Senior Technical Service Engineer Expert at a tech vendor with 10,001+ employees
MSP
Top 5
May 29, 2026
There are multiple areas for improvement, especially regarding generative AI-related threats. Secondly, proxy communication happens through agentic AI, making it very difficult to identify whether it is agentic AI, a human, or a hacker. That filtering and identification will need to be improved in Rapid7 MDR. Many products still do not make that effort, but Rapid7 MDR has started to address this; however, this remains a drawback at the moment. We moved our own artificial intelligence product, and our developers and testers are using it, but we still restrict its use to inside our Fujitsu premises. We cannot allow it to go outside because we do not have that level of trust at the moment. It is quite difficult to specify all areas at the moment, but there are multiple features needed. Based on our transformation with a combination of cloud technology and artificial intelligence, we are using co-pilot and multiple AI models will require many enhancements aligned with new technology trends in the market. I cannot articulate or name all of them, but we are still not confident in asking customers to use AI in their environment. They are reluctant at the moment because of security concerns and other myths around AI. There should definitely be a tool that gives us the confidence that whatever AI model we are using is secured through that tool. That tool should assure customers that there is a 90% or 98% guarantee that their code or utilization of AI technology will meet the mark. Currently, customers are not flexible in beginning to utilize AI, especially for financial institutions, research and development institutes, or places where sensitive business operations occur or large customer volumes exist. No one can risk it at the moment. People are using co-pilot, chatbots, or bot services, but they are still not confident in utilizing them without taking risks. No one can claim that they are 100% secure in providing those services. We are expecting that type of confidence from Rapid7 MDR and other technologies playing a role in the market.
I did not use all features, so I am not sure what is already implemented or what would be good to implement. However, I think the best area for improvement is pricing.
Security Analyst at a tech vendor with 10,001+ employees
Real User
Top 20
Mar 26, 2026
I do not feel there is any improvement needed at the moment; all the features, the tools within it, and their functions are satisfactory. Because it is very good, there are always areas to improve, though I cannot point out specific ones at this moment.
My experience with detection and response capabilities for Microsoft-centric environments has been positive. While API integration can be challenging with some third-party tools, Microsoft's built-in features facilitate seamless communication. I have found it relatively easy to triage and integrate Microsoft systems with Rapid7 MDR. In terms of digital forensics and incident response included in the MDR service, my experience is that it is not very robust. We lack a dedicated forensic team, which is essential for thorough investigation. Rapid7 has introduced honeypots, which is an encouraging feature, but it is not a comprehensive solution such as those offered by competitors, such as Palo Alto's Unit 42. Apart from forensics, I believe Rapid7 MDR should introduce more forensic services. Another area to improve is the active platform's handling of on-premises tools versus cloud-based tools. We prefer on-premises options for data security, and we find limitations in features compared to cloud-based tools, concerning data access and privacy controls.
There are areas of Rapid7 MDR that have room for improvement. The market is now changing very quickly towards artificial intelligence, and all the SIEM, EDR, and XDR vendors are moving to apply artificial intelligence in their solutions. Rapid7 MDR is currently weak in AI solutions and intelligence, which is concerning. It is also somewhat delayed compared to many vendors such as CrowdStrike, SentinelOne, or Microsoft, who are heading in such directions.
The product should provide full transparency in security operations. I want to see what's exactly going on on the other side. I want to know what is happening, what my security operations center is doing, and whether they are working for me.
Rapid7 MDR is a leading service offering transparency, integration, incident response, and proactive security. It is designed for efficient SIEM and EDR integration to facilitate threat detection, making it effective for organizations of all sizes.Renowned for robust threat detection, Rapid7 MDR combines transparency, automation, and integration. It provides excellent incident response, vulnerability management, AI-driven log queries, and significant time savings. Despite competitive...
There are multiple areas for improvement, especially regarding generative AI-related threats. Secondly, proxy communication happens through agentic AI, making it very difficult to identify whether it is agentic AI, a human, or a hacker. That filtering and identification will need to be improved in Rapid7 MDR. Many products still do not make that effort, but Rapid7 MDR has started to address this; however, this remains a drawback at the moment. We moved our own artificial intelligence product, and our developers and testers are using it, but we still restrict its use to inside our Fujitsu premises. We cannot allow it to go outside because we do not have that level of trust at the moment. It is quite difficult to specify all areas at the moment, but there are multiple features needed. Based on our transformation with a combination of cloud technology and artificial intelligence, we are using co-pilot and multiple AI models will require many enhancements aligned with new technology trends in the market. I cannot articulate or name all of them, but we are still not confident in asking customers to use AI in their environment. They are reluctant at the moment because of security concerns and other myths around AI. There should definitely be a tool that gives us the confidence that whatever AI model we are using is secured through that tool. That tool should assure customers that there is a 90% or 98% guarantee that their code or utilization of AI technology will meet the mark. Currently, customers are not flexible in beginning to utilize AI, especially for financial institutions, research and development institutes, or places where sensitive business operations occur or large customer volumes exist. No one can risk it at the moment. People are using co-pilot, chatbots, or bot services, but they are still not confident in utilizing them without taking risks. No one can claim that they are 100% secure in providing those services. We are expecting that type of confidence from Rapid7 MDR and other technologies playing a role in the market.
I did not use all features, so I am not sure what is already implemented or what would be good to implement. However, I think the best area for improvement is pricing.
I do not feel there is any improvement needed at the moment; all the features, the tools within it, and their functions are satisfactory. Because it is very good, there are always areas to improve, though I cannot point out specific ones at this moment.
My experience with detection and response capabilities for Microsoft-centric environments has been positive. While API integration can be challenging with some third-party tools, Microsoft's built-in features facilitate seamless communication. I have found it relatively easy to triage and integrate Microsoft systems with Rapid7 MDR. In terms of digital forensics and incident response included in the MDR service, my experience is that it is not very robust. We lack a dedicated forensic team, which is essential for thorough investigation. Rapid7 has introduced honeypots, which is an encouraging feature, but it is not a comprehensive solution such as those offered by competitors, such as Palo Alto's Unit 42. Apart from forensics, I believe Rapid7 MDR should introduce more forensic services. Another area to improve is the active platform's handling of on-premises tools versus cloud-based tools. We prefer on-premises options for data security, and we find limitations in features compared to cloud-based tools, concerning data access and privacy controls.
There are areas of Rapid7 MDR that have room for improvement. The market is now changing very quickly towards artificial intelligence, and all the SIEM, EDR, and XDR vendors are moving to apply artificial intelligence in their solutions. Rapid7 MDR is currently weak in AI solutions and intelligence, which is concerning. It is also somewhat delayed compared to many vendors such as CrowdStrike, SentinelOne, or Microsoft, who are heading in such directions.
There are potential improvements in reports and dashboards.
The product should provide full transparency in security operations. I want to see what's exactly going on on the other side. I want to know what is happening, what my security operations center is doing, and whether they are working for me.