Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs Rapid7 InsightIDR comparison

Palo Alto Networks and Rapid7 are both solutions in the Extended Detection and Response (XDR) category. Palo Alto Networks is ranked #7 with an average rating of 8.6, while Rapid7 is ranked #15 with an average rating of 8.2. Palo Alto Networks holds a 5.6% mindshare in XDR, compared to Rapid7’s 2.7% mindshare. Additionally, 95% of Palo Alto Networks users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.
Cortex XDR by Palo Alto Net...
Read 90 Cortex XDR by Palo Alto Networks reviews
  • 7,412 Views
  • 4,610 Comparison Views
95% willing to recommend
Rapid7 InsightIDR
Read 32 Rapid7 InsightIDR reviews
  • 2,802 Views
  • 1,767 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

Cortex XDR and Rapid7 InsightIDR compete in the threat detection and response category. Rapid7 InsightIDR has an edge due to its advanced analytics features, providing detailed threat insights, although it comes at a higher cost.

Features: Cortex XDR offers comprehensive integration, easy threat detection across multiple environments, and unified threat management. Rapid7 InsightIDR delivers strong log management, enriched alerting capabilities, and robust analytical features for deeper threat context.

Room for Improvement: Cortex XDR could benefit from enhanced threat intelligence updates, faster real-time responses, and greater customization flexibility. Rapid7 InsightIDR needs simpler customization options, improved user interface for non-technical users, and streamlined setup processes.

Ease of Deployment and Customer Service: Cortex XDR is known for straightforward deployment and responsive customer service. Rapid7 InsightIDR offers a fast deployment process, with noted initial challenges that could be alleviated with better customer training, but maintains efficiency.

Pricing and ROI: Cortex XDR is competitive in pricing with solid ROI due to its comprehensive protection features. Rapid7 InsightIDR is more costly but offers high-value returns from superior threat identification, catering to enterprises prioritizing advanced features over budget.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cortex XDR by Palo Alto Networks vs. Rapid7 InsightIDR Report (Updated: April 2025).
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. Rapid7 InsightIDR
April 2025
Download the complete report
Helped 850,671 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Extended Detection and Response (XDR)
7th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
90
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Ransomware Protection (1st), AI-Powered Cybersecurity Platforms (4th)
Rapid7 InsightIDR
Ranking in Extended Detection and Response (XDR)
15th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (13th), User Entity Behavior Analytics (UEBA) (3rd), Endpoint Detection and Response (EDR) (24th), Threat Deception Platforms (5th)
 

Mindshare comparison

As of May 2025, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 5.6%, down from 6.5% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.7%, up from 2.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Mohammad Qaw - PeerSpot reviewer
Perfect correlation and XDR capabilities for network traffic plus endpoint security
The solution should force customers to integrate with network traffic to see the full benefits of XDR. If you are not integrating it or feeding in your network traffic, then you are just buying a normal antivirus which doesn't make any sense. You are paying double the price to use the antivirus feature or to say you have XDR, but in reality you are not using it. The solution should include an on-premises option because some customers want only on-premises. It would be hard, but good to do if possible. Open XDR would be beneficial in the future. Right now, the solution is Closed XDR so cannot communicate with the few new vendors in the Open XDR market.
Read full review
Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices."
"It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application."
"Cortex covers everything I need. It's a perfect solution. Cortex provides a different level of visibility because it's an extended EDR, allowing you to grab logs from the network and firewalls. Palo Alto invented the concept of the extended EDR or XDR."
"We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."
"The product's most valuable features are massive user and feature intelligence exploit detection."
"The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly. The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that."
"The product's initial setup phase is very easy."
"Its interface and pricing are most valuable. It is better than other vendors in terms of security."
More Cortex XDR by Palo Alto Networks pros
"I like that it's a cloud-based solution."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"The UI is very good."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"Great coverage of all systems within our network from endpoint to firewall."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
More Rapid7 InsightIDR pros
 

Cons

"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."
"They've been having some issues with updating their endpoint agents, and it has been quite frustrating."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"I recommend adding a data loss prevention (DLP) solution to Cortex XDR by Palo Alto Networks. The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products."
"Technology evolves every day, so it would be nice if it gets more secure. It can also have more integration with other platforms."
"The price could be a little lower."
"Product might have some bugs."
"It would be good to have a better way to search for a file within the UI."
More Cortex XDR by Palo Alto Networks cons
"The APIs can be further improved in Rapid7."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"They should add more configuration and security features to it."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"The product allows us to make only 30 custom rules."
More Rapid7 InsightIDR cons
 

Pricing and Cost Advice

"The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."
"The solution is expensive. It's pricing is on a yearly-basis."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month."
"It has reasonable pricing for the use cases it provides to the company."
More Cortex XDR by Palo Alto Networks pricing and cost advice
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"Rapid7 InsightIDR is priced very well and is cost-effective."
"The solution has a mid-range price point in the market"
"It is a reasonably priced solution."
More Rapid7 InsightIDR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
See recommendations
850,671 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
9%
Manufacturing Company
7%
Government
7%
Computer Software Company
16%
Financial Services Firm
9%
Manufacturing Company
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
See all answers
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
See all answers
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightIDR?
The product pricing is very cheap.
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 11% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 7% of the time
Darktrace vs Cortex XDR by Palo Alto Networks Logo
Darktrace vs Cortex XDR by Palo Alto Networks
Compared 5% of the time
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Compared 5% of the time
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
More Cortex XDR by Palo Alto Networks Competitors
Darktrace vs Rapid7 InsightIDR Logo
Darktrace vs Rapid7 InsightIDR
Compared 10% of the time
Microsoft Sentinel vs Rapid7 InsightIDR Logo
Microsoft Sentinel vs Rapid7 InsightIDR
Compared 9% of the time
Rapid7 InsightVM vs Rapid7 InsightIDR Logo
Rapid7 InsightVM vs Rapid7 InsightIDR
Compared 8% of the time
CrowdStrike Falcon vs Rapid7 InsightIDR Logo
CrowdStrike Falcon vs Rapid7 InsightIDR
Compared 5% of the time
Microsoft Defender for Endpoint vs Rapid7 InsightIDR Logo
Microsoft Defender for Endpoint vs Rapid7 InsightIDR
Compared 3% of the time
More Rapid7 InsightIDR Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
May 2025
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Rapid7 InsightIDR
April 2025
Rapid7 InsightIDR reportDownload Rapid7 InsightIDR product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
InsightIDR
 

Overview

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?
  • Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
  • AI Analytics: Utilizes AI for accurate threat detection and response.
  • Real-Time Protection: Provides immediate defense against threats.
  • Policy Management: Allows customization of security policies across endpoints.
  • USB Control: Regulates USB device access for added security.
  • Incident Correlation: Connects and analyzes various security events for better response.
  • Firewall Integration: Seamlessly works with firewalls for enhanced security.
  • Machine Learning Capabilities: Continuously improves threat detection precision.
What benefits should be considered in reviews?
  • Low Resource Consumption: Efficient security functions without taxing system resources.
  • Multi-Layered Protection: Comprehensive security across multiple attack vectors.
  • User-Friendly Interface: Intuitive design for easier management.
  • Enhanced Threat Management: Identifies and mitigates threats effectively.
  • Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Palo Alto Networks

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7
 

Sample Customers

CBI Health Group, University Honda, VakifBank
Liberty Wines, Pioneer Telephone, Visier
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. Rapid7 InsightIDR
April 2025
Free Report: Cortex XDR by Palo Alto Networks vs. Rapid7 InsightIDR
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Rapid7 InsightIDR and other solutions. Updated: April 2025.
DOWNLOAD NOW
850,671 professionals have used our research since 2012.
See our Cortex XDR by Palo Alto Networks vs. Rapid7 InsightIDR report.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.