Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightIDR vs VMware Carbon Black Cloud comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Rapid7 InsightIDR
Ranking in Endpoint Detection and Response (EDR)
18th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (9th), User Entity Behavior Analytics (UEBA) (2nd), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (14th)
VMware Carbon Black Cloud
Ranking in Endpoint Detection and Response (EDR)
46th
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
18
Ranking in other categories
Security Incident Response (6th)
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Rapid7 InsightIDR is 1.1%, up from 0.7% compared to the previous year. The mindshare of VMware Carbon Black Cloud is 0.2%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.
Tom Kar - PeerSpot reviewer
Shows promise for endpoint detection and response, with room for improvement in complexity and pricing
VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network. When a machine is quarantined, it cannot communicate with any other machines on the network except for the Carbon Black Cloud server. This allows you to investigate the machine without the risk of malware escaping to the network. Carbon Black Cloud's server can communicate with the quarantined machine through DNS and VSCP. This allows you to collect data from the machine, such as system logs, process activity, and registry changes. This data can be used to investigate the infection and determine the next steps. CrowdStrike and Cybereason are also popular EDR solutions. They offer similar features to VMware Carbon Black Cloud but may have different strengths and weaknesses. It is important to evaluate all of your options before choosing an EDR solution. Additionally, it is complex to use, and the pricing should be improved.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"The solution is very stable and works very well for what I need it to do."
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
"​​User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
"The most valuable feature is its ability to seek out abnormal activity and to create alerts."
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"The most valuable feature of VMware Carbon Black Cloud is the possibility of securing any PC worldwide."
"Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption."
"​The ability to isolate an endpoint with only the host name and a click of a button is a major time saver."
"The most valuable features are the threat-hunting and the batch console."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
 

Cons

"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"The main problem lies in the processes within the client's operating systems."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"There is a future in AI with Rapid7, however, it is not fully operated. There are certain limitations with Rapid7 that I am working on."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"The cloud console has a lot of bugs and issues in the analysis part."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
"The solution can only handle about 500 bans or blocks."
"The threat intelligence feed could use some fine tweaking."
 

Pricing and Cost Advice

"It is a reasonably priced solution."
"The pricing and licensing are competitive."
"It is more reasonably priced than other vendors."
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
"​Accurately predict your licensing counts as this is a subscription based product.​"
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"VMware Carbon Black Cloud is an expensive solution."
"Pricing for this solution could be made lower."
"We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break the bank, though adding on the matching antivirus and anti-malware components of the Protect product was more than we could afford, even with some discounting. Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag."
"Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth."
"The solution is very inexpensive so there is great cost savings to using it."
"You need to pay for the licensing of the product. The pricing is costly."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
Computer Software Company
17%
Financial Services Firm
12%
Real Estate/Law Firm
10%
Healthcare Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
What do you like most about Carbon Black CB Response?
Threat hunting is the most valuable feature of VMware Carbon Black Cloud.
 

Also Known As

InsightIDR
Carbon Black CB Response
 

Overview

 

Sample Customers

Liberty Wines, Pioneer Telephone, Visier
ALLETE belk
Find out what your peers are saying about Rapid7 InsightIDR vs. VMware Carbon Black Cloud and other solutions. Updated: March 2025.
842,767 professionals have used our research since 2012.