rapid7 InsightIDR requires better alert fine-tuning, advanced analytics, and some improvements in performance under heavy loads.

Ease of Deployment and Customer Service: Trellix ESM's deployment can be complex, requiring significant time and expertise, but it offers well-regarded customer service. Rapid7 InsightIDR is praised for straightforward deployment and efficient customer service.

Pricing and ROI: Trellix ESM has competitive pricing but some users find the ROI lacking. Rapid7 InsightIDR is more expensive yet users feel its comprehensive features justify the cost, resulting in better perceived ROI.

To learn more, read our detailed Rapid7 InsightIDR vs. Trellix ESM Report (Updated: February 2026).

Buyer's Guide

Rapid7 InsightIDR vs. Trellix ESM

February 2026

Download the complete report

Helped 881,757 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Rapid7 InsightIDR

Ranking in Security Information and Event Management (SIEM)

14th

Average Rating

8.4

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (8th), Endpoint Detection and Response (EDR) (23rd), Threat Deception Platforms (4th), Extended Detection and Response (XDR) (18th)

Trellix ESM

Ranking in Security Information and Event Management (SIEM)

27th

Average Rating

7.4

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of February 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Rapid7 InsightIDR is 2.1%, down from 2.6% compared to the previous year. The mindshare of Trellix ESM is 1.2%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Market Share Distribution
Product	Market Share (%)
Rapid7 InsightIDR	2.1%
Trellix ESM	1.2%
Other	96.7%

Security Information and Event Management (SIEM)

Featured Reviews

SohailHyder

Head Of Cyber Security at Super Secure

Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration

If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Read full review

Mohit Dhingra

Senior Vice President IT at AS IT Consulting Pvt. Ltd.

Offers comprehensive report generation while maintaining ease of integration

We need to improve Trellix ESM by making sure that most of the logging devices available in the global market should be covered, and if there is any device which is not covered, there should not be any additional charges for writing the custom parsers on that. We can add some new features regarding AI in the future for Trellix ESM, but the maturity will take a longer time. There are many false positives that happen in an environment during the first couple of months, or around six months, so the system analyst is not able to identify whether the event which has occurred is a true positive or a false positive.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Great coverage of all systems within our network from endpoint to firewall."

"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."

"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."

"It is a very stable solution."

"Dashboards, including the main screen, provide much-needed information at a glance, without hours of coding and sifting through logs to find it. In case of an actual security incident, I have faith that insightIDR has retained all logs in a secure manner that prevents log tampering as well."

"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."

"The solution's initial setup is easy."

"I like the tool's user analysis feature."

More Rapid7 InsightIDR pros

"The product’s most valuable feature is log monitoring."

"The strongest part of Trellix ESM is that we get quite good reports."

"Scalability is quite easier with Trellix ESM, because all we need to do is add more receivers to it, so it can go to any point."

"The tool's effectiveness depends on how you define your log sources. To build visibility of incoming and outgoing traffic, you need logs from perimeter defense, firewalls, web application firewalls, and endpoint protection. With good traffic visibility, incident response time is really quick."

"The solution is 100% stable. We really have had a great time working with it. It hasn't let us down."

"The most valuable feature is the capability to correlate different events from different platforms that we feed into it."

"It enables us to detect malicious threats, issues, or vulnerabilities in our network."

"McAfee as a whole is a good solution."

More Trellix ESM pros

Cons

"There is a future in AI with Rapid7, however, it is not fully operated. There are certain limitations with Rapid7 that I am working on."

"The product allows us to make only 30 custom rules."

"The integration capabilities of the solution have certain shortcomings where improvements are required."

"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."

"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."

"The APIs can be further improved in Rapid7."

"The main problem lies in the processes within the client's operating systems."

"The searching feature in Rapid7 InsightIDR needs to evolve"

More Rapid7 InsightIDR cons

"The initial setup is difficult and could improve."

"Product-wise, adding accounts on a single data source by batch would be a really great help."

"There should be support for multitenancy in the product."

"The disk space needed for events is not clear. In all clients, we had at least more than 100GB free that we could not use."

"The user interface could be more user-friendly."

"Product currently requires Flash."

"There are always multiple bugs in the product. For example, the console page was hanging multiple times. Afterwards, they released multiple upgrades for the same, multiple patches from McAfee."

"The support from McAfee ESM could improve. They could improve the speed."

More Trellix ESM cons

Pricing and Cost Advice

"It is more reasonably priced than other vendors."

"Rapid7 InsightIDR charges us based on the endpoints we connect to."

"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."

"The pricing is good, and it is not very expensive."

"The pricing of the solution depends on the user. But there is a yearly licensing cost."

"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."

"Rapid7 InsightIDR is priced very well and is cost-effective."

"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."

More Rapid7 InsightIDR pricing and cost advice

"It is an inexpensive product. We purchase its yearly license."

"We renew our license annually."

"The product is slightly expensive."

"The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."

"The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."

"McAfee is the right choice for a low-budget solution."

"The price of McAfee ESM is higher than some of the other solutions. There are additional features that can be added at an additional fee."

"When compared to IBM Security QRadar and other similar platforms, the pricing of McAfee ESM is reasonable and comparatively less expensive."

More Trellix ESM pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

881,757 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

12%

Financial Services Firm

Manufacturing Company

Government

Comms Service Provider

16%

Financial Services Firm

Manufacturing Company

Construction Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	20
Midsize Enterprise	5
Large Enterprise	6

By reviewers
Company Size	Count
Small Business	15
Midsize Enterprise	6
Large Enterprise	24

Questions from the Community

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

What is your experience regarding pricing and costs for McAfee ESM?

When discussing Trellix ESM pricing and licensing, if you consider some premium product, the pricing also has to be premium, however, enterprise customers who look for a premium product, alongside ...

See all answers

What needs improvement with McAfee ESM?

Areas of Trellix ESM that could be improved or enhanced include checking on the clients who are still on-prem, especially banks, as most are not moving everything to the cloud due to confidentialit...

See all answers

What is your primary use case for McAfee ESM?

My customer's usual use case for Trellix ESM involves one client, as most of the users have moved to ESM. Nowadays, they don't use IPS only, since McAfee IPS is standalone; they incorporate firewal...

See all answers

Comparisons

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 5% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 5% of the time

Splunk Enterprise Security vs Rapid7 InsightIDR

Compared 5% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 4% of the time

Darktrace vs Rapid7 InsightIDR

Compared 3% of the time

More Rapid7 InsightIDR Competitors

OpenText Enterprise Security Manager vs Trellix ESM

Compared 20% of the time

IBM Security QRadar vs Trellix ESM

Compared 14% of the time

SentinelOne Singularity Complete vs Trellix ESM

Compared 12% of the time

Splunk Enterprise Security vs Trellix ESM

Compared 10% of the time

LogRhythm SIEM vs Trellix ESM

Compared 6% of the time

More Trellix ESM Competitors

Product Reports

Buyer's Guide

Rapid7 InsightIDR

January 2026

Download Rapid7 InsightIDR product report

Buyer's Guide

Trellix ESM

January 2026

Download Trellix ESM product report

Also Known As

InsightIDR

McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager

Overview

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

Trellix

Sample Customers

Liberty Wines, Pioneer Telephone, Visier

San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport

Buyer's Guide

Rapid7 InsightIDR vs. Trellix ESM

February 2026

Free Report: Rapid7 InsightIDR vs. Trellix ESM

Find out what your peers are saying about Rapid7 InsightIDR vs. Trellix ESM and other solutions. Updated: February 2026.

DOWNLOAD NOW

881,757 professionals have used our research since 2012.

See our Rapid7 InsightIDR vs. Trellix ESM report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.