No more typing reviews! Try our Samantha, our new voice AI agent.

CompassOne by Blackpoint Cyber vs Rapid7 InsightIDR comparison

Blackpoint Cyber and Rapid7 are both solutions in the Security Information and Event Management (SIEM) category. Blackpoint Cyber is ranked #40 with an average rating of 9.5, while Rapid7 is ranked #21 with an average rating of 7.8. Additionally, 100% of Blackpoint Cyber users are willing to recommend the solution, compared to 96% of Rapid7 users who would recommend it.
Sponsored
Cortex XDR by Palo Alto Net...
Read 108 Cortex XDR by Palo Alto Networks reviews
  • 14,649 Views
  • 6,006 Comparison Views
96% willing to recommend
CompassOne by Blackpoint Cyber
Read 5 CompassOne by Blackpoint Cyber reviews
  • 2,972 Views
  • 416 Comparison Views
100% willing to recommend
Rapid7 InsightIDR
Read 32 Rapid7 InsightIDR reviews
  • 7,072 Views
  • 3,395 Comparison Views
96% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Mar 15, 2026

Rapid7 InsightIDR and CompassOne by Blackpoint Cyber are both cybersecurity solutions competing in advanced threat detection and response. While Rapid7 InsightIDR is praised for its affordability and customer support, CompassOne is seen as superior due to its advanced features, making it worth the investment despite higher costs.

Features: Rapid7 InsightIDR offers threat detection and response, user behavior analytics, and cloud security integrations. CompassOne by Blackpoint Cyber provides real-time monitoring, advanced threat defense, and integration capabilities, especially with existing security infrastructure. CompassOne's sophisticated features give it a notable advantage.

Room for Improvement: Rapid7 InsightIDR could enhance its real-time monitoring and improve integration with enterprise systems. Its feature set might benefit from additional depth in threat response capabilities. Meanwhile, CompassOne by Blackpoint Cyber could improve on its initial deployment time and reduce complexity in certain setup areas. Enhancements in user experience and further integration with third-party tools could add more value.

Ease of Deployment and Customer Service: Rapid7 InsightIDR ensures easy deployment and robust customer support, allowing for quick setup. CompassOne by Blackpoint Cyber offers a seamless deployment experience with hands-on support and excels in integration expertise, providing more personalized assistance, which contributes to a smoother deployment process.

Pricing and ROI: Rapid7 InsightIDR is cost-effective with strong ROI due to its lower setup costs and comprehensive functionality. CompassOne by Blackpoint Cyber involves higher initial expenses but delivers long-term value with enhanced performance and feature depth. Although Rapid7 is more budget-friendly initially, CompassOne's extensive capabilities and deeper integration drive a justified higher expenditure.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed CompassOne by Blackpoint Cyber vs. Rapid7 InsightIDR Report (Updated: March 2026).
Buyer's Guide
CompassOne by Blackpoint Cyber vs. Rapid7 InsightIDR
March 2026
Download the complete report
Helped 885,376 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
7th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
108
Ranking in other categories
Endpoint Protection Platform (EPP) (5th), Extended Detection and Response (XDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (2nd)
CompassOne by Blackpoint Cyber
Ranking in Endpoint Detection and Response (EDR)
35th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
5
Ranking in other categories
Security Information and Event Management (SIEM) (40th), Vulnerability Management (44th), Application Control (10th), Managed Detection and Response (MDR) (10th)
Rapid7 InsightIDR
Ranking in Endpoint Detection and Response (EDR)
34th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (21st), User Entity Behavior Analytics (UEBA) (10th), Threat Deception Platforms (8th), Extended Detection and Response (XDR) (20th)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
ABHISHEK_SINGH
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Read full review
Gary Herbstman - PeerSpot reviewer
Gary Herbstman
Owner at Byte Solutions Inc.
Experienced reduced alert fatigue with streamlined notifications
We use Blackpoint Cyber MDR for our higher-end clients who need a higher level of control over security I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real. This feature ensures that I am notified only…
Read full review
SohailHyder - PeerSpot reviewer
SohailHyder
Head Of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The behavior-based detection feature is valuable."
"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly. The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that."
"We use Cortex XDR by Palo Alto Networks for its ability to detect based on behavior rather than simple virus scan to prevent malicious activities."
"The interface is easy to use and it is more up to date than our previous solution."
"The initial setup is pretty easy."
"It collects and caches and the knowledge of machine learning from different customers to take to the cloud, it makes it better to use for everybody, it allows for quick learning and updates and can, therefore, offer zero-day malware security, and this sharing of metadata helps make the solution very safe."
"The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week."
More Cortex XDR by Palo Alto Networks pros
"The solution also watches over Microsoft 365 and keeps a copy of logs."
"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."
"The solution is all encompassing and can incorporate email monitoring."
"On my end, the most valuable feature of this solution is that I can install it and forget about it. After that, their SOC team takes over and they only call me when there's a problem."
"Their SOC is phenomenal in not monitoring and responding and taking action."
"On a scale from one to ten, I would rate the overall solution as a ten."
"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"Rapid7 InsightIDR is budget-friendly and has a good market position because not everybody can afford to go for LogRhythm or Splunk or QRadar."
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"Dashboards, including the main screen, provide much-needed information at a glance, without hours of coding and sifting through logs to find it. In case of an actual security incident, I have faith that insightIDR has retained all logs in a secure manner that prevents log tampering as well."
"Very intuitive and easy to set up."
More Rapid7 InsightIDR pros
 

Cons

"Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."
"We have found that there are times Cortex XDR by Palo Alto Networks does not detect some of the viruses, we have to use another protection solution called Kaspersky."
"The solution needs better reports. I think they should let the customer go in and customize the reports."
"I would like to see some additional features related to email protection included."
"Cortex XDR could be improved with more GUI features."
"Cortex XDR should have a lightweight agent, and the agent size should not be heavy."
"However, if you do not have Palo Alto in your environment, you are paying these additional services just for Cortex XDR by Palo Alto Networks, so it is not a cost-effective solution."
"We had a problem with getting our older endpoints up to date, but their newest updates have been really good."
More Cortex XDR by Palo Alto Networks cons
"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."
"The solution does not tie into other EDR products like CyberArk or CrowdStrike but that might be more useful."
"The interface could be more intuitive."
"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."
"Some texts seem to report items as normal too quickly."
"The interface could be more intuitive. More transparency is needed in the interface as a lot of details are hidden behind the scenes, making them difficult or impossible to access."
"The feature we keep asking for is a vulnerability scan."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"Personally, I feel it would greatly benefit from more supported log sources."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"They should add more configuration and security features to it."
More Rapid7 InsightIDR cons
 

Pricing and Cost Advice

"Cortex XDR's pricing is ok."
"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
"Cortex XDR is a costly solution."
"Very costly product."
"The price of the solution is high for the license and in general."
"The pricing is a little high. It is per user per year."
"This is an expensive solution."
More Cortex XDR by Palo Alto Networks pricing and cost advice
"The pricing is in line with other products."
"The pricing is reasonable."
"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
"The pricing is good, and it is not very expensive."
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"The solution has a mid-range price point in the market"
"It is more reasonably priced than other vendors."
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
More Rapid7 InsightIDR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
885,376 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
13%
Manufacturing Company
8%
Computer Software Company
8%
Financial Services Firm
8%
Computer Software Company
12%
Retailer
7%
Healthcare Company
7%
Outsourcing Company
7%
Computer Software Company
10%
Financial Services Firm
9%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise20
Large Enterprise47
No data available
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise5
Large Enterprise6
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
See all answers
What is your experience regarding pricing and costs for Blackpoint Cyber MDR?
The pricing is great considering what we are receiving.
See all answers
What needs improvement with Blackpoint Cyber MDR?
While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a b...
See all answers
What is your primary use case for Blackpoint Cyber MDR?
The solution serves as a baseline security offering. We have implemented it for every client that we do business with.
See all answers
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is a...
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightIDR?
The product pricing is very cheap.
See all answers
What needs improvement with Rapid7 InsightIDR?
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as ...
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 9% of the time
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Compared 6% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks
Compared 3% of the time
More Cortex XDR by Palo Alto Networks Competitors
Huntress Managed EDR vs CompassOne by Blackpoint Cyber Logo
Huntress Managed EDR vs CompassOne by Blackpoint Cyber
Compared 16% of the time
CrowdStrike Falcon Complete MDR vs CompassOne by Blackpoint Cyber Logo
CrowdStrike Falcon Complete MDR vs CompassOne by Blackpoint Cyber
Compared 6% of the time
Adlumin Security Operations vs CompassOne by Blackpoint Cyber Logo
Adlumin Security Operations vs CompassOne by Blackpoint Cyber
Compared 6% of the time
Arctic Wolf Managed Detection and Response vs CompassOne by Blackpoint Cyber Logo
Arctic Wolf Managed Detection and Response vs CompassOne by Blackpoint Cyber
Compared 4% of the time
SentinelOne Vigilance vs CompassOne by Blackpoint Cyber Logo
SentinelOne Vigilance vs CompassOne by Blackpoint Cyber
Compared 4% of the time
More CompassOne by Blackpoint Cyber Competitors
Splunk Enterprise Security vs Rapid7 InsightIDR Logo
Splunk Enterprise Security vs Rapid7 InsightIDR
Compared 5% of the time
Microsoft Sentinel vs Rapid7 InsightIDR Logo
Microsoft Sentinel vs Rapid7 InsightIDR
Compared 5% of the time
Rapid7 InsightVM vs Rapid7 InsightIDR Logo
Rapid7 InsightVM vs Rapid7 InsightIDR
Compared 4% of the time
CrowdStrike Falcon vs Rapid7 InsightIDR Logo
CrowdStrike Falcon vs Rapid7 InsightIDR
Compared 4% of the time
Darktrace vs Rapid7 InsightIDR Logo
Darktrace vs Rapid7 InsightIDR
Compared 3% of the time
More Rapid7 InsightIDR Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2026
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Managed Detection and Response (MDR)
February 2026
CompassOne by Blackpoint Cyber reportDownload CompassOne by Blackpoint Cyber product report
Buyer's Guide
Rapid7 InsightIDR
March 2026
Rapid7 InsightIDR reportDownload Rapid7 InsightIDR product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Blackpoint Cyber Managed Detection + Response, Blackpoint Cyber Managed Detection and Response
InsightIDR
 

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?
  • Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
  • Multi-layered Security: Combines various security measures for comprehensive protection.
  • Endpoint Protection: Safeguards against malware and exploits.
  • Behavioral Analysis: Monitors suspicious activity for early detection.
  • Automatic Threat Response: Automates responses to neutralize threats.
What benefits should users expect?
  • Ease of Use: Simplifies security management with intuitive design.
  • Resource Efficiency: Minimizes impact on system resources.
  • Integration Capabilities: Works well with existing security setups.
  • Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

CompassOne by Blackpoint Cyber delivers comprehensive MDR capabilities, offering SLA-driven alert notifications, in-depth network discovery, and Microsoft 365 log preservation. Its SOC team efficiently manages monitoring tasks, ensuring genuine threats are prioritized and distractions minimized.

CompassOne enhances cybersecurity by offering email monitoring, app control, and effective threat identification, preventing incidents like a compromised device affecting corporate networks. While prompt in threat reporting, a need exists for detailed analysis and vulnerability scanning. Users seek integration with platforms such as CyberArk and CrowdStrike and support for Linux systems. The platform strengthens security through alert monitoring, virus prevention, account takeover prevention, and establishing a security baseline for both organizational and lab environments, with up to half of an organization's staff utilizing it and expansion plans in progress.

What are the key features of CompassOne?
  • SLA Notifications: Provides timely alerts to ensure swift threat response.
  • Network Discovery: Offers detailed insight into local networks.
  • Microsoft 365 Log Preservation: Maintains extensive records for compliance.
  • Email Monitoring and App Control: Detects and blocks suspicious activities efficiently.
  • Threat Prioritization: Minimizes distractions by focusing on genuine threats.
What benefits should users expect from CompassOne?
  • Efficient Monitoring: Relieves teams by offloading monitoring tasks to expert SOC teams.
  • Threat Mitigation: Protects against device compromise and secures networks.
  • Comprehensive Security: Extends capabilities through email and application vigilance.
  • Strategic Deployment: Adaptable for both enterprise and lab environments.

In sectors where security monitoring is crucial, CompassOne is implemented to observe computers, servers, and Office 365 environments, mitigating risks thoughtfully and efficiently. Companies engage its robust MDR functionalities to fend off viruses and account breaches while leveraging its security implementation services for a foundational security setup.

Blackpoint Cyber

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7
 

Sample Customers

CBI Health Group, University Honda, VakifBank
CoreRecon, Peerless Tech Solutions, Lorien Health
Liberty Wines, Pioneer Telephone, Visier
Buyer's Guide
CompassOne by Blackpoint Cyber vs. Rapid7 InsightIDR
March 2026
Free Report: CompassOne by Blackpoint Cyber vs. Rapid7 InsightIDR
Find out what your peers are saying about CompassOne by Blackpoint Cyber vs. Rapid7 InsightIDR and other solutions. Updated: March 2026.
DOWNLOAD NOW
885,376 professionals have used our research since 2012.
See our CompassOne by Blackpoint Cyber vs. Rapid7 InsightIDR report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.