We performed a comparison between Darktrace and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance."
"Microsoft Defender for Office 365 helps people to work remotely. It is a secure solution. We don't need to use our company's computers or get VPN connections to the networks. I can control how they share screens and what they send to the devices. It keeps our organizations confidential and sensitive information safe."
"The email protection is excellent, especially in terms of anti-phishing policies."
"Threat Explorer is one of the features that I very much like because it is a real-time report that allows you to identify, analyze, and trace security attacks."
"At the moment we are satisfied with this product. It's a stable, scalable, and resilient solution for us."
"Defender for 365 is a comprehensive cloud-based solution. The value of the cloud is that you aren't alone. Threat intelligence and analytics are shared in the cloud. We don't have to find the solution alone. If you face an unknown threat with traditional solutions like Trend Micro and Symantec, you need to open a case and send your information to them to analyze forensically and identify the source of the attack."
"Defender is a SaaS platform, so it offers more flexibility. Managing the permissions is easier. The solution's automated detection and response features are scalable."
"It also gives the vulnerability status according to the versions you have selected. Let's say you have Google Chrome. It mentions the versions it has, and it updates. Within two hours of an update, it is reflected in the dashboard. That's really nice to have."
"I find the complete portfolio to be excellent."
"Darktrace is very useful for us because it has a large number of models for detecting threats."
"I am impressed with the product's ability to give insights into network traffic."
"The most valuable feature is that it gives us visibility of rogue traffic that is on the network."
"The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7."
"What I like about Darktrace, is that you can quickly identify threats."
"A simple, powerful AI solution that just does all the work for you when you turn it on."
"I find it very good in the way that they show the past events, including the attack history."
"The solution is very stable and works very well for what I need it to do."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"The solution's initial setup is easy."
"The solution is easy to use, and the interface is intuitive."
"It is a very stable solution."
"Features for user behavior analytics and the rules for attack review are good."
"We need to be able to whitelist data at the backend."
"They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not."
"The XDR dashboard has room for improvement."
"We noticed that from time to time, Microsoft's stability does have problems. Sometimes the service goes up and down. Sometimes they change without prior notice."
"You should be able to deploy Defender for every subscription without the need to add servers."
"The GUI is sometimes slow to fetch the device report and could be improved."
"There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types."
"Several simulation options are available within 365, and the phishing simulation could be better."
"It could build in integrations for some complementary products, but it has an assistant plugin so this is not really a big deal."
"Upper management wasn't sold on the value proposition."
"Darkforce could be improved in the range of the interface; how to interact with the actions it's taking or not taking."
"This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious."
"The user interface and the configuration are a bit complex and should be improved or simplified."
"The pricing is a bit high for the region."
"I was under impression that Darktrace's automatic blocking would be an out-of-the-box feature, but we had to integrate it with our firewall to get it to block automatically. The salesperson should be upfront and explain that you need to integrate it with your network. I would also like to see more reporting on risk. Banks in my region want to see at a glance the risk level of various assets."
"I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"The APIs can be further improved in Rapid7."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"The ability to tune the collector for custom logs would greatly help."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"The product allows us to make only 30 custom rules."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Darktrace is ranked 11th in Email Security with 65 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews. Darktrace is rated 8.2, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Trend Micro Deep Discovery, whereas Rapid7 InsightIDR is most compared with Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM, IBM Security QRadar and Microsoft Defender for Identity.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.