Try our new research platform with insights from 80,000+ expert users

Cybereason Endpoint Detection & Response vs Rapid7 InsightIDR comparison

Cybereason and Rapid7 are both solutions in the Endpoint Detection and Response (EDR) category. Cybereason is ranked #33 with an average rating of 7.3, while Rapid7 is ranked #22 with an average rating of 7.8. Cybereason holds a 1.1% mindshare in EDR, compared to Rapid7’s 1.2% mindshare. Additionally, 85% of Cybereason users are willing to recommend the solution, compared to 96% of Rapid7 users who would recommend it.
Cybereason Endpoint Detecti...
Read 22 Cybereason Endpoint Detection & Response reviews
  • 3,854 Views
  • 2,467 Comparison Views
85% willing to recommend
Rapid7 InsightIDR
Read 32 Rapid7 InsightIDR reviews
  • 6,636 Views
  • 1,924 Comparison Views
96% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

Cybereason Endpoint Detection & Response and Rapid7 InsightIDR compete in the cybersecurity field. Cybereason appears to have the upper hand in advanced threat hunting and real-time response capabilities, while Rapid7 is preferred for strong incident detection and investigation features.

Features: Cybereason offers advanced threat hunting, real-time response, and automated response functionalities. Rapid7 InsightIDR provides incident detection, investigation capabilities, and integration with various third-party tools.

Room for Improvement: Cybereason could improve integration with other security tools, enhance reporting capabilities, and streamline user interfaces. Rapid7 needs better alert accuracy, reduced false positives, and refined alerting mechanisms.

Ease of Deployment and Customer Service: Cybereason has a straightforward deployment process and responsive customer service. Rapid7 InsightIDR is easy to deploy with a supportive and knowledgeable customer service team.

Pricing and ROI: Cybereason has higher setup costs leading to mixed opinions on ROI. Rapid7 InsightIDR offers competitive pricing and users report favorable ROI due to its comprehensive feature set.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cybereason Endpoint Detection & Response vs. Rapid7 InsightIDR Report (Updated: December 2025).
Buyer's Guide
Cybereason Endpoint Detection & Response vs. Rapid7 InsightIDR
December 2025
Download the complete report
Helped 879,927 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cybereason Endpoint Detecti...
Ranking in Endpoint Detection and Response (EDR)
33rd
Average Rating
7.8
Reviews Sentiment
5.6
Number of Reviews
22
Ranking in other categories
Endpoint Protection Platform (EPP) (41st)
Rapid7 InsightIDR
Ranking in Endpoint Detection and Response (EDR)
22nd
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (15th), User Entity Behavior Analytics (UEBA) (7th), Threat Deception Platforms (4th), Extended Detection and Response (XDR) (18th)
 

Mindshare comparison

As of January 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cybereason Endpoint Detection & Response is 1.1%, up from 1.1% compared to the previous year. The mindshare of Rapid7 InsightIDR is 1.2%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Market Share Distribution
ProductMarket Share (%)
Rapid7 InsightIDR1.2%
Cybereason Endpoint Detection & Response1.1%
Other97.7%
Endpoint Detection and Response (EDR)
 

Featured Reviews

reviewer2642739 - PeerSpot reviewer
reviewer2642739
Security Delivery Analyst at a consultancy with 10,001+ employees
User-friendly platform and dashboards provide comprehensive insights
I would like to see improvements on the operational side, specifically in grouping. Currently, I can group sensors into a custom group and assign policies, but I feel it is a shame that I cannot create groups of groups with inheritance. This would be useful for organizing multiple sites or countries into a single group containing multiple sub-groups. Additionally, in the whitelisting case, if I want one policy to have specific whitelisting, but not all the machines in that policy to have it, I could use multiple groups belonging to the same parent group. It is a bit disappointing that whitelisting can only be done via policies and not for individual machines. If I need to whitelist for only one machine, I must create a specific policy. This poses a challenge with two thousand endpoints, making it nearly impossible to create two thousand different policies.
Read full review
SohailHyder - PeerSpot reviewer
SohailHyder
Head of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."
"The initial setup is not overly complicated."
"To get my Cybereason instance up and running, I just install it; it takes less than a minute or two to actually install and run the installer."
"The solution is efficient."
"The initial setup was easy and straightforward."
"For me, the technical support is good."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"What I find most valuable is the clarity of the platform. It is very straightforward."
More Cybereason Endpoint Detection & Response pros
"The alerting to drive investigations and remediation has been its most valuable feature.​"
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"InsightIDR helps us investigate an environment to discover information about incidents."
"I rate Rapid7 nine out of 10 for affordability"
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
More Rapid7 InsightIDR pros
 

Cons

"The network coverage becomes an issue most of the time."
"They need to improve their technical support services."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"The reporting feature needs improvement."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
"There is room for improvement in the product features related to device control, particularly USB management."
"There can be problems with the EDI."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
More Cybereason Endpoint Detection & Response cons
"I feel it would greatly benefit from more supported log sources."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses.​"
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"Needs a better ability to customize the check within the console."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
More Rapid7 InsightIDR cons
 

Pricing and Cost Advice

"In terms of pricing, it's a good solution."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
"This product is somewhat expensive and should be cheaper."
"I do not have experience with the licensing of the product."
"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"The pricing is manageable."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."
More Cybereason Endpoint Detection & Response pricing and cost advice
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
"The pricing and licensing are competitive."
"The pricing is good, and it is not very expensive."
More Rapid7 InsightIDR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
See recommendations
879,927 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
8%
Comms Service Provider
6%
Computer Software Company
12%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise4
Large Enterprise13
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise5
Large Enterprise6
 

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?
Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...
See all answers
What is your primary use case for Cybereason Endpoint Detection & Response?
My main use case for Cybereason Endpoint Detection & Response is mostly for incident response.
See all answers
What do you like most about Cybereason Endpoint Detection & Response?
The interface is user-friendly.
See all answers
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
See all answers
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightIDR?
The product pricing is very cheap.
See all answers
 

Comparisons

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response Logo
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response
Compared 12% of the time
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response Logo
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response
Compared 7% of the time
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response Logo
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response
Compared 5% of the time
Fortinet FortiEDR vs Cybereason Endpoint Detection & Response Logo
Fortinet FortiEDR vs Cybereason Endpoint Detection & Response
Compared 4% of the time
ESET Inspect vs Cybereason Endpoint Detection & Response Logo
ESET Inspect vs Cybereason Endpoint Detection & Response
Compared 4% of the time
More Cybereason Endpoint Detection & Response Competitors
Rapid7 InsightVM vs Rapid7 InsightIDR Logo
Rapid7 InsightVM vs Rapid7 InsightIDR
Compared 7% of the time
Microsoft Sentinel vs Rapid7 InsightIDR Logo
Microsoft Sentinel vs Rapid7 InsightIDR
Compared 6% of the time
Splunk Enterprise Security vs Rapid7 InsightIDR Logo
Splunk Enterprise Security vs Rapid7 InsightIDR
Compared 5% of the time
CrowdStrike Falcon vs Rapid7 InsightIDR Logo
CrowdStrike Falcon vs Rapid7 InsightIDR
Compared 4% of the time
Darktrace vs Rapid7 InsightIDR Logo
Darktrace vs Rapid7 InsightIDR
Compared 4% of the time
More Rapid7 InsightIDR Competitors
 

Product Reports

Buyer's Guide
Cybereason Endpoint Detection & Response
January 2026
Cybereason Endpoint Detection & Response reportDownload Cybereason Endpoint Detection & Response product report
Buyer's Guide
Rapid7 InsightIDR
December 2025
Rapid7 InsightIDR reportDownload Rapid7 InsightIDR product report
 

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond
InsightIDR
 

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7
 

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Liberty Wines, Pioneer Telephone, Visier
Buyer's Guide
Cybereason Endpoint Detection & Response vs. Rapid7 InsightIDR
December 2025
Free Report: Cybereason Endpoint Detection & Response vs. Rapid7 InsightIDR
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. Rapid7 InsightIDR and other solutions. Updated: December 2025.
DOWNLOAD NOW
879,927 professionals have used our research since 2012.
See our Cybereason Endpoint Detection & Response vs. Rapid7 InsightIDR report.
See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.