• Home
  • Darktrace vs. Rapid7 InsightIDR

Darktrace vs Rapid7 InsightIDR comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Defender for Office 365

Read 41 Microsoft Defender for Office 365 reviews
12,858 views|10,247 comparisons
97% willing to recommend
Darktrace Logo

Darktrace

Read 65 Darktrace reviews
423 views|346 comparisons
93% willing to recommend
Rapid7 Logo

Rapid7 InsightIDR

Read 29 Rapid7 InsightIDR reviews
6,748 views|3,628 comparisons
95% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Email Security
March 2024
Executive Summary

We performed a comparison between Darktrace and Rapid7 InsightIDR based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security.
To learn more, read our detailed Email Security Report (Updated: March 2024).
Download the complete report
768,415 professionals have used our research since 2012.
Featured Review
Gordon McGowan
Improves organizational security without the help of third-party applications
Microsoft Defender for Office 365 has improved my organization's security. It makes it easier to manage the infrastructure without the help of... Read more →
Irwin Gibson
Helps us with network traffic visibility
The tool gives us alerts whenever an admin is trying to connect.
Agustinus DWIJOKO
A tool to detect malicious activities and provide security to networks and endpoints
I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features.""The most valuable feature is protection against malicious links, fishing, and impersonation. You can train people to be aware of these threats, but they're not always careful. When they're using their phones between meetings, they click on a link, and it's game over.""Microsoft Defender for Office 365's most valuable feature is its performance.""Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various email campaigns, pinpointing where they emanate from, and identifying the individuals within our organization who are affected.""The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance.""The initial setup was easy.""The product is not resource-intensive.""The email protection is excellent, especially in terms of anti-phishing policies."

More Microsoft Defender for Office 365 Pros →

"A simple, powerful AI solution that just does all the work for you when you turn it on.""The NDR is good in their solution and they have NTG for email.""The most valuable feature is the alerts. The alerts are meaningful. The event rolls up into meaningful and actionable alerts rather than just being noise.""The most valuable features of Darktrace are the tracing of unusual external emails and monitoring the local network.""Darktrace is very useful for us because it has a large number of models for detecting threats.""The models, triggers, and alerts are customizable.""The solution can scale.""I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it."

More Darktrace Pros →

"The product works well. Stability-wise, I rate the solution a ten out of ten.""The solution is very scalable in terms of the licensing model.""Very intuitive and easy to set up.""The solution is very stable and works very well for what I need it to do.""I like that it's a cloud-based solution.""Simple configuration and automatically syncs to the cloud platform.""Great coverage of all systems within our network from endpoint to firewall.""InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."

More Rapid7 InsightIDR Pros →

Cons
"We are always looking for others tools to increase automation on tasks. There can be better integration with other solutions, such as PowerPoint and email.""Microsoft Defender for Office 365 should improve the troubleshooting tools. It's unclear whether the device is blocked at the firewall level or at the device itself. The granularity needed for troubleshooting is currently lacking. From my perspective, Microsoft should address this issue to benefit many users who likely share the same sentiment.""Microsoft should provide more documentation for users so they can self-educate. I would like to see more documentation for advanced security features.""One area for improvement is support, in terms of being able to reach them and, especially, technical support for configuration.""Several simulation options are available within 365, and the phishing simulation could be better.""The visibility for the weaknesses in the system and unauthorized access can be improved.""There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types.""Microsoft Defender for Office 365 should be more proactive."

More Microsoft Defender for Office 365 Cons →

"The dashboard and reporting for this solution could be improved as it is currently complex. The GUI for this solution could also be improved.""I did not use the AI features because they should make it more user-friendly which would be a benefit. Additionally, the solution could integrate with more SIEM or SOAR tools.""One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent.""The solution can improve the reporting.""Darktrace requires numerous configurations. It would be beneficial if the configuration could be made simpler.""It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening.""Its threat analyzer could be better. It should also have agents. They should improve this product by installing agents for the machine to get more visibility. Currently, they are monitoring only the network. They should also monitor the agents from inside. It should also have a better pricing plan because it is an expensive product.""There aren't so many third-party vendor platforms natively integrated with the platform."

More Darktrace Cons →

"The product allows us to make only 30 custom rules.""Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps.""The solution's XDR agents cannot compete with the XDR solutions out there yet.""The integration capabilities of the solution have certain shortcomings where improvements are required.""The ability to tune the collector for custom logs would greatly help.""InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment.""The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources.""Lacks a mobile application."

More Rapid7 InsightIDR Cons →

Pricing and Cost Advice
  • "It's a user-base subscription."
  • "From the pricing point of view, like any other product in the market, there is scope for negotiation."
  • "Defender is a little bit more expensive as compared to others. We are in the manufacturing environment. So, we don't have a high budget for all of our endpoint devices. Its cost is a major concern for us."
  • "For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis."
  • "Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution."
  • "Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system."
  • "The solution saves money so we have seen a return on investment."
  • "Defender for 365 comes in various plans and licenses, along with other Microsoft security solutions. Purchasing this kind of package or security bundle gives good value for money, and that's what I recommend."

    • More Microsoft Defender for Office 365 Pricing and Cost Advice →

  • "It is inexpensive considering what it can do and the competition."
  • "The pricing is a little high compared to the competition."
  • "Our customers feel that the price of Darktrace is quite high compared to other solutions."
  • "The pricing is very flexible for Darktrace. Sometimes, a customer does not have the appropriate budget, but Darktrace can handle that. They offer monthly payments, so the customer can acquire the solution very easily."
  • "When it comes to large installations, it can be expensive, but for small accounts it's fine."
  • "It is a very expensive product."
  • "It is expensive. I don't have the price for other competitors."
  • "This solution is expensive."

    • More Darktrace Pricing and Cost Advice →

  • "​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
  • "The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
  • "Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
  • "​Accurately predict your licensing counts as this is a subscription based product.​"
  • "The pricing and licensing are competitive."
  • "Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
  • "It is a reasonably priced solution."
  • "It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."

    • More Rapid7 InsightIDR Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Email Security solutions are best for your needs.
    See Recommendations
    768,415 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft Defender for Office 365?
    Top Answer:Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various… more »
    Read all 32 answers   →
    What is your experience regarding pricing and costs for Microsoft Defende...
    Top Answer:The tool's pricing is reasonable.
    Read all 26 answers   →
    What needs improvement with Microsoft Defender for Office 365?
    Top Answer:The product must provide better malware detection. The detection algorithms don't perform the way I hope they would.
    Read all 27 answers   →
    How does Crowdstrike Falcon compare with Darktrace?
    Top Answer:Both of these products perform similarly and have many outstanding attributes CrowdStrike Falcon offers an amazing… more »
    Which is better - SentinelOne or Darktrace?
    Top Answer:Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is… more »
    Read all 7 answers   →
    What do you like most about Darktrace?
    Top Answer:A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet… more »
    Read all 44 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is… more »
    Read all 12 answers   →
    What do you like most about Rapid7 InsightIDR?
    Top Answer:During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its… more »
    Read all 20 answers   →
    What is your experience regarding pricing and costs for Rapid7 InsightIDR?
    Top Answer:We chose Rapid7 because of its price. IBM QRadar charges us based on data storage. Rapid7 InsightIDR charges us based on… more »
    Read all 17 answers   →
    Comparisons
    Also Known As
    MS Defender for Office 365
    InsightIDR
    Learn More
    Microsoft
    Darktrace
    Rapid7
    Overview

    Microsoft Defender for Office 365 is a comprehensive security solution designed to protect organizations against advanced threats in their email, collaboration, and productivity environments. It combines the power of Microsoft's threat intelligence, machine learning, and behavioral analytics to provide real-time protection against phishing, malware, ransomware, and other malicious attacks.

    With Microsoft Defender for Office 365, organizations can safeguard their email communication by detecting and blocking malicious links, attachments, and unsafe email content. It employs advanced anti-phishing capabilities to identify and prevent sophisticated phishing attacks that attempt to steal sensitive information or compromise user credentials.

    This solution also offers robust protection against malware and ransomware. It leverages machine learning algorithms to analyze email attachments and URLs in real-time, identifying and blocking malicious content before it reaches users' inboxes. Additionally, it provides advanced threat-hunting capabilities, allowing security teams to proactively investigate and respond to potential threats.

    Microsoft Defender for Office 365 goes beyond email protection and extends its security features to other collaboration tools like SharePoint, OneDrive, and Teams. It scans files and documents stored in these platforms, ensuring that they are free from malware and other malicious content. It also provides visibility into user activities, helping organizations detect and mitigate insider threats.

    Furthermore, this solution offers rich reporting and analytics capabilities, providing organizations with insights into their security posture and threat landscape. It enables security administrators to monitor and manage security incidents, track trends, and take proactive measures to enhance their overall security posture.

    Darktrace is a leading cybersecurity solution that leverages artificial intelligence and machine learning to provide advanced threat detection, response, and risk management capabilities. Many reviewers find Darktrace's AI and machine-learning capabilities to be valuable. They appreciate its ability to detect anomalies and threats that might go unnoticed by traditional security tools. Overall, the general sentiment towards Darktrace from reviewers is positive. Users seem to appreciate its scalability, stability, AI capabilities, visibility, and ease of use.

    Darktrace offers a proactive and intelligent approach to cybersecurity. It utilizes AI algorithms to learn and understand the 'pattern of life' for every user and device within a network. This understanding enables it to detect anomalies that could signify a cyber threat, from subtle insider threats to more obvious ransomware attacks.

    Its adaptability, autonomous response features, and comprehensive network visibility make it a top-tier solution for different sizes of organizations and across many industries. It was named one of TIME magazine’s ‘Most Influential Companies’ in 2021 and protects over 8,800 organizations globally from advanced cyber threats.

    Darktrace Cyber AI Loop

    The Darktrace Cyber AI Loop introduces an advanced artificial intelligence-based system for cybersecurity, designed to build a self-improving defense mechanism. This system functions like a closed loop, where each stage feeds information and insights into the next, amplifying the overall effectiveness of the platform.

    The key components of the loop are:

    • DETECT - An AI engine that monitors your network and endpoints for anomalous activity, constantly learning the normal behavior of your users and devices. It identifies suspicious patterns and potential threats in real-time, even from never-before-seen attacks.
    • PREVENT - This proactive arm analyzes vulnerabilities and identifies weaknesses in your IT infrastructure. It prioritizes patching and configuration changes to harden defenses before attackers can exploit those vulnerabilities.
    • RESPOND - When DETECT identifies a threat, RESPOND takes immediate action to contain and neutralize it. This can involve isolating compromised devices, disrupting attacker activity, and automatically escalating critical incidents to human analysts.
    • HEAL - This newest addition to the loop focuses on post-incident recovery. It automatically restores compromised systems, cleans infected files, and helps to prevent the attack from spreading further.

    Darktrace's AI algorithms can identify threats that traditional security tools might miss. It continuously learns and updates its understanding of what is normal for each environment, ensuring that it can quickly detect and respond to unusual activities that could indicate a breach. Darktrace's Antigena module can autonomously respond to threats in real time. This is particularly crucial in containing fast-moving threats like ransomware, where every second counts. 

      Darktrace's solution provides unparalleled visibility into all parts of the network, including cloud services, IoT devices, and industrial control systems. This comprehensive coverage ensures that no part of the network is left unprotected. However, while the Darktrace Cyber AI Loop offers a robust solution, it is not a complete cure-all and requires careful implementation and integration with existing security frameworks.Darktrace offers a comprehensive and unified approach to cybersecurity. It provides continuous protection against known and unknown threats, regardless of where they emerge. Darktrace's solutions provide visibility into your cloud infrastructure, continuous monitoring of application usage and communication patterns (e.g., identification of suspicious actions like unauthorized data access), comprehensive email security that goes beyond traditional spam and phishing filters, real-time protection for endpoints, and continuous monitoring of network traffic and device activity.

      Darktrace also provides specialized coverage to secure your zero-trust architecture. Identifies compromised identities, unauthorized access attempts, and risky data exfiltration within a least-privilege environment. Finally, it has a dedicated solution for safeguarding industrial control systems and critical infrastructure. Monitors communication patterns, device behavior, and physical access within OT environments, protecting against operational disruptions and cyberattacks.

      Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

      Sample Customers
      Microsoft Defender for Office 365 is trusted by companies such as Ithaca College.
      Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.
      Liberty Wines, Pioneer Telephone, Visier
      Top Industries
      REVIEWERS
      Computer Software Company16%
      Manufacturing Company16%
      Comms Service Provider13%
      Financial Services Firm6%
      VISITORS READING REVIEWS
      Computer Software Company17%
      Financial Services Firm9%
      Manufacturing Company7%
      Government7%
      REVIEWERS
      Financial Services Firm19%
      Computer Software Company13%
      Healthcare Company6%
      Manufacturing Company6%
      VISITORS READING REVIEWS
      Computer Software Company16%
      Financial Services Firm8%
      Government7%
      Comms Service Provider7%
      REVIEWERS
      Comms Service Provider21%
      Computer Software Company21%
      Non Tech Company14%
      Security Firm14%
      VISITORS READING REVIEWS
      Computer Software Company15%
      Manufacturing Company8%
      Financial Services Firm8%
      Government6%
      Company Size
      REVIEWERS
      Small Business42%
      Midsize Enterprise16%
      Large Enterprise42%
      VISITORS READING REVIEWS
      Small Business30%
      Midsize Enterprise19%
      Large Enterprise51%
      REVIEWERS
      Small Business51%
      Midsize Enterprise20%
      Large Enterprise29%
      VISITORS READING REVIEWS
      Small Business29%
      Midsize Enterprise19%
      Large Enterprise52%
      REVIEWERS
      Small Business61%
      Midsize Enterprise21%
      Large Enterprise18%
      VISITORS READING REVIEWS
      Small Business26%
      Midsize Enterprise20%
      Large Enterprise54%
      Buyer's Guide
      Email Security
      March 2024
      Download Free Report
      Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security. Updated: March 2024.
      DOWNLOAD NOW
      768,415 professionals have used our research since 2012.

      Darktrace is ranked 13th in Email Security with 65 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews. Darktrace is rated 8.2, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Trend Micro Deep Discovery, whereas Rapid7 InsightIDR is most compared with Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM, Microsoft Defender for Identity and IBM Security QRadar.

      We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.