We performed a comparison between Darktrace and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."I like its investigation capabilities, as that is what is most important to me. It is fairly simple with a user-friendly interface."
"The most valuable feature is protection against malicious links, fishing, and impersonation. You can train people to be aware of these threats, but they're not always careful. When they're using their phones between meetings, they click on a link, and it's game over."
"There are several features that I consider valuable."
"The two main features that prove most beneficial for us are URL scanning and attachment scanning."
"The email protection is excellent, especially in terms of anti-phishing policies."
"Does a thorough job of examining email and URLs for malicious content."
"Microsoft Defender for Office 365 is a stable solution."
"I would say that 90% of the spam and phishing attack emails get blocked right off the bat."
"Darktrace's most valuable features are that it understands the network environment and is able to trace the traffic and alert on anomalies."
"Its most valuable feature is its ability to identify malicious connected IPs from outside and the attacks that get through to the inside."
"The most valuable feature of Darktrace is the AI that detects abnormal network activity."
"I am impressed with the product's ability to give insights into network traffic."
"Ability to see events and exactly what traffic or website the device had tried to connect to that raised the alert or issue."
"The most valuable feature of this solution is that it does not require human intervention to eliminate a threat."
"The most valuable feature is that it gives us visibility of rogue traffic that is on the network."
"We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them."
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"I like the tool's user analysis feature."
"The web interface is great — very useful and user-friendly."
"The UI is very good."
"Great coverage of all systems within our network from endpoint to firewall."
"It improved my organization by building a security alerting program."
"InsightIDR helps us investigate an environment to discover information about incidents."
"Very intuitive and easy to set up."
"They have moved features from one console to another. Things have been moved around in the interface and it takes me time to find where certain features are."
"The XDR dashboard has room for improvement."
"Microsoft Defender for Office 365 should be more proactive."
"The custom alerts have to improve a lot."
"The pre-sales cost calculations could be more transparent."
"We need to be able to whitelist data at the backend."
"I'd like some additional features any product can give me to protect our environment in a better way."
"The UI needs to be more user-friendly."
"Darktrace needs to automate the reports of false positives, botnets and everything."
"The user interface and the configuration are a bit complex and should be improved or simplified."
"I'd love them to see maybe covering the cloud a bit more."
"This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious."
"They just need to make it a little bit more accurate as far as their alerts are concerned. It does generate some false positives that you have to tune. You have to do a lot of tuning when you first get it because of the false positives, but once it is all tuned up and ready to go, it will do its thing from there."
"There is a high ratio of false positive information."
"I did not use the AI features because they should make it more user-friendly which would be a benefit. Additionally, the solution could integrate with more SIEM or SOAR tools."
"The initial setup is more complex and time-consuming than some solutions."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"Lacks a mobile application."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"The ability to tune the collector for custom logs would greatly help."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Darktrace is ranked 12th in Email Security with 66 reviews while Rapid7 InsightIDR is ranked 9th in Security Information and Event Management (SIEM) with 30 reviews. Darktrace is rated 8.2, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Trend Micro Deep Discovery, whereas Rapid7 InsightIDR is most compared with Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM, IBM Security QRadar and CrowdStrike Falcon.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.