• Home
  • Darktrace vs. Rapid7 InsightIDR

Darktrace vs Rapid7 InsightIDR comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Defender for Office 365
Read 41 Microsoft Defender for Office 365 reviews
12,659 views|10,155 comparisons
97% willing to recommend
Darktrace Logo
Darktrace
Read 66 Darktrace reviews
829 views|391 comparisons
93% willing to recommend
Rapid7 Logo
Rapid7 InsightIDR
Read 30 Rapid7 InsightIDR reviews
6,640 views|3,524 comparisons
95% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Email Security
June 2024
Executive Summary

We performed a comparison between Darktrace and Rapid7 InsightIDR based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security.
To learn more, read our detailed Email Security Report (Updated: June 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Gordon McGowan
Improves organizational security without the help of third-party applications
Microsoft Defender for Office 365 has improved my organization's security. It makes it easier to manage the infrastructure without the help of... Read more →
Mebbert Chiyangi
Efficient behaviour analytics features and offers high stability
One thing I appreciate is Antigena Email, which is for email protection.
Anonymous User
Quick to deploy and helpful in detecting and responding to security incidents before there is a big outage
Previously, when something happened, such as when a hacker was attacking one of our customers, we were always behind, or we didn't know that we... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Since we have started using the solution, there have been fewer compromises.""Defender for 365 is a comprehensive cloud-based solution. The value of the cloud is that you aren't alone. Threat intelligence and analytics are shared in the cloud. We don't have to find the solution alone. If you face an unknown threat with traditional solutions like Trend Micro and Symantec, you need to open a case and send your information to them to analyze forensically and identify the source of the attack.""The benefit that stands out to me is the ability for multiple individuals to collaborate simultaneously within the same document. Additionally, there is the option to save the document directly in the integrated OneDrive or SharePoint.""Does a thorough job of examining email and URLs for malicious content.""The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not.""It also gives the vulnerability status according to the versions you have selected. Let's say you have Google Chrome. It mentions the versions it has, and it updates. Within two hours of an update, it is reflected in the dashboard. That's really nice to have.""Microsoft Defender for Office 365 has improved my organization's security. It makes it easier to manage the infrastructure without the help of third-party applications.""The initial setup is straightforward. You just add the license, click it, and then you can set up the rules. It is quite simple."

More Microsoft Defender for Office 365 Pros →

"The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff.""It provides a comprehensive, detailed view of network activity and whatever is happening inside it.""Darktrace is very useful for us because it has a large number of models for detecting threats.""I am impressed with the product's ability to give insights into network traffic.""I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it.""The active threat dashboard is the most valuable feature of this solution.""The Dynamic Threat Dashboard is very nice, as it lists all of your threats and rates them, and then you can choose whether to investigate further.""AI analytics are built directly into the product."

More Darktrace Pros →

"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame.""The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue.""The solution is very scalable in terms of the licensing model.""​​User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day.""The product works well. Stability-wise, I rate the solution a ten out of ten.""Great coverage of all systems within our network from endpoint to firewall.""Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs.""Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."

More Rapid7 InsightIDR Pros →

Cons
"The XDR dashboard has room for improvement.""Microsoft security solutions work as expected. They are constantly updating the solutions to make them better. At the same time, the changes can impact a customer's environment, and we need to adjust settings. Sometimes we aren't aware of the changes, and nothing is pushed from the backend automatically.""In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement.""In one of the reports I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help.""This product's effectiveness could be improved, in terms of detecting unwanted spam or even malware between the emails, compared to other products.""It would be better if it were more scalable. It depends on the architecture, but we would like to make it more scalable for both data centers.""The visibility for the weaknesses in the system and unauthorized access can be improved.""There's room for improvement regarding the time frame for retrieving emails."

More Microsoft Defender for Office 365 Cons →

"It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper.""It is expensive, but everything else has been great so far.""There aren't so many third-party vendor platforms natively integrated with the platform.""The product doesn't have an endpoint agent that can react to triggers set on the device,""Darktrace needs to automate the reports of false positives, botnets and everything.""I'd love them to see maybe covering the cloud a bit more.""The cost is a bit on the higher side.""Its documentation is not up to the mark. At times, I have a lot of trouble finding a solution. Even when I posted questions on the community chats, it took a lot of time for me to get answers. That's something that can be improved. Darktrace can focus on creating a more interactive community. If there are more people from Darktrace to focus on community chats, it would be better."

More Darktrace Cons →

"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already.""Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one.""The solution's XDR agents cannot compete with the XDR solutions out there yet.""Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA).""The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in.""I feel it would greatly benefit from more supported log sources.""The APIs can be further improved in Rapid7.""Cloud risk assessment is one area where I think they need a lot of improvement."

More Rapid7 InsightIDR Cons →

Pricing and Cost Advice
  • "It's a user-base subscription."
  • "From the pricing point of view, like any other product in the market, there is scope for negotiation."
  • "Defender is a little bit more expensive as compared to others. We are in the manufacturing environment. So, we don't have a high budget for all of our endpoint devices. Its cost is a major concern for us."
  • "For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis."
  • "Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution."
  • "Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system."
  • "The solution saves money so we have seen a return on investment."
  • "Defender for 365 comes in various plans and licenses, along with other Microsoft security solutions. Purchasing this kind of package or security bundle gives good value for money, and that's what I recommend."

    • More Microsoft Defender for Office 365 Pricing and Cost Advice →

  • "It is inexpensive considering what it can do and the competition."
  • "The pricing is a little high compared to the competition."
  • "Our customers feel that the price of Darktrace is quite high compared to other solutions."
  • "The pricing is very flexible for Darktrace. Sometimes, a customer does not have the appropriate budget, but Darktrace can handle that. They offer monthly payments, so the customer can acquire the solution very easily."
  • "When it comes to large installations, it can be expensive, but for small accounts it's fine."
  • "It is a very expensive product."
  • "It is expensive. I don't have the price for other competitors."
  • "This solution is expensive."

    • More Darktrace Pricing and Cost Advice →

  • "​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
  • "The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
  • "Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
  • "​Accurately predict your licensing counts as this is a subscription based product.​"
  • "The pricing and licensing are competitive."
  • "Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
  • "It is a reasonably priced solution."
  • "It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."

    • More Rapid7 InsightIDR Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Email Security solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft Defender for Office 365?
    Top Answer:Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various… more »
    Read all 32 answers   →
    What is your experience regarding pricing and costs for Microsoft Defende...
    Top Answer:The tool's pricing is reasonable.
    Read all 26 answers   →
    What needs improvement with Microsoft Defender for Office 365?
    Top Answer:The product must provide better malware detection. The detection algorithms don't perform the way I hope they would.
    Read all 27 answers   →
    How does Crowdstrike Falcon compare with Darktrace?
    Top Answer:Both of these products perform similarly and have many outstanding attributes CrowdStrike Falcon offers an amazing… more »
    Which is better - SentinelOne or Darktrace?
    Top Answer:Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is… more »
    Read all 7 answers   →
    What do you like most about Darktrace?
    Top Answer:A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet… more »
    Read all 44 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is… more »
    Read all 12 answers   →
    What do you like most about Rapid7 InsightIDR?
    Top Answer:During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its… more »
    Read all 20 answers   →
    What is your experience regarding pricing and costs for Rapid7 InsightIDR?
    Top Answer:We chose Rapid7 because of its price. IBM QRadar charges us based on data storage. Rapid7 InsightIDR charges us based on… more »
    Read all 17 answers   →
    Comparisons
    Also Known As
    MS Defender for Office 365
    InsightIDR
    Learn More
    Microsoft
    Darktrace
    Rapid7
    Overview

    Microsoft Defender for Office 365 is a comprehensive security solution designed to protect organizations against advanced threats in their email, collaboration, and productivity environments. It combines the power of Microsoft's threat intelligence, machine learning, and behavioral analytics to provide real-time protection against phishing, malware, ransomware, and other malicious attacks.

    With Microsoft Defender for Office 365, organizations can safeguard their email communication by detecting and blocking malicious links, attachments, and unsafe email content. It employs advanced anti-phishing capabilities to identify and prevent sophisticated phishing attacks that attempt to steal sensitive information or compromise user credentials.

    This solution also offers robust protection against malware and ransomware. It leverages machine learning algorithms to analyze email attachments and URLs in real-time, identifying and blocking malicious content before it reaches users' inboxes. Additionally, it provides advanced threat-hunting capabilities, allowing security teams to proactively investigate and respond to potential threats.

    Microsoft Defender for Office 365 goes beyond email protection and extends its security features to other collaboration tools like SharePoint, OneDrive, and Teams. It scans files and documents stored in these platforms, ensuring that they are free from malware and other malicious content. It also provides visibility into user activities, helping organizations detect and mitigate insider threats.

    Furthermore, this solution offers rich reporting and analytics capabilities, providing organizations with insights into their security posture and threat landscape. It enables security administrators to monitor and manage security incidents, track trends, and take proactive measures to enhance their overall security posture.

    Darktrace is a leading cybersecurity solution that leverages artificial intelligence and machine learning to provide advanced threat detection, response, and risk management capabilities. Many reviewers find Darktrace's AI and machine-learning capabilities to be valuable. They appreciate its ability to detect anomalies and threats that might go unnoticed by traditional security tools. Overall, the general sentiment towards Darktrace from reviewers is positive. Users seem to appreciate its scalability, stability, AI capabilities, visibility, and ease of use.

    Darktrace offers a proactive and intelligent approach to cybersecurity. It utilizes AI algorithms to learn and understand the 'pattern of life' for every user and device within a network. This understanding enables it to detect anomalies that could signify a cyber threat, from subtle insider threats to more obvious ransomware attacks.

    Its adaptability, autonomous response features, and comprehensive network visibility make it a top-tier solution for different sizes of organizations and across many industries. It was named one of TIME magazine’s ‘Most Influential Companies’ in 2021 and protects over 8,800 organizations globally from advanced cyber threats.

    Darktrace Cyber AI Loop

    The Darktrace Cyber AI Loop introduces an advanced artificial intelligence-based system for cybersecurity, designed to build a self-improving defense mechanism. This system functions like a closed loop, where each stage feeds information and insights into the next, amplifying the overall effectiveness of the platform.

    The key components of the loop are:

    • DETECT - An AI engine that monitors your network and endpoints for anomalous activity, constantly learning the normal behavior of your users and devices. It identifies suspicious patterns and potential threats in real-time, even from never-before-seen attacks.
    • PREVENT - This proactive arm analyzes vulnerabilities and identifies weaknesses in your IT infrastructure. It prioritizes patching and configuration changes to harden defenses before attackers can exploit those vulnerabilities.
    • RESPOND - When DETECT identifies a threat, RESPOND takes immediate action to contain and neutralize it. This can involve isolating compromised devices, disrupting attacker activity, and automatically escalating critical incidents to human analysts.
    • HEAL - This newest addition to the loop focuses on post-incident recovery. It automatically restores compromised systems, cleans infected files, and helps to prevent the attack from spreading further.

    Darktrace's AI algorithms can identify threats that traditional security tools might miss. It continuously learns and updates its understanding of what is normal for each environment, ensuring that it can quickly detect and respond to unusual activities that could indicate a breach. Darktrace's Antigena module can autonomously respond to threats in real time. This is particularly crucial in containing fast-moving threats like ransomware, where every second counts. 

      Darktrace's solution provides unparalleled visibility into all parts of the network, including cloud services, IoT devices, and industrial control systems. This comprehensive coverage ensures that no part of the network is left unprotected. However, while the Darktrace Cyber AI Loop offers a robust solution, it is not a complete cure-all and requires careful implementation and integration with existing security frameworks.Darktrace offers a comprehensive and unified approach to cybersecurity. It provides continuous protection against known and unknown threats, regardless of where they emerge. Darktrace's solutions provide visibility into your cloud infrastructure, continuous monitoring of application usage and communication patterns (e.g., identification of suspicious actions like unauthorized data access), comprehensive email security that goes beyond traditional spam and phishing filters, real-time protection for endpoints, and continuous monitoring of network traffic and device activity.

      Darktrace also provides specialized coverage to secure your zero-trust architecture. Identifies compromised identities, unauthorized access attempts, and risky data exfiltration within a least-privilege environment. Finally, it has a dedicated solution for safeguarding industrial control systems and critical infrastructure. Monitors communication patterns, device behavior, and physical access within OT environments, protecting against operational disruptions and cyberattacks.

      Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

      Sample Customers
      Microsoft Defender for Office 365 is trusted by companies such as Ithaca College.
      Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.
      Liberty Wines, Pioneer Telephone, Visier
      Top Industries
      REVIEWERS
      Manufacturing Company17%
      Computer Software Company17%
      Comms Service Provider13%
      Government7%
      VISITORS READING REVIEWS
      Computer Software Company17%
      Financial Services Firm8%
      Manufacturing Company7%
      Government7%
      REVIEWERS
      Financial Services Firm18%
      Computer Software Company12%
      Healthcare Company6%
      Manufacturing Company6%
      VISITORS READING REVIEWS
      Computer Software Company16%
      Financial Services Firm8%
      Government7%
      Manufacturing Company7%
      REVIEWERS
      Comms Service Provider27%
      Computer Software Company20%
      Non Tech Company13%
      Security Firm13%
      VISITORS READING REVIEWS
      Computer Software Company15%
      Manufacturing Company8%
      Financial Services Firm8%
      Government6%
      Company Size
      REVIEWERS
      Small Business45%
      Midsize Enterprise15%
      Large Enterprise40%
      VISITORS READING REVIEWS
      Small Business30%
      Midsize Enterprise19%
      Large Enterprise51%
      REVIEWERS
      Small Business49%
      Midsize Enterprise20%
      Large Enterprise31%
      VISITORS READING REVIEWS
      Small Business30%
      Midsize Enterprise19%
      Large Enterprise51%
      REVIEWERS
      Small Business63%
      Midsize Enterprise20%
      Large Enterprise17%
      VISITORS READING REVIEWS
      Small Business26%
      Midsize Enterprise20%
      Large Enterprise53%
      Buyer's Guide
      Email Security
      June 2024
      Download Free Report
      Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security. Updated: June 2024.
      DOWNLOAD NOW
      772,649 professionals have used our research since 2012.

      Darktrace is ranked 11th in Email Security with 66 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 30 reviews. Darktrace is rated 8.2, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Trend Micro Deep Discovery, whereas Rapid7 InsightIDR is most compared with Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM, IBM Security QRadar and Microsoft Defender for Identity.

      We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.