We performed a comparison between CrowdStrike Falcon and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"The product is very easy to use."
"Microsoft Defender XDR is scalable."
"The integration with other Microsoft solutions is the most valuable feature."
"Microsoft 365 Defender is a stable solution."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"The comprehensiveness of Microsoft's threat detection is good."
"The most valuable feature is the indicator of compromise, which show you what file was either quarantined or removed."
"The initial setup is a very fast process."
"The most valuable feature is that we don't need to re-image machines as much as we had to."
"It seems to do a pretty good job of protecting the host. It offers good insights that it gives you when it has a detection. It's pretty incredible."
"It's given me a level of confidence that my network is secure."
"Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue."
"I like the overall reports of this solution. They are crisp, and to the point."
"It has definitely minimized resources. When everything was on-prem, there was a lot more work maintaining it. One of the big value tickets: I don't have lists of hundreds of exceptions for certain applications that I have to maintain, add, delete, and move. The very nature of the product has lessened my workload considerably."
"Great coverage of all systems within our network from endpoint to firewall."
"I like that it's a cloud-based solution."
"It is a very stable solution."
"The solution's initial setup is easy."
"InsightIDR helps us investigate an environment to discover information about incidents."
"Rapid7's reporting is more robust than Tenable's."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"The solution is easy to use, and the interface is intuitive."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"There could be a way to proactively monitor unusual activity ."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"The tool gives inconsistent answers and crashes a lot."
"Defender XDR could provide recommendations for threat-hunting queries. Some people do not know how to write an advanced threat query, so we need to spend time training them."
"Unfortunately, native applications are not supported."
"As the company has grown, the technical support has felt less personal."
"On the firewall management side, there should be more granularity. There should also be more granularity for device control. Everything else is brilliant."
"It does take more time to scan than other solutions."
"It would be nice if the dashboard had some more information upfront, and looked a little better."
"An improvement would be to extend support to legacy and unsupported servers."
"The Integration with tools, SOC tools, could be better."
"If CrowdStrike can further expand its support for XDR compatibility, that would give it an edge over all the other competing new products."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"The ability to tune the collector for custom logs would greatly help."
"I feel it would greatly benefit from more supported log sources."
"Lacks a mobile application."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"Inability to get access to compliance reports within the solution."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"The dashboard is an area that could be simplified."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Rapid7 InsightIDR is ranked 21st in Endpoint Detection and Response (EDR) with 30 reviews. CrowdStrike Falcon is rated 8.8, while Rapid7 InsightIDR is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and Fortinet FortiEDR, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and Fortinet FortiSIEM. See our CrowdStrike Falcon vs. Rapid7 InsightIDR report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
