No more typing reviews! Try our Samantha, our new voice AI agent.

Cisco Secure Endpoint vs Rapid7 InsightIDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Cisco Secure Endpoint
Ranking in Endpoint Detection and Response (EDR)
26th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
49
Ranking in other categories
Endpoint Protection Platform (EPP) (29th), Cisco Security Portfolio (8th)
Rapid7 InsightIDR
Ranking in Endpoint Detection and Response (EDR)
47th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (25th), User Entity Behavior Analytics (UEBA) (11th), Threat Deception Platforms (6th), Extended Detection and Response (XDR) (28th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Cisco Secure Endpoint is 1.3%, down from 1.6% compared to the previous year. The mindshare of Rapid7 InsightIDR is 1.2%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Cisco Secure Endpoint1.3%
Rapid7 InsightIDR1.2%
Other93.9%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
JavedHashmi - PeerSpot reviewer
Chief Technology Officer at Future Point Technologies
Reliable threat protection is achieved while integration and analysis capabilities need refinement
Cisco Secure Endpoint is very good in machine learning, which allows it to secure offline contents even if not connected to the internet. We haven't encountered a single breach after it's deployed. It controls USB devices and has a separate antivirus solution called Tetra, providing security even for real-time, day-zero attacks through its strong Talos threat intelligence platform.
SohailHyder - PeerSpot reviewer
Head Of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The product has an intuitive dashboard."
"The interface is easy to use and it is more up to date than our previous solution."
"We use Cortex XDR by Palo Alto Networks for its ability to detect based on behavior rather than simple virus scan to prevent malicious activities."
"I recommend this solution to others because it is easy to manage, reliable, and overall good to use."
"It's a perfect solution. It integrates well into the environment."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"The user interface of the solution is sophisticated and straightforward."
"One of the things that I enjoy the most is using policy extensions. It's like having host firewalls to control USB connections. I think it's a wonderful tool to restrict use when connecting to our computers. Another important tool is Home Insights. That is an add-on to the Cortex solution. I like that because we can see all the vulnerabilities in the environment and control what assets are connected to our network."
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"The most valuable features of this solution are the IPS and the integration with ISE."
"Its most valuable features are its scalability and advanced threat protection for customers."
"The product's initial setup phase was very simple."
"Cisco has definitely improved our organization a lot. In terms of business, our company feels safer. We actually switched from legacy signature-based solutions to threat intelligence-based and machine learning-based solutions, which is Cisco Secure. This has improved our security significantly, from 10% of signature-based technology security to 99.9% of the current one which we are running. We were happy."
"There are several valuable features including strong prevention and exceptional reporting capabilities."
"Overall, I really liked the product; it was well done."
"I am really satisfied with the technical support."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"It gives all the advantages of a SIEM, however, using clever AI, it looks for patterns of behavior rather than just flooding me with all the alerts."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
"It improved my organization by building a security alerting program."
"I've used other products such as QRadar and other SIEM solutions and I find this solution is much more simplified and user-friendly."
 

Cons

"One thing that was missing was the integration part. Currently, they don't have out-of-box integration with IBM QRadar, or if they have the integration, the integration doesn't work well."
"The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons."
"I would like to see some additional features related to email protection included."
"This product has not improved my organization - in fact, we are in the process of moving back to another product as a result of Cortex's horrible impact on system performance."
"This is a very costly product."
"The solution could improve by providing better integration with their own products and others."
"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."
"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."
"The product does not provide options like tunnel creation or virtual appliances."
"Maybe there is room for improvement in some of the automated remediation."
"In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."
"One of the things that Cisco Secure Endpoint really needs is that it's not just Secure Endpoint, it's a point product, and I think we really need to move into solution-based selling, designing, and architecting. So that we're not worried about putting things on endpoints and selling 'x' amount of endpoints, but to provide a solution that covers all of the remote access and sell them as solutions that cover multiple things."
"We have had some problems with updates not playing nice with our environment."
"The pricing policy could be more competitive, similar to Cisco's offerings."
"The reporting and the need for the documentation to be updated and current would be my two biggest areas of complaint."
"Cisco Secure Endpoint lacks features like DLP which other vendors offer. XDR is new, so integration capabilities with third-party tools need improvement."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"The APIs can be further improved in Rapid7."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"They should add more configuration and security features to it."
"Rapid7's customer support is awful. They didn't respond at all."
"Lacks a mobile application."
"I'd like to see a mobile application included and some feature related to the generality of segregation for internal users that access the application."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
 

Pricing and Cost Advice

"The pricing is okay, although direct support can be expensive."
"This is an expensive solution."
"Cortex XDR’s pricing is very reasonable."
"The price of the product is not very economical."
"I don't recall what the cost was, but it wasn't really that expensive."
"It is "expensive" and flexible."
"The price is on the higher side, but it's okay."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"The visibility that we have into the endpoint and the forensics that we're able to collect give us value for the price. This is not an overly expensive solution, considering all the things that are provided. You get great performance and value for the cost."
"Pricing is a big issue."
"Because we do see the value of what it's bringing, I think they have priced it well."
"I rate the pricing a five or six on a scale of one to ten, where one is expensive, and ten is cheap."
"Licensing fees are on a yearly basis and I am happy with the pricing."
"It is an expensive solution."
"​Pricing can be more expensive than similar software that does less functionality, but not recognized by customers.​"
"My company does make annual payments towards the licensing costs of the solution. Cisco Secure Endpoint is a little bit expensive."
"The pricing and licensing are competitive."
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"The pricing is good, and it is not very expensive."
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
"Rapid7 InsightIDR is priced very well and is cost-effective."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Manufacturing Company
10%
Financial Services Firm
8%
Construction Company
7%
Government
7%
Manufacturing Company
9%
Financial Services Firm
9%
Computer Software Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise15
Large Enterprise21
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise5
Large Enterprise6
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Cisco Secure Endpoint?
Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdS...
What needs improvement with Cisco Secure Endpoint?
Cisco Secure Endpoint lacks features like DLP which other vendors offer. XDR is new, so integration capabilities with...
What is your primary use case for Cisco Secure Endpoint?
We deployed Cisco Secure Endpoint for our customers two to three years back. The use case was to secure their endpoin...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is a...
What needs improvement with Rapid7 InsightIDR?
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as ...
What is your primary use case for Rapid7 InsightIDR?
I am working with Rapid7 InsightOps and Rapid7 InsightIDR because the requirement is as such from the customer side, ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Cisco AMP for Endpoints
InsightIDR
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about Cisco Secure Endpoint vs. Rapid7 InsightIDR and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.