The typical use case for Rapid7 MDR is that it is highly valued. It is not so bad, but competition with EDR is tough. Rapid7 MDR does not position itself as EDR or XDR, so it is rather a SIEM type solution, which makes it different from CrowdStrike, SentinelOne, or Microsoft. They are not in the competition listing of EDR products.
The features of Rapid7 MDR that I find most effective for threat detection are the threat intelligence capabilities because it already collects many vulnerabilities and exploitations, as well as the configuration of network devices. They integrate everything into one solution. The other solutions such as CrowdStrike or SentinelOne don't collect all the vulnerabilities or threat intelligence except within their product itself, making Rapid7 MDR very strong in this aspect.
I have seen an ROI from this solution in terms of time savings. Because it includes everything, including SIEM, EDR, and vulnerability control, other solutions require integration of every module and vendor. It is easier to implement once they start, as the modules of the EDR can be challenging to implement and may require consulting.