Cybereason Endpoint Detection & Response vs Rapid7 InsightIDR comparison

Cybereason and Rapid7 are both solutions in the Endpoint Detection and Response (EDR) category. Cybereason is ranked #26 with an average rating of 8.2, while Rapid7 is ranked #21 with an average rating of 8.1. Cybereason holds a 1.1% mindshare in EDR, compared to Rapid7’s 1.0% mindshare. Additionally, 89% of Cybereason users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.

Cybereason Endpoint Detecti...

Read 21 Cybereason Endpoint Detection & Response reviews

3,210 Views
1,790 Comparison Views

89% willing to recommend

Rapid7 InsightIDR

Read 32 Rapid7 InsightIDR reviews

2,034 Views
1,194 Comparison Views

95% willing to recommend

Cybereason Endpoint Detecti...

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Cybereason Endpoint Detection & Response and Rapid7 InsightIDR compete in the cybersecurity field. Cybereason appears to have the upper hand in advanced threat hunting and real-time response capabilities, while Rapid7 is preferred for strong incident detection and investigation features.

Features: Cybereason offers advanced threat hunting, real-time response, and automated response functionalities. Rapid7 InsightIDR provides incident detection, investigation capabilities, and integration with various third-party tools.

Room for Improvement: Cybereason could improve integration with other security tools, enhance reporting capabilities, and streamline user interfaces. Rapid7 needs better alert accuracy, reduced false positives, and refined alerting mechanisms.

Ease of Deployment and Customer Service: Cybereason has a straightforward deployment process and responsive customer service. Rapid7 InsightIDR is easy to deploy with a supportive and knowledgeable customer service team.

Pricing and ROI: Cybereason has higher setup costs leading to mixed opinions on ROI. Rapid7 InsightIDR offers competitive pricing and users report favorable ROI due to its comprehensive feature set.

To learn more, read our detailed Cybereason Endpoint Detection & Response vs. Rapid7 InsightIDR Report (Updated: January 2025).

Buyer's Guide

Cybereason Endpoint Detection & Response vs. Rapid7 InsightIDR

January 2025

Download the complete report

Helped 838,713 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cybereason Endpoint Detecti...

Ranking in Endpoint Detection and Response (EDR)

26th

Average Rating

8.0

Reviews Sentiment

7.9

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (32nd)

Rapid7 InsightIDR

Ranking in Endpoint Detection and Response (EDR)

21st

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (9th), User Entity Behavior Analytics (UEBA) (3rd), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (15th)

Mindshare comparison

As of February 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Cybereason Endpoint Detection & Response is 1.1%, down from 1.3% compared to the previous year. The mindshare of Rapid7 InsightIDR is 1.0%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR)

Featured Reviews

Chad Kliewer

Information Security Officer at PTCI

We can make more informed decisions on whether an action is malicious

The ease of use and dashboards are improving. We came in at a time when they were developing a new dashboard screen. Therefore, we have had some confusing times between the old and new dashboards. Knowing how the new one works, I have seen vast improvements with it. While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper. They are improving on this because I have seen some improvements in the user interface that helps with this. Part of it was moving two different screens into one, merging the two together. It is very good, but it is very technically detailed and would be harder for an entry-level person to decipher. However, improvements are being made. It leverages indicators of behavior to help us remediate faster against attacks. Sometimes, I wish there was more detail on why they consider it malicious.

Read full review

Asim Naeem

Principal IT Security & Compliance at IBEX Holdings Ltd

Providing comprehensive insight into alerts while working towards AI enhancement

I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."

"What I find most valuable is the clarity of the platform."

"The solution is efficient."

"Immediately we can pick up the computers in the network if any malicious operation that is triggered."

"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."

"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."

"The initial setup is not overly complicated."

"The initial setup process is straightforward."

More Cybereason Endpoint Detection & Response pros

"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."

"Features for user behavior analytics and the rules for attack review are good."

"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."

"The UI is very good."

"User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."

"Log search allows us to dive deep into aggregated logs and query all event types at once."

"The web interface is great — very useful and user-friendly."

"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."

More Rapid7 InsightIDR pros

Cons

"I would like to see improvements on the operational side, specifically in grouping."

"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."

"There is room for improvement in the product features related to device control, particularly USB management."

"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."

"The network coverage becomes an issue most of the time."

"I feel that the product lacks reporting features and needs improvement."

"The reporting feature needs improvement."

"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."

More Cybereason Endpoint Detection & Response cons

"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."

"The searching feature in Rapid7 InsightIDR needs to evolve"

"The APIs can be further improved in Rapid7."

"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."

"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."

"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."

"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."

"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."

More Rapid7 InsightIDR cons

Pricing and Cost Advice

"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."

"In terms of pricing, it's a good solution."

"In terms of cost, this is a good choice for our needs."

"This product is somewhat expensive and should be cheaper."

"I do not have experience with the licensing of the product."

"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."

"I had to go through a third-party to purchase it, which I wasn't really pleased about."

"The pricing is manageable."

More Cybereason Endpoint Detection & Response pricing and cost advice

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."

"Rapid7 InsightIDR is priced very well and is cost-effective."

"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."

"Accurately predict your licensing counts as this is a subscription based product."

"It is more reasonably priced than other vendors."

"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."

"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."

More Rapid7 InsightIDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

838,713 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

18%

Financial Services Firm

Manufacturing Company

Government

Computer Software Company

16%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?

Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...

See all answers

What is your primary use case for Cybereason Endpoint Detection & Response?

We use it to improve detection in the whole industrial sector. We are a big energy company. Across multiple endpoints, we deploy the EDR to secure all, improve detection, and also attempt to automa...

See all answers

What do you like most about Cybereason Endpoint Detection & Response?

The interface is user-friendly.

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

Comparisons

Darktrace vs Cybereason Endpoint Detection & Response

Compared 26% of the time

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response

Compared 23% of the time

Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response

Compared 10% of the time

SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response

Compared 8% of the time

Kaspersky Endpoint Security for Business vs Cybereason Endpoint Detection & Response

Compared 5% of the time

More Cybereason Endpoint Detection & Response Competitors

Darktrace vs Rapid7 InsightIDR

Compared 12% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 10% of the time

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 8% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 5% of the time

Splunk Enterprise Security vs Rapid7 InsightIDR

Compared 5% of the time

More Rapid7 InsightIDR Competitors

Product Reports

Buyer's Guide

Cybereason Endpoint Detection & Response

February 2025

Cybereason Endpoint Detection & Response report

Download Cybereason Endpoint Detection & Response product report

Buyer's Guide

Rapid7 InsightIDR

February 2025

Download Rapid7 InsightIDR product report

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond

InsightIDR

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital

Liberty Wines, Pioneer Telephone, Visier

Buyer's Guide

Cybereason Endpoint Detection & Response vs. Rapid7 InsightIDR

January 2025

Free Report: Cybereason Endpoint Detection & Response vs. Rapid7 InsightIDR

Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. Rapid7 InsightIDR and other solutions. Updated: January 2025.

DOWNLOAD NOW

838,713 professionals have used our research since 2012.

See our Cybereason Endpoint Detection & Response vs. Rapid7 InsightIDR report.

See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.