No more typing reviews! Try our Samantha, our new voice AI agent.

Bitdefender GravityZone EDR vs Rapid7 InsightIDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Bitdefender GravityZone EDR
Ranking in Endpoint Detection and Response (EDR)
18th
Average Rating
8.4
Reviews Sentiment
6.3
Number of Reviews
62
Ranking in other categories
No ranking in other categories
Rapid7 InsightIDR
Ranking in Endpoint Detection and Response (EDR)
47th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (25th), User Entity Behavior Analytics (UEBA) (11th), Threat Deception Platforms (6th), Extended Detection and Response (XDR) (28th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Bitdefender GravityZone EDR is 1.6%, down from 2.4% compared to the previous year. The mindshare of Rapid7 InsightIDR is 1.2%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Bitdefender GravityZone EDR1.6%
Rapid7 InsightIDR1.2%
Other93.6%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
HarshBhardiya - PeerSpot reviewer
SOC Engineer at a outsourcing company with 10,001+ employees
Provides detailed event investigation and endpoint control but needs better Mac support and UI improvements
I find the advanced behavioral analytics feature in Bitdefender GravityZone EDR a little gimmicky, as I don't usually find much use for it. The advanced behavioral analytics feature needs to be optimized to be more user-friendly and easier to work with. We don't specifically look for the customizable dashboards within Bitdefender GravityZone EDR; rather, we get the logs on our SIEM solution, QRadar, where we have created the dashboards. We also have Tableau and Power BI, so we don't utilize any dashboards on the EDR front. I would like to optimize the incident response area as well, especially when comparing my experience with CrowdStrike, which is relatively more responsive and easier to navigate when there are multiple hosts involved. Other areas of improvement for Bitdefender GravityZone EDR include its lack of support for Mac devices.
SohailHyder - PeerSpot reviewer
Head Of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"My advice for others looking into using Cortex is that it is very easy to use and very useful for the customer environment, whether it's a public or private one."
"We use it for malicious connections from malicious websites, to identify payloads that might be inside the traffic, to identify malicious processes or bugs that are running on the network, and any activities that tend to lead to data infiltration."
"They have a new GUI which is just fantastic."
"We can visualize and control the activities in the environment from anywhere."
"Cortex is the best tool for endpoint detection, and I have used it to verify hashes or domains to identify malicious activity, trigger playbooks that automate and gather endpoint logs, block malicious processes, and update incident tickets, showcasing end-to-end processes with automation in investigation and reducing the analysis workflow."
"I like the centralized console and the predictive analysis it does of malware. It is very stable and also scalable."
"The solution allows us to gain remote access without the user's knowledge and take the necessary actions on the device."
"The solution helps find bugs, and it is safe to use to prevent attacks by hackers."
"I like GravityZone's short implementation time, as it takes only a day at most."
"It is a usable program that works."
"I highly recommend this product to other consumers, it has great monitoring and scheduled emails for generated reports."
"Bitdefender GravityZone Ultra has many features, such as VPN, web filtering, and email filtering. The product has many good reviews, and I like how straightforward it is to implement. It's also easy to access and use."
"The installation is straightforward."
"I never had any issues, never had any bugs, it was very stable."
"Bitdefender is producing extremely high-quality threat intelligence."
"The features that are most useful are the simplicity of deploying the package and the cryptosystem for managing all the situations on the computer."
"​​User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"The solution's initial setup is easy."
"Rapid7 InsightIDR is budget-friendly and has a good market position because not everybody can afford to go for LogRhythm or Splunk or QRadar."
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
"Previously, when something happened, such as when a hacker was attacking one of our customers, we were always behind, or we did not know that we were hacked until the ransomware started, but with the Rapid7 solution, at every step, we could online see what a person was doing, and we could prevent ransomware."
"I like that it's a cloud-based solution."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
 

Cons

"Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis."
"Impact on system performance is horrible, adding a lot of delays for users."
"The configuration could be simplified. I would like to see better protection, specifically to protect email applications."
"This is a very costly product."
"The MAC agent is not as robust feature-wise as the PC version."
"The solution lacks real-time, on-demand antivirus."
"Palo Alto Networks Cortex XDR does not detect malicious activity like in other anti-virus solutions like Trend Micro and Windows with Cisco."
"A better pricing plan would make this product more competitive."
"The main area for improvement is the dashboard of the cloud console, where we manage security policies and groupings. It needs to be more flexible and informative."
"I would like to optimize the incident response area as well, especially when comparing my experience with CrowdStrike, which is relatively more responsive and easier to navigate when there are multiple hosts involved."
"One thing that could be improved is more granularity and options on exclusions."
"For many, the problems come mostly when they start tweaking or short-cutting - particularly for patch management."
"I have not seen a return on investment with this solution."
"The only issue an end user might have is in the case where a website has some kind of monitoring software included, where they want to track use, and it might unnecessarily block the site for the user."
"The only problem we have, and I don't know if maybe it's the package we bought, is that it lacks the parts of data protection and application blacklisting."
"While the solution is secure, it could have better integration."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"The ability to tune the collector for custom logs would greatly help."
"I'd like to be able to get the compliance report within the solution which is currently not possible."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"Inability to get access to compliance reports within the solution."
 

Pricing and Cost Advice

"The solution is expensive. It's pricing is on a yearly-basis."
"I am using the Community edition."
"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"The cost depends on your chosen license type, like Pro or other licenses."
"The price is on the higher side, but it's okay."
"I don't have any issues with the pricing. We are satisfied with the price."
"It has reasonable pricing for the use cases it provides to the company."
"The licensing cost has been manageable for our small team."
"It is not that expensive. Compared to its competitors, it is well-priced and well-placed."
"Price-wise, we have a better licensing agreement with Bitdefender than we did with competing vendors."
"Bitdefender GravityZone Ultra is less expensive than other solutions, such as CrowdStrike. We had a really good deal because it was their year-end and they were trying to do a lot of sales that week. We bought a three-year contract from them and the cost was approximately $17 per endpoint, per year. It is was a very good price. I have spoken to other people who have purchased CrowdStrike at approximately $60 per endpoint, per year. I have no complaints about the price of this solution."
"The pricing for Bitdefender GravityZone Ultra is not that high. It's okay for its service, so I would download it on my personal computer and buy it for myself as a customer."
"There are some differences. It's more cost-effective, yet it provides the same functionalities as Defender. That's why I've been exploring the comparisons. We pay for it annually, and it's a per-seat payment."
"The solution is affordable."
"Bitdefender GravityZone Ultra's pricing is competitive in the market."
"The pricing and licensing are competitive."
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
"The solution has a mid-range price point in the market"
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Comms Service Provider
12%
Construction Company
9%
Financial Services Firm
6%
Computer Software Company
6%
Manufacturing Company
9%
Financial Services Firm
9%
Computer Software Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise9
Large Enterprise11
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise5
Large Enterprise6
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Bitdefender GravityZone Ultra?
The cost is reasonable, with the license costing approximately six to eight dollars per user.
What needs improvement with Bitdefender GravityZone Ultra?
I would like to see improvements in Bitdefender GravityZone EDR to better support older machines. From my experience,...
What is your primary use case for Bitdefender GravityZone Ultra?
My usual use cases for Bitdefender GravityZone EDR mostly involve zoning, reviewing EDR policies, and vetting for pos...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is a...
What needs improvement with Rapid7 InsightIDR?
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as ...
What is your primary use case for Rapid7 InsightIDR?
I am working with Rapid7 InsightOps and Rapid7 InsightIDR because the requirement is as such from the customer side, ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Bitdefender GravityZone Ultra, Bitdefender GravityZone
InsightIDR
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Mentor Graphics, Rudersdal Kommune
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about Bitdefender GravityZone EDR vs. Rapid7 InsightIDR and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.