We performed a comparison between CrowdStrike Falcon and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"The comprehensiveness of Microsoft's threat detection is good."
"The summarization of emails is a valuable feature."
"The product is very easy to use."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"The most valuable feature is the network security."
"Scalability is good. We have had no issues with it."
"The features I like the most are the response time and the dashboard are both excellent."
"This solution has made the lives of the IT staff much easier, compared to the previous one."
"I like the detection rates of mobile threats."
"From what we have seen, it is very scalable. We have recently acquired a company where someone had a ransomware attack when we joined networks. Within the course of just a few days, we were able to easily get CrowdStrike rolled out to about 300 machines. That also included the removal of that company's legacy anti-malware tool."
"The solution is silent and sits on your system as one single agent."
"CrowdStrike Falcon is effortless to use, and it's a cloud-specific platform. You only need to deploy the light agents on the licensed endpoints, and you're ready to work. Your dashboards will tell you the number of the endpoints being protected and the incidents. There are also incident dashboards with alerts that will tell you about the details."
"CrowdStrike Falcon's scalability is good. We have thousands of students using this solution."
"Simple configuration and automatically syncs to the cloud platform."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."
"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."
"Log search allows us to dive deep into aggregated logs and query all event types at once."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"There could be a way to proactively monitor unusual activity ."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"Sometimes, configurations take much longer than expected."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"In the future release of CrowdStrike Falcon, they should add a sandbox feature."
"The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need."
"CrowdStrike Falcon needs to improve their host management system."
"CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
"Too many false positives."
"It would be nice if the dashboard had some more information upfront, and looked a little better."
"I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it."
"The pricing is a bit too high."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"The product allows us to make only 30 custom rules."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"Needs a better ability to customize the check within the console."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"The ability to tune the collector for custom logs would greatly help."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Rapid7 InsightIDR is ranked 21st in Endpoint Detection and Response (EDR) with 30 reviews. CrowdStrike Falcon is rated 8.8, while Rapid7 InsightIDR is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and Fortinet FortiEDR, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and Fortinet FortiSIEM. See our CrowdStrike Falcon vs. Rapid7 InsightIDR report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
