Microsoft Defender XDR vs Rapid7 InsightIDR comparison

Microsoft and Rapid7 are both solutions in the Endpoint Detection and Response (EDR) category. Microsoft is ranked #5 with an average rating of 8.4, while Rapid7 is ranked #20 with an average rating of 8.1. Additionally, 97% of Microsoft users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.

Microsoft Defender XDR

Read 96 Microsoft Defender XDR reviews

6,183 Views
4,657 Comparison Views

97% willing to recommend

Rapid7 InsightIDR

Read 31 Rapid7 InsightIDR reviews

1,997 Views
1,141 Comparison Views

95% willing to recommend

Microsoft Defender XDR

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Rapid7 InsightIDR and Microsoft Defender XDR are leading security solutions. Users prefer Rapid7 InsightIDR for pricing and support, while Microsoft Defender XDR excels in features.

Features: Users praise Rapid7 InsightIDR for its robust incident detection and response capabilities, user-friendly setup, and automated workflows. Microsoft Defender XDR is highly rated for its comprehensive threat intelligence, integration with other Microsoft products, and advanced analytics.

Room for Improvement: Rapid7 InsightIDR needs better scalability, enhanced reporting, and faster query performance. Microsoft Defender XDR could improve interoperability with non-Microsoft environments, more intuitive alert management, and better integration with third-party tools.

Ease of Deployment and Customer Service: Rapid7 InsightIDR is praised for straightforward deployment and responsive customer support, with quick setup times and helpful resources. Microsoft Defender XDR has mixed reviews on customer service, with some users experiencing slower response times but is also straightforward to deploy.

Pricing and ROI: Users find Rapid7 InsightIDR's pricing competitive with a higher perceived ROI due to effective threat detection and ease of use. Microsoft Defender XDR is seen as more costly but justified by its extensive features and integrations.

To learn more, read our detailed Microsoft Defender XDR vs. Rapid7 InsightIDR Report (Updated: November 2024).

Buyer's Guide

Microsoft Defender XDR vs. Rapid7 InsightIDR

November 2024

Download the complete report

Helped 824,067 peers since 2012

Categories and Ranking

Microsoft Defender XDR

Ranking in Endpoint Detection and Response (EDR)

5th

Ranking in Extended Detection and Response (XDR)

5th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Microsoft Security Suite (2nd)

Rapid7 InsightIDR

Ranking in Endpoint Detection and Response (EDR)

20th

Ranking in Extended Detection and Response (XDR)

15th

Average Rating

8.4

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (9th), User Entity Behavior Analytics (UEBA) (3rd), Threat Deception Platforms (5th)

Featured Reviews

Gabor Nyerd

Enterprise mobility and security evangelist at a financial services firm with 5,001-10,000 employees

Includes four services and four products, which can help organizations a lot

We found that sometimes integrations work, but testing them can take some time. Sometimes, configurations take much longer than expected. We have a configuration in place that needs to be synchronized with another server. However, the servers are four hours apart, so this can cause delays. In general, I believe that the time it takes to configure and test a service should be shorter. Sometimes, it can take a couple of hours to test a single configuration setting. Other times, it is only ten or fifteen minutes, which is normal. However, sometimes, even immediate actions can be triggered by configuration changes, and some settings can take up to eight hours to complete. I believe that this time can be improved. Microsoft is making a lot of improvements to its services in a short period of time. This is a good thing, as it means that the services are constantly being updated and improved. However, it can be challenging for customers to keep up with the changes. For example, a customer may read about an update, understand it, and share it with their colleagues and boss. However, it may take days or weeks to test the update and get the necessary approvals. This can be especially challenging for large customers with many users or machines. In some cases, Microsoft may change a service before the customer has had a chance to implement the previous update. This can be frustrating for customers, as it means that they have to constantly learn new things and adjust their workflows. On the one hand, it is important for Microsoft to keep updating and improving its services. This helps to ensure that the services are meeting the customers' needs and that they are staying ahead of the competition. Microsoft should also be mindful of the challenges that these changes can create for customers. One way to address this challenge is to provide customers with more time to implement changes. Microsoft could also provide more information about upcoming changes so that customers can plan ahead. Ultimately, Microsoft needs to strike a balance between keeping its services up-to-date and providing customers with a smooth transition to new features.

Read full review

Gerard Konan

Founder & CEO at AGILLY

Helps in the management of compliance, secret events and information

One of our customers had a Huawei firewall and we required help to do the configuration. However, the installation was easy with other standard vendors like Cisco and Check Point. The product's deployment got completed in four to five days and we required three people to handle it. One person was in charge of the portal's initial set up and the other one handled the integration of on-premises devices. The third one took care of Office 365 integration.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."

"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."

"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."

"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."

"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."

"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."

"The unified view of the threat landscape on a central dashboard is the most valuable feature."

"The most valuable aspect is undoubtedly the exploration capability"

More Microsoft Defender XDR pros

"I like the tool's user analysis feature."

"Very intuitive and easy to set up."

"It improved my organization by building a security alerting program."

"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."

"The solution is very scalable in terms of the licensing model."

"I like that it's a cloud-based solution."

"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."

"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."

More Rapid7 InsightIDR pros

Cons

"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."

"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."

"The web filtering solution needs to be improved because currently, it is very simple."

"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."

"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."

"Stability could be improved by avoiding frequent changes to the interface."

"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."

"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."

More Microsoft Defender XDR cons

"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."

"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."

"The dashboard is an area that could be simplified."

"The main problem lies in the processes within the client's operating systems."

"The product allows us to make only 30 custom rules."

"I feel it would greatly benefit from more supported log sources."

"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."

"Lacks a mobile application."

More Rapid7 InsightIDR cons

Pricing and Cost Advice

"We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."

"While the standalone price of Defender XDR might seem high, its value becomes clear when considering the ease of implementation and smooth integration with our existing Microsoft infrastructure, especially when bundled with other Microsoft products."

"Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."

"Purchasing Microsoft Defender XDR as part of a Microsoft 365 bundle can be cost-effective, but acquiring it as a standalone product may be more expensive."

"With the little idea I have about the costs, I can say that XDR tools tend to be a bit expensive. If you are using Microsoft Defender XDR, then you need to go for a subscription-based pricing model."

"The pricing of Microsoft 365 Defender is definitely on the costly side, but with the features and services that Microsoft provides, such as the seamless integration of all the Defender tools, while the price is on the higher side, there is no alternative."

"Sometimes 365 Defender is expensive, but it can be moderate, depending on the organization's size and the license type. We're satisfied with the cost because it gives us a product that protects our entire environment with DLP. To compromise some cost, of course, we are to complete the most secure environment."

"The functionality is fantastic, but for medium and small-sized companies it's overpriced. It would be better if it were a little bit cheaper."

More Microsoft Defender XDR pricing and cost advice

"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."

"The pricing is good, and it is not very expensive."

"Rapid7 InsightIDR's pricing is reasonable."

"The pricing of the solution depends on the user. But there is a yearly licensing cost."

"I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability."

"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help."

"It is more reasonably priced than other vendors."

"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."

More Rapid7 InsightIDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

824,067 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

11%

Government

Manufacturing Company

Computer Software Company

16%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Microsoft 365 Defender?

Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.

See all answers

What is your experience regarding pricing and costs for Microsoft 365 Defender?

The pricing is a little high, however, it is on par with other competitive tools in the market.

See all answers

What needs improvement with Microsoft 365 Defender?

Microsoft could improve on threat hunting and build more on threat detection and handling. The cybersecurity and cloud security posture features are a bit lesser than standard security products.

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

Comparisons

CrowdStrike Falcon vs Microsoft Defender XDR

Compared 35% of the time

Wazuh vs Microsoft Defender XDR

Compared 8% of the time

Microsoft Defender for Cloud vs Microsoft Defender XDR

Compared 8% of the time

Trend Vision One vs Microsoft Defender XDR

Compared 4% of the time

Microsoft Purview Compliance Manager vs Microsoft Defender XDR

Compared 4% of the time

More Microsoft Defender XDR Competitors

Darktrace vs Rapid7 InsightIDR

Compared 12% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 11% of the time

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 8% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 6% of the time

Splunk Enterprise Security vs Rapid7 InsightIDR

Compared 5% of the time

More Rapid7 InsightIDR Competitors

Product Reports

Buyer's Guide

Microsoft Defender XDR

December 2024

Download Microsoft Defender XDR product report

Buyer's Guide

Rapid7 InsightIDR

December 2024

Download Rapid7 InsightIDR product report

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender

InsightIDR

Learn More

Microsoft

Rapid7

Overview

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.

Liberty Wines, Pioneer Telephone, Visier

Buyer's Guide

Microsoft Defender XDR vs. Rapid7 InsightIDR

November 2024

Free Report: Microsoft Defender XDR vs. Rapid7 InsightIDR

Find out what your peers are saying about Microsoft Defender XDR vs. Rapid7 InsightIDR and other solutions. Updated: November 2024.

DOWNLOAD NOW

824,067 professionals have used our research since 2012.

See our Microsoft Defender XDR vs. Rapid7 InsightIDR report.

See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.