Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightIDR vs VMware Carbon Black Cloud comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Rapid7 InsightIDR
Ranking in Endpoint Detection and Response (EDR)
20th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (9th), User Entity Behavior Analytics (UEBA) (2nd), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (15th)
VMware Carbon Black Cloud
Ranking in Endpoint Detection and Response (EDR)
47th
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
18
Ranking in other categories
Security Incident Response (6th)
 

Mindshare comparison

As of March 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Rapid7 InsightIDR is 1.1%, up from 0.6% compared to the previous year. The mindshare of VMware Carbon Black Cloud is 0.2%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.
Tom Kar - PeerSpot reviewer
Shows promise for endpoint detection and response, with room for improvement in complexity and pricing
VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network. When a machine is quarantined, it cannot communicate with any other machines on the network except for the Carbon Black Cloud server. This allows you to investigate the machine without the risk of malware escaping to the network. Carbon Black Cloud's server can communicate with the quarantined machine through DNS and VSCP. This allows you to collect data from the machine, such as system logs, process activity, and registry changes. This data can be used to investigate the infection and determine the next steps. CrowdStrike and Cybereason are also popular EDR solutions. They offer similar features to VMware Carbon Black Cloud but may have different strengths and weaknesses. It is important to evaluate all of your options before choosing an EDR solution. Additionally, it is complex to use, and the pricing should be improved.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is a very stable solution."
"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."
"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"Great coverage of all systems within our network from endpoint to firewall."
"​​User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
"I rate Rapid7 nine out of 10 for affordability"
"The solution does very well as a baseline EDR and provides good process-level management."
"The detection response and quarantining are very good features."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."
"The most valuable feature of VMware Carbon Black Cloud is the possibility of securing any PC worldwide."
"For setup, the server can be given to you as a VM image and with minimal configuration needed."
"They're highly stable in comparison with other solutions I have."
"Carbon Black insures the probability that any ransomware will be stopped before spreading."
 

Cons

"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"Lacks a mobile application."
"There is a future in AI with Rapid7, however, it is not fully operated. There are certain limitations with Rapid7 that I am working on."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
"I feel it would greatly benefit from more supported log sources."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
"Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty."
"We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."
"The solution can only handle about 500 bans or blocks."
"The dashboard should be more user-friendly."
"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."
"It's not simple."
 

Pricing and Cost Advice

"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
"It is a reasonably priced solution."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"The pricing is good, and it is not very expensive."
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"VMware Carbon Black Cloud is an expensive solution."
"Pricing for this solution could be made lower."
"The solution is very inexpensive so there is great cost savings to using it."
"You need to pay for the licensing of the product. The pricing is costly."
"We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break the bank, though adding on the matching antivirus and anti-malware components of the Protect product was more than we could afford, even with some discounting. Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag."
"Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
842,651 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
Computer Software Company
16%
Real Estate/Law Firm
13%
Financial Services Firm
11%
Healthcare Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
What do you like most about Carbon Black CB Response?
Threat hunting is the most valuable feature of VMware Carbon Black Cloud.
 

Also Known As

InsightIDR
Carbon Black CB Response
 

Overview

 

Sample Customers

Liberty Wines, Pioneer Telephone, Visier
ALLETE belk
Find out what your peers are saying about Rapid7 InsightIDR vs. VMware Carbon Black Cloud and other solutions. Updated: March 2025.
842,651 professionals have used our research since 2012.