Try our new research platform with insights from 80,000+ expert users

Microsoft Defender XDR vs Rapid7 InsightIDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024
 

Categories and Ranking

Microsoft Defender XDR
Ranking in Endpoint Detection and Response (EDR)
5th
Ranking in Extended Detection and Response (XDR)
5th
Average Rating
8.4
Number of Reviews
89
Ranking in other categories
Microsoft Security Suite (2nd)
Rapid7 InsightIDR
Ranking in Endpoint Detection and Response (EDR)
20th
Ranking in Extended Detection and Response (XDR)
15th
Average Rating
8.4
Number of Reviews
31
Ranking in other categories
Security Information and Event Management (SIEM) (9th), User Entity Behavior Analytics (UEBA) (3rd), Threat Deception Platforms (5th)
 

Featured Reviews

Desray Liu - PeerSpot reviewer
Nov 28, 2023
A time-saving and easy-to-integrate product that needs to offer a control center to users
As a part of Microsoft's attempt to reduce costs, there has been a direct cut down of the local technical support team. Sometimes, you have to use the technical support offered by Microsoft from other countries, but at times, we speak different languages, just like how people speak in Chinese or Mandarin, but there are still some differences between them. The front-line support from Microsoft has only limited technical abilities or access to their internal system. Sometimes, my company cannot even escalate an issue to Microsoft's senior team members. The support team of Microsoft is nice as they attempt to solve the problems together with you, but I believe that due to some cost-related issues, they don't have enough permissions. Sometimes, users might feel blocked when trying to connect with the support team. I rate the technical support a seven out of ten.
JensWolf - PeerSpot reviewer
Sep 28, 2023
A solution that offers easy setup and deployment phases, along with great scalability and stability
I use Rapid7 InsightIDR to collect logs and information from throughout our company's entire IT environment The most valuable feature of the solution is the single pane of glass that allows me to see all the information in one spot. I can see at one spot to see all the information from all the…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"Microsoft 365 Defender is a good solution and easy to use."
"The integration, visibility, vulnerability management, and device identification are valuable."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"Defender XDR enables you to scan a system remotely and get a complete inventory of its assets. You can gather more information from the asset inventory and apply threat intelligence using Office 365 or something."
"The alerting to drive investigations and remediation has been its most valuable feature.​"
"The solution provides satisfying native integration features"
"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."
"InsightIDR helps us investigate an environment to discover information about incidents."
"Great coverage of all systems within our network from endpoint to firewall."
"It is a very stable solution."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
 

Cons

"The management and automation of the cloud apps have room for improvement."
"Just like in any solution, the price can always be cheaper."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"Advanced attacks could use an improvement."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"The dashboard is an area that could be simplified."
"The APIs can be further improved in Rapid7."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"The main problem lies in the processes within the client's operating systems."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
 

Pricing and Cost Advice

"Microsoft Defender XDR is included in our license."
"They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."
"Microsoft Defender XDR is priced high."
"While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment."
"The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
"On average, we pay around 55 euros per user for the services and features we receive."
"I believe that the pricing of the licensing is fair."
"Microsoft Defender XDR's licensing is complicated."
"It is a reasonably priced solution."
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
"The solution has a mid-range price point in the market"
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"Rapid7 InsightIDR's pricing is reasonable."
"The pricing is good, and it is not very expensive."
"It is more reasonably priced than other vendors."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
8%
Manufacturing Company
8%
Computer Software Company
16%
Financial Services Firm
8%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.
What needs improvement with Microsoft 365 Defender?
The solution could enhance the threat Intelligence feature by making it more relevant to specific industries. Much of the threat intelligence information isn't directly applicable to our environmen...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
 

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
InsightIDR
 

Learn More

 

Overview

 

Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about Microsoft Defender XDR vs. Rapid7 InsightIDR and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.