We performed a comparison between Darktrace and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time."
"There are several features that I consider valuable."
"The deployment capability is a great feature."
"The initial setup is straightforward. You just add the license, click it, and then you can set up the rules. It is quite simple."
"It gives us visibility into threats and, for endpoints, it helps us to prioritize threats. We used to have a lack of visibility, but now our time to detect and respond has decreased."
"Defender for 365 is a comprehensive cloud-based solution. The value of the cloud is that you aren't alone. Threat intelligence and analytics are shared in the cloud. We don't have to find the solution alone. If you face an unknown threat with traditional solutions like Trend Micro and Symantec, you need to open a case and send your information to them to analyze forensically and identify the source of the attack."
"The two main features that prove most beneficial for us are URL scanning and attachment scanning."
"Microsoft Defender for Office 365's most valuable feature is its performance."
"The Dynamic Threat Dashboard is very nice, as it lists all of your threats and rates them, and then you can choose whether to investigate further."
"The most valuable feature of this solution is that it does not require human intervention to eliminate a threat."
"It is autonomous. So, it learns. It uses algorithms and AI to learn the common behavioral patterns on the network, and it is able to identify threats based on abnormal patterns."
"The active threat dashboard is the most valuable feature of this solution."
"The NDR is good in their solution and they have NTG for email."
"We are able to detect a lot of things, actually, and see what is happening in our network."
"In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
"One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"The UI is very good."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."
"Dashboards, including the main screen, provide much-needed information at a glance, without hours of coding and sifting through logs to find it. In case of an actual security incident, I have faith that insightIDR has retained all logs in a secure manner that prevents log tampering as well."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"I rate Rapid7 nine out of 10 for affordability"
"Log search allows us to dive deep into aggregated logs and query all event types at once."
"The company should focus on adding threats that the solution is currently unable to detect."
"There is room for improvement in terms of reporting."
"The only thing they should improve is the licensing model. They should stop changing it. A year ago, the five features I mentioned were included in one product. Now, three of them are bundled into one product, and you have to pay extra for the other two. I don't mind paying extra, but I don't want them to change it every year or every six months. I need to know what I'm looking at and not worry about it next year."
"The XDR dashboard has room for improvement."
"Microsoft should provide more documentation for users so they can self-educate. I would like to see more documentation for advanced security features."
"Microsoft Defender for Office 365 should be more proactive."
"About eight months ago, we started to measure the quantity of phishing and spam that we have been receiving, and it has been increasing a lot. That means that protection for our email is not as good as we were expecting."
"Microsoft Defender for Office 365 must improve the overall management style, including the GUI. It also needs to change the filters so that it is easy to whitelist and blacklist data."
"It takes time to go through the interface and pick up things. If it were a more straightforward interface, then it would free up time."
"The price point for the product was too high for what our possible use case could be."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"Needs to improve its collaboration with local partners."
"Darktrace requires numerous configurations. It would be beneficial if the configuration could be made simpler."
"I was under impression that Darktrace's automatic blocking would be an out-of-the-box feature, but we had to integrate it with our firewall to get it to block automatically. The salesperson should be upfront and explain that you need to integrate it with your network. I would also like to see more reporting on risk. Banks in my region want to see at a glance the risk level of various assets."
"The level of tracking within the network from the transmission level up to the machine level can use improvement."
"The solution can improve the reporting."
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"Lacks a mobile application."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"They should add more configuration and security features to it."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"Inability to get access to compliance reports within the solution."
"The product allows us to make only 30 custom rules."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Darktrace is ranked 13th in Email Security with 32 reviews while Rapid7 InsightIDR is ranked 13th in Security Information and Event Management (SIEM) with 17 reviews. Darktrace is rated 8.2, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Darktrace writes "A stable, scalable, and valuable tool that provides excellent network monitoring". On the other hand, the top reviewer of Rapid7 InsightIDR writes " Offers capabilities in areas like threat intelligence and vulnerability management but needs to improve support". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Trend Micro Deep Discovery, whereas Rapid7 InsightIDR is most compared with Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM, Microsoft Defender for Identity and IBM Security QRadar.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.