Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightIDR vs VMware Carbon Black Cloud comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Rapid7 InsightIDR
Ranking in Endpoint Detection and Response (EDR)
18th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (9th), User Entity Behavior Analytics (UEBA) (2nd), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (14th)
VMware Carbon Black Cloud
Ranking in Endpoint Detection and Response (EDR)
46th
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
18
Ranking in other categories
Security Incident Response (6th)
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Rapid7 InsightIDR is 1.1%, up from 0.7% compared to the previous year. The mindshare of VMware Carbon Black Cloud is 0.2%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.
Tom Kar - PeerSpot reviewer
Shows promise for endpoint detection and response, with room for improvement in complexity and pricing
VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network. When a machine is quarantined, it cannot communicate with any other machines on the network except for the Carbon Black Cloud server. This allows you to investigate the machine without the risk of malware escaping to the network. Carbon Black Cloud's server can communicate with the quarantined machine through DNS and VSCP. This allows you to collect data from the machine, such as system logs, process activity, and registry changes. This data can be used to investigate the infection and determine the next steps. CrowdStrike and Cybereason are also popular EDR solutions. They offer similar features to VMware Carbon Black Cloud but may have different strengths and weaknesses. It is important to evaluate all of your options before choosing an EDR solution. Additionally, it is complex to use, and the pricing should be improved.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"The UI is very good."
"I definitely recommend Rapid7 InsightIDR."
"InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
"​​User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
"The solution is very scalable in terms of the licensing model."
"The most valuable features are the threat-hunting and the batch console."
"The most valuable features are its lightweight design, ensuring minimal impact on end-users, and its real-time protection."
"The detection response and quarantining are very good features."
"Carbon Black insures the probability that any ransomware will be stopped before spreading."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
"The solution does very well as a baseline EDR and provides good process-level management."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"Integration and scalability are the most valuable."
 

Cons

"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"Inability to get access to compliance reports within the solution."
"Lacks a mobile application."
"I feel it would greatly benefit from more supported log sources."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"The APIs can be further improved in Rapid7."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"The cloud console has a lot of bugs and issues in the analysis part."
"The threat intelligence feed could use some fine tweaking."
"The dashboard should be more user-friendly."
"The solution can only handle about 500 bans or blocks."
"Training and education for both partner and customer, including product marketing need to be improved."
 

Pricing and Cost Advice

"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"It is a reasonably priced solution."
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"The pricing is good, and it is not very expensive."
"Rapid7 InsightIDR's pricing is reasonable."
"The solution has a mid-range price point in the market"
"We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break the bank, though adding on the matching antivirus and anti-malware components of the Protect product was more than we could afford, even with some discounting. Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag."
"You need to pay for the licensing of the product. The pricing is costly."
"Pricing for this solution could be made lower."
"Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth."
"VMware Carbon Black Cloud is an expensive solution."
"The solution is very inexpensive so there is great cost savings to using it."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
Computer Software Company
17%
Financial Services Firm
12%
Real Estate/Law Firm
10%
Healthcare Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
What do you like most about Carbon Black CB Response?
Threat hunting is the most valuable feature of VMware Carbon Black Cloud.
 

Also Known As

InsightIDR
Carbon Black CB Response
 

Overview

 

Sample Customers

Liberty Wines, Pioneer Telephone, Visier
ALLETE belk
Find out what your peers are saying about Rapid7 InsightIDR vs. VMware Carbon Black Cloud and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.