We performed a comparison between Elastic Security and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"The threat intelligence is excellent."
"The integration, visibility, vulnerability management, and device identification are valuable."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"The solution is quite stable. The performance has been good."
"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."
"The cost is reasonable. It's not overly pricey."
"It's very customizable, which is quite helpful."
"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"The most valuable feature for me is Discover."
"Elastic is straightforward, easy to integrate, and highly customizable."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"Very intuitive and easy to set up."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"Log search allows us to dive deep into aggregated logs and query all event types at once."
"The alerting to drive investigations and remediation has been its most valuable feature."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"Technical support could respond faster."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."
"We'd like better premium support."
"One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"The solution could offer better reporting features."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"Lacks a mobile application."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"Needs a better ability to customize the check within the console."
"Inability to get access to compliance reports within the solution."
Elastic Security is ranked 5th in Security Information and Event Management (SIEM) with 59 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews. Elastic Security is rated 7.6, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and syslog-ng, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and LogRhythm SIEM. See our Elastic Security vs. Rapid7 InsightIDR report.
See our list of best Security Information and Event Management (SIEM) vendors, best Endpoint Detection and Response (EDR) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
