We performed a comparison between CrowdStrike Falcon and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"Microsoft 365 Defender is a good solution and easy to use."
"It has great stability."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"The most valuable aspect is undoubtedly the exploration capability"
"The solution has improved my organization by automating the detection and reporting of unwanted applications so we're aware of them and can respond appropriately."
"The most valuable features of CrowdStrike Falcon include Falcon Fusion workflows and endpoint detection capabilities."
"The detection is very reliable. Also, OverWatch is a great feature."
"Overall, what I found most valuable in CrowdStrike Falcon is its good mechanism. It also has a good reporting feature. CrowdStrike Falcon is an invaluable tool because, through it, you can take quick action, for example, when an OS is missing specific patches."
"We haven't had any infections or down time."
"There are two things which customers really like about CrowdStrike. If they buy managed services from CrowdStrike, it offers them detection of security issues in one minute. If you buy their professional services, they offer insurance where you can claim up to $5 million if there's a breach. This is a huge upsell for customers."
"It is an easy product to deploy."
"The most valuable feature of CrowdStrike Falcon is crowdsourcing intelligence."
"I rate Rapid7 nine out of 10 for affordability"
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"The solution's initial setup is easy."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."
"The solution is very stable and works very well for what I need it to do."
"The solution does not offer a unified response and standard data."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"The support team is not competent or responsive."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"If we have a dashboard capability to uninstall agents, I think that would be great."
"It can be expensive depending on the features you select."
"It would be nice if the dashboard had some more information upfront, and looked a little better."
"There is room for improvement in managing multiple customer IDs."
"The GUI can use improvement, it's cloud-based so sometimes the interface can be a bit slow. The interface could use a little bit more speed."
"The support for different OS versions needs improvement because sometimes due to business conditions, updating our OS is impossible."
"Unfortunately, native applications are not supported."
"I would like to see the machine learning feature enhanced."
"Needs a better ability to customize the check within the console."
"The ability to tune the collector for custom logs would greatly help."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."
"The APIs can be further improved in Rapid7."
"Cloud risk assessment is one area where I think they need a lot of improvement."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 105 reviews while Rapid7 InsightIDR is ranked 21st in Endpoint Detection and Response (EDR) with 29 reviews. CrowdStrike Falcon is rated 8.8, while Rapid7 InsightIDR is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Trend Vision One, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and Elastic Security. See our CrowdStrike Falcon vs. Rapid7 InsightIDR report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
