Rapid7 InsightIDR Reviews

Name: Rapid7 InsightIDR
Brand: Rapid7
Rating: 4.2 (32 reviews)

Vendor: Rapid7

4.2 out of 5

32 reviews
95% willing to recommend

238 followers

Start review

What is Rapid7 InsightIDR?

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Get the Rapid7 InsightIDR Buyer's Guide and find out what your peers are saying about Rapid7 InsightIDR, CrowdStrike Falcon, Wazuh and more!

Rapid7 InsightIDR is the #2 ranked solution in top User Entity Behavior Analytics (UEBA) solutions, #5 ranked solution in top Threat Deception Platforms, #9 ranked solution in top Security Information and Event Management (SIEM) solutions, #14 ranked solution in XDR Security products, and #18 ranked solution in EDR tools. PeerSpot users give Rapid7 InsightIDR an average rating of 8.4 out of 10. Rapid7 InsightIDR is most commonly compared to CrowdStrike Falcon: Rapid7 InsightIDR vs CrowdStrike Falcon. Rapid7 InsightIDR is popular among the large enterprise segment, accounting for 52% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 16% of all views.

Helped 849,686 peers since 2012

Featured Rapid7 InsightIDR reviews

Asim Naeem

Principal IT Security & Compliance at IBEX Holdings Ltd

I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Read full review

Gerard Konan

Founder & CEO at AGILLY

One of our customers had a Huawei firewall and we required help to do the configuration. However, the installation was easy with other standard vendors like Cisco and Check Point. The product's deployment got completed in four to five days and we required three people to handle it. One person was in charge of the portal's initial set up and the other one handled the integration of on-premises devices. The third one took care of Office 365 integration.

Read full review

Khizar Butt

Country Sales Lead at securic systems

We used to use QRadar in my previous company. The first difference is in the deployment architecture. QRadar comes with cloud and on-prem options. In countries like Pakistan, where I am from, there are very strict regulations for using cloud solutions, especially in the banking sector. Rapid7 only offers a SaaS-based SIEM. The second difference between the two is in their licensing. Rapid7 InsightIDR license is applied based on the number of nodes and devices. QRadar, on the other hand, does licenses the events per second. The third difference is in the threat intelligence QRadar provides, and there's a huge difference between the two in this domain. QRadar is an IBM product that is very old in the SIEM market and provides relatively better threat intelligence than players like Rapid7.

Read full review

Rapid7 InsightIDR mindshare

Product category:

As of May 2025, the mindshare of Rapid7 InsightIDR in the Security Information and Event Management (SIEM) category stands at 2.5%, down from 2.7% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

PeerResearch reports based on Rapid7 InsightIDR reviews

Type	Title	Date
Category	Security Information and Event Management (SIEM)	Apr 30, 2025	Download
Product	Reviews, tips, and advice from real users	Apr 30, 2025	Download
Comparison	Rapid7 InsightIDR vs Splunk Enterprise Security	Apr 30, 2025	Download
Comparison	Rapid7 InsightIDR vs Wazuh	Apr 30, 2025	Download
Comparison	Rapid7 InsightIDR vs Microsoft Sentinel	Apr 30, 2025	Download

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	4.7%	96%	126 interviews Add to research
Wazuh	3.7	13.9%	79%	46 interviews Add to research

Valuable Features

Rapid7 InsightIDR offers intelligent alerting to mitigate alert fatigue, wide network coverage, seamless integration with Rapid7 tools like Metasploit. It excels in ease of use, user-friendly interface, quick deployment, threat intelligence, user behavior analytics, and intuitive dashboards. Scalable licensing, agent-based endpoints monitoring, cloud-based operations, customizable rules, enhanced user behavior analytics, and effective log correlation enhance threat detection and incident management. Its unified platform efficiently visualizes security data for streamlined management.

"I definitely recommend Rapid7 InsightIDR."
"The platform offers unlimited storage and agent-based solutions."
"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."

Room for Improvement

Rapid7 InsightIDR could benefit from improved API integration with ITSMs, more supported log sources, and easier custom log configurations. Reporting needs enhancements, including multi-level event grouping and a simplified dashboard. Greater mobile application features and endpoint management from the portal are desired. Additionally, integration and search functionalities require refinement. Users seek better on-premise options, AI capabilities, XDR development, and increased threat intelligence depth. Custom rule limits should be addressed along with enhanced user behavior analytics.

"There is a future in AI with Rapid7, however, it is not fully operated. There are certain limitations with Rapid7 that I am working on."
"There are certain limitations with Rapid7 that I am working on."
"The searching feature in Rapid7 InsightIDR needs to evolve"

ROI

The ROI from Rapid7 InsightIDR is presumed to be substantial, although an exact figure was never calculated by users.

Pricing

Enterprise buyers evaluating Rapid7 InsightIDR find its pricing reasonable and competitive. The solution employs a subscription model, with licensing based on endpoints and log retention time, differing from EPS-based competitors. While some find the minimum order quantity challenging, others appreciate the flexibility in scaling as needed. Costs can vary depending on customer size and additional needs, but many users find pricing to be mid-range and value the balance between cost, features, and manageability.

"The solution has a mid-range price point in the market"
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."

Popular Use Cases

Rapid7 InsightIDR's primary use case includes maintaining security posture through behavior monitoring, threat detection, and incident response. Users appreciate its SIEM capabilities, which allow for log correlation, vulnerability management, intrusion detection, and prevention. It supports secure access tracking, data ingesting from various security devices, and assists in breach investigations. Organizations utilize Rapid7 InsightIDR for compliance, system health assessment, and providing insights on malicious activities across IT environments. It is favored for ease of use, supporting both internal and customer environments.

Service and Support

Rapid7 InsightIDR's customer service and support are generally praised for being professional, helpful, and thorough, with a solid knowledge base, yet some note that response times can vary, occasionally being slow. The support is described as responsive with varying satisfaction levels, often rated 7 or higher out of 10. They are noted for being prompt and adhering to SLA terms, though language limitations and delays with intricate issues are observed by a few.

Deployment

Users found Rapid7 InsightIDR's initial setup simple and straightforward. It involves connecting logging devices and is adaptable, allowing expansion over time. Most users completed the deployment quickly, often within days or even hours, depending on the size of the deployment. Support from a specialist was available when needed, simplifying tasks such as log source selection and plugin installation. While some components might be complex, the process generally required minimal effort and a small team to execute.

Scalability

Rapid7 InsightIDR appears highly scalable, leveraging its cloud-based infrastructure to handle extensive data and numerous devices. Users report successfully managing thousands of endpoints without issues, praising its adaptability for various business sizes. While some licensing constraints exist, it's proficient for medium and large enterprises. The cloud platform supports easy server additions and high workloads, with few challenges reported. Despite minor limitations, users rate its scalability highly, accommodating diverse organizational needs effectively.

Stability

Rapid7 InsightIDR is consistently described as stable. Users rarely experience stability concerns, and resource issues are resolved with additional hardware. The cloud-based nature allows quick issue correction. Notifications are sent during maintenance, and performance relies on a smooth internet connection. Users are generally content, rating stability high, with several rating it ten out of ten. Outages are uncommon, and downtime has not been reported in recent years.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Rapid7 InsightIDR Buyer's Guide for additional reliable information.