Cortex XDR by Palo Alto Networks vs Rapid7 InsightIDR comparison

Palo Alto Networks and Rapid7 are both solutions in the Extended Detection and Response (XDR) category. Palo Alto Networks is ranked #7 with an average rating of 8.7, while Rapid7 is ranked #14 with an average rating of 8.2. Palo Alto Networks holds a 5.6% mindshare in XDR, compared to Rapid7’s 2.7% mindshare. Additionally, 95% of Palo Alto Networks users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.

Cortex XDR by Palo Alto Net...

Read 90 Cortex XDR by Palo Alto Networks reviews

7,883 Views
4,799 Comparison Views

95% willing to recommend

Rapid7 InsightIDR

Read 32 Rapid7 InsightIDR reviews

2,818 Views
1,771 Comparison Views

95% willing to recommend

Cortex XDR by Palo Alto Net...

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Cortex XDR and Rapid7 InsightIDR compete in the threat detection and response category. Rapid7 InsightIDR has an edge due to its advanced analytics features, providing detailed threat insights, although it comes at a higher cost.

Features: Cortex XDR offers comprehensive integration, easy threat detection across multiple environments, and unified threat management. Rapid7 InsightIDR delivers strong log management, enriched alerting capabilities, and robust analytical features for deeper threat context.

Room for Improvement: Cortex XDR could benefit from enhanced threat intelligence updates, faster real-time responses, and greater customization flexibility. Rapid7 InsightIDR needs simpler customization options, improved user interface for non-technical users, and streamlined setup processes.

Ease of Deployment and Customer Service: Cortex XDR is known for straightforward deployment and responsive customer service. Rapid7 InsightIDR offers a fast deployment process, with noted initial challenges that could be alleviated with better customer training, but maintains efficiency.

Pricing and ROI: Cortex XDR is competitive in pricing with solid ROI due to its comprehensive protection features. Rapid7 InsightIDR is more costly but offers high-value returns from superior threat identification, catering to enterprises prioritizing advanced features over budget.

To learn more, read our detailed Cortex XDR by Palo Alto Networks vs. Rapid7 InsightIDR Report (Updated: February 2025).

Buyer's Guide

Cortex XDR by Palo Alto Networks vs. Rapid7 InsightIDR

February 2025

Download the complete report

Helped 845,040 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XDR by Palo Alto Net...

Ranking in Extended Detection and Response (XDR)

7th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (4th)

Rapid7 InsightIDR

Ranking in Extended Detection and Response (XDR)

14th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (9th), User Entity Behavior Analytics (UEBA) (2nd), Endpoint Detection and Response (EDR) (18th), Threat Deception Platforms (5th)

Mindshare comparison

As of April 2025, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 5.6%, down from 6.8% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.7%, up from 2.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Extended Detection and Response (XDR)

Featured Reviews

Mohammad Qaw

Senior Security Consultant at helpag

Perfect correlation and XDR capabilities for network traffic plus endpoint security

The solution should force customers to integrate with network traffic to see the full benefits of XDR. If you are not integrating it or feeding in your network traffic, then you are just buying a normal antivirus which doesn't make any sense. You are paying double the price to use the antivirus feature or to say you have XDR, but in reality you are not using it. The solution should include an on-premises option because some customers want only on-premises. It would be hard, but good to do if possible. Open XDR would be beneficial in the future. Right now, the solution is Closed XDR so cannot communicate with the few new vendors in the Open XDR market.

Read full review

Asim Naeem

Principal IT Security & Compliance at IBEX Holdings Ltd

Providing comprehensive insight into alerts while working towards AI enhancement

I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution allows us to make investigations. Other XDR solutions also provide similar capabilities but for investigation, Cortex XDR is better."

"It collects and caches and the knowledge of machine learning from different customers to take to the cloud. It makes it better to use for everybody. It allows for quick learning and updates and can, therefore, offer zero-day malware security. This sharing of metadata helps make the solution very safe."

"We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."

"It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else."

"After deploying Traps, we saw the performance of the network improve by 65 to 70 percent."

"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."

"The solution's most valuable feature is the user interface."

"Cortex XDR is a simple platform that's easy for administrators and users. You have a lot of flexibility to change or customize the features."

More Cortex XDR by Palo Alto Networks pros

"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."

"The platform offers unlimited storage and agent-based solutions."

"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."

"The solution's initial setup is easy."

"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."

"InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."

"Rapid7's reporting is more robust than Tenable's."

"The ability to ingest Office 365 log files, then process them into events and display them on a map."

More Rapid7 InsightIDR pros

Cons

"The solution needs better reports. I think they should let the customer go in and customize the reports."

"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."

"The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons."

"The GUI could be improved."

"The encryption is not up to the mark."

"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."

"It would be good to have a better way to search for a file within the UI."

"Currently, we are monitoring all USB drives and ports but we would like to improve our device control capabilities."

More Cortex XDR by Palo Alto Networks cons

"The APIs can be further improved in Rapid7."

"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."

"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."

"There is a future in AI with Rapid7, however, it is not fully operated. There are certain limitations with Rapid7 that I am working on."

"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."

"The dashboard is an area that could be simplified."

"The main problem lies in the processes within the client's operating systems."

"Cloud risk assessment is one area where I think they need a lot of improvement."

More Rapid7 InsightIDR cons

Pricing and Cost Advice

"The pricing is a little bit on the expensive side."

"Very costly product."

"Cortex XDR by Palo Alto Networks is quite an expensive solution."

"I feel it is fairly priced."

"The solution has one subscription for endpoint protection and one subscription for detection and response. The two licenses combined give you the BRO version."

"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."

"It has a yearly renewal."

"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."

More Cortex XDR by Palo Alto Networks pricing and cost advice

"The pricing of the solution depends on the user. But there is a yearly licensing cost."

"It is more reasonably priced than other vendors."

"Accurately predict your licensing counts as this is a subscription based product."

"The pricing and licensing are competitive."

"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."

"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."

"The solution has a mid-range price point in the market"

"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help."

More Rapid7 InsightIDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

845,040 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

Government

Manufacturing Company

Computer Software Company

16%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...

See all answers

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...

See all answers

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks

Compared 12% of the time

CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks

Compared 7% of the time

Darktrace vs Cortex XDR by Palo Alto Networks

Compared 5% of the time

Wazuh vs Cortex XDR by Palo Alto Networks

Compared 5% of the time

Check Point Harmony Endpoint vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

More Cortex XDR by Palo Alto Networks Competitors

Darktrace vs Rapid7 InsightIDR

Compared 10% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 9% of the time

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 8% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 5% of the time

Google Chronicle Suite vs Rapid7 InsightIDR

Compared 3% of the time

More Rapid7 InsightIDR Competitors

Product Reports

Buyer's Guide

Cortex XDR by Palo Alto Networks

March 2025

Download Cortex XDR by Palo Alto Networks product report

Buyer's Guide

Rapid7 InsightIDR

March 2025

Download Rapid7 InsightIDR product report

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps

InsightIDR

Overview

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?

Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
AI Analytics: Utilizes AI for accurate threat detection and response.
Real-Time Protection: Provides immediate defense against threats.
Policy Management: Allows customization of security policies across endpoints.
USB Control: Regulates USB device access for added security.
Incident Correlation: Connects and analyzes various security events for better response.
Firewall Integration: Seamlessly works with firewalls for enhanced security.
Machine Learning Capabilities: Continuously improves threat detection precision.

What benefits should be considered in reviews?

Low Resource Consumption: Efficient security functions without taxing system resources.
Multi-Layered Protection: Comprehensive security across multiple attack vectors.
User-Friendly Interface: Intuitive design for easier management.
Enhanced Threat Management: Identifies and mitigates threats effectively.
Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Palo Alto Networks

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

Sample Customers

CBI Health Group, University Honda, VakifBank

Liberty Wines, Pioneer Telephone, Visier

Buyer's Guide

Cortex XDR by Palo Alto Networks vs. Rapid7 InsightIDR

February 2025

Free Report: Cortex XDR by Palo Alto Networks vs. Rapid7 InsightIDR

Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Rapid7 InsightIDR and other solutions. Updated: February 2025.

DOWNLOAD NOW

845,040 professionals have used our research since 2012.

See our Cortex XDR by Palo Alto Networks vs. Rapid7 InsightIDR report.

See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.