We performed a comparison between CrowdStrike Falcon and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"The product is very easy to use."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"CrowdStrike Falcon's scalability is good. We have thousands of students using this solution."
"I like the vulnerability assessment and proactive hunting features of CrowdStrike Falcon."
"The EDR and XDR features have been most valuable."
"As long as the machine is connected to the Internet, and CrowdStrike is running, then it will be on and we will have visibility; no VPNing in or making some type of network connection. CrowdStrike always there and running in the background; for us, that is big. We wanted something that could give us data as long as the machines connected to the Internet and be almost invisible to the employees."
"I like the Overwatch feature the most."
"The most valuable features of Crowdstrike Falcon XDR are Spotlight and Discovery, they are helpful. Additionally, the console is user-friendly, with fewer false positives than other solutions."
"The anomaly detection is the most valuable feature."
"The most valuable feature is the indicator of compromise, which show you what file was either quarantined or removed."
"It improved my organization by building a security alerting program."
"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"Rapid7's reporting is more robust than Tenable's."
"Features for user behavior analytics and the rules for attack review are good."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"Very intuitive and easy to set up."
"I like that it's a cloud-based solution."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"Sometimes, configurations take much longer than expected."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"The management and automation of the cloud apps have room for improvement."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"Falcon could include more integrative features."
"It does take more time to scan than other solutions."
"Whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing."
"In a future release, I would like to see more integrations for data breaches and security features."
"CrowdStrike Falcon could improve the logs by making them free to the API."
"If we have a dashboard capability to uninstall agents, I think that would be great."
"CrowdStrike costs a little more than its competitors."
"I would like to see a little bit more in the offline scanning ability. This just comes from my background in what I have done in other positions. They only scan on demand, so I always have this fear that we sometimes maybe email out a dormant virus and can be held liable for that. That is something where I would like to see a little bit more robustness to the tool."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"Needs a better ability to customize the check within the console."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"The main problem lies in the processes within the client's operating systems."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"The APIs can be further improved in Rapid7."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 106 reviews while Rapid7 InsightIDR is ranked 21st in Endpoint Detection and Response (EDR) with 29 reviews. CrowdStrike Falcon is rated 8.8, while Rapid7 InsightIDR is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and SentinelOne Singularity Complete, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and Vectra AI. See our CrowdStrike Falcon vs. Rapid7 InsightIDR report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
