No more typing reviews! Try our Samantha, our new voice AI agent.

ExtraHop Reveal(x) 360 vs Rapid7 InsightIDR comparison

ExtraHop Networks and Rapid7 are both solutions in the Extended Detection and Response (XDR) category. ExtraHop Networks is ranked #39, while Rapid7 is ranked #20 with an average rating of 7.8. ExtraHop Networks holds a 0.9% mindshare in XDR, compared to Rapid7’s 2.1% mindshare. Additionally, 100% of ExtraHop Networks users are willing to recommend the solution, compared to 96% of Rapid7 users who would recommend it.
Sponsored
Cortex XDR by Palo Alto Net...
Read 108 Cortex XDR by Palo Alto Networks reviews
  • 14,649 Views
  • 6,006 Comparison Views
96% willing to recommend
ExtraHop Reveal(x) 360
Read 3 ExtraHop Reveal(x) 360 reviews
  • 1,550 Views
  • 698 Comparison Views
100% willing to recommend
Rapid7 InsightIDR
Read 32 Rapid7 InsightIDR reviews
  • 7,072 Views
  • 2,263 Comparison Views
96% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

Rapid7 InsightIDR and ExtraHop Reveal(x) 360 are in the security analytics market. Users appear more satisfied with ExtraHop Reveal(x) 360's features, while Rapid7 InsightIDR is preferred for pricing and support.

Features: Rapid7 InsightIDR offers comprehensive threat detection, effective incident response capabilities, and insights into potential risks. ExtraHop Reveal(x) 360 provides real-time network traffic analysis, advanced network visibility, and is essential for in-depth threat investigation.

Room for Improvement: Rapid7 InsightIDR could improve integration of threat intelligence feeds, reporting customization, and user interface navigation. ExtraHop Reveal(x) 360 users seek more efficient alert setup, better dashboard customization, and enhanced user onboarding.

Ease of Deployment and Customer Service: Rapid7 InsightIDR is known for straightforward deployment and responsive customer service, fitting various organizational needs. ExtraHop Reveal(x) 360 requires more complex initial setup but benefits from knowledgeable support staff.

Pricing and ROI: Rapid7 InsightIDR is favored for its cost-effective setup, offering good ROI through its security solutions. ExtraHop Reveal(x) 360, though more costly, justifies its price with superior network traffic analysis and long-term value.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ExtraHop Reveal(x) 360 vs. Rapid7 InsightIDR Report (Updated: February 2026).
Buyer's Guide
ExtraHop Reveal(x) 360 vs. Rapid7 InsightIDR
February 2026
Download the complete report
Helped 885,311 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Extended Detection and Response (XDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
108
Ranking in other categories
Endpoint Protection Platform (EPP) (5th), Endpoint Detection and Response (EDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (2nd)
ExtraHop Reveal(x) 360
Ranking in Extended Detection and Response (XDR)
39th
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
3
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (24th), Container Security (49th), Network Traffic Analysis (NTA) (13th)
Rapid7 InsightIDR
Ranking in Extended Detection and Response (XDR)
20th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (21st), User Entity Behavior Analytics (UEBA) (10th), Endpoint Detection and Response (EDR) (34th), Threat Deception Platforms (8th)
 

Mindshare comparison

As of March 2026, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.9%, down from 5.6% compared to the previous year. The mindshare of ExtraHop Reveal(x) 360 is 0.9%, up from 0.3% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.1%, down from 2.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks4.9%
Rapid7 InsightIDR2.1%
ExtraHop Reveal(x) 3600.9%
Other92.1%
Extended Detection and Response (XDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
ABHISHEK_SINGH
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Read full review
Maksym Toporkov - PeerSpot reviewer
Maksym Toporkov
Head of Research And Development at Quipu GmbH
A competitive choice for network detection and response with exceptional user interface, ease of implementation and minimal false positives
The NDR feature analyzes network traffic, creating records with connection details. While these records offer insights, there's a limitation in investigating payloads directly. ExtraHop provides an option for an additional server to save payloads, but its temporary storage has constraints. Unlike some competitors, it lacks an automatic payload-saving feature for each detection, presenting an improvement opportunity. Suggested enhancement involves the main sensor prompting payload storage for specific detections, streamlining the investigation process, and contributing to a more efficient workflow. A drawback includes packet storage limitations for payload data, necessitating timely extraction for thorough investigations.
Read full review
SohailHyder - PeerSpot reviewer
SohailHyder
Head Of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution's most valuable feature is its ability to rapidly detect certain hardware files."
"Has great threat detection capabilities."
"Previously, we had to install endpoint protection per machine and then scan and update, but Cortex XDR basically does that centrally and predictably, so we have more time to do day-to-day work rather than spend time chasing those endpoints."
"The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past."
"The anti-exploit is impenetrable."
"If you are looking to deploy a security solution as a whole, this is a good option."
"Cortex is a very good total solution on the endpoints."
"It detected stuff that other things wouldn't detect."
More Cortex XDR by Palo Alto Networks pros
"It is scalable."
"It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false positives, and the ability to handle encrypted traffic, making it a valuable asset for network security and management."
"Their technical support is more effective and of better quality than other competitors."
"It is very easy to collect and handle data in ExtraHop Reveal(X) Cloud. Integration with Big Data is also easy. Many of our customers integrate it with Big Data platforms like Splunk or Elastic. It is also easy to handle and easy to understand."
"InsightIDR helps us investigate an environment to discover information about incidents."
"It improved my organization by building a security alerting program."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"Great coverage of all systems within our network from endpoint to firewall."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
"​​User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."
"The alerting to drive investigations and remediation has been its most valuable feature, plus the ability to quickly search multiple logs makes investigations easier."
More Rapid7 InsightIDR pros
 

Cons

"Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console."
"Cortex does not offer an on-premises solution. However, some customers would prefer not to be on the cloud. It would be ideal if it could offer something on-prem as well."
"Technology evolves every day, so it would be nice if it gets more secure. It can also have more integration with other platforms."
"Additionally, I think the price is very high, and if it can be adjusted, I believe it will be a very good solution."
"The GUI could be improved. It's a little bit cumbersome. It could be more user-friendly."
"I would like to see some additional features related to email protection included."
"I would like to see better protection, specifically to protect email applications."
"It is not easy to sell Cortex XDR, not because it isn't a good tool."
More Cortex XDR by Palo Alto Networks cons
"A drawback includes bucket storage limitations for payload data, necessitating timely extraction for thorough investigations."
"They can include integration with SAP. Currently, no vendor provides network performance monitoring in the SAP market. It is a very big market. We have around 400 customers for SAP in Korea. In the USA, there are more than 10,000 customers."
"Their professional service can be improved."
"There needs to be more support."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses.​"
"The main problem lies in the processes within the client's operating systems."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"The product allows us to make only 30 custom rules."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"I'd like to see a mobile application included and some feature related to the generality of segregation for internal users that access the application."
More Rapid7 InsightIDR cons
 

Pricing and Cost Advice

"I am using the Community edition."
"When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"The solution is expensive. It's pricing is on a yearly-basis."
"Cortex XDR’s pricing is very reasonable."
"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"Very costly product."
More Cortex XDR by Palo Alto Networks pricing and cost advice
"When compared to other solutions, it aligns with the market average, indicating a competitive pricing level."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"It is more reasonably priced than other vendors."
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
"The solution has a mid-range price point in the market"
More Rapid7 InsightIDR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
See recommendations
885,311 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
13%
Manufacturing Company
8%
Computer Software Company
8%
Financial Services Firm
8%
Construction Company
10%
Financial Services Firm
9%
Comms Service Provider
8%
Computer Software Company
8%
Computer Software Company
10%
Financial Services Firm
9%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise20
Large Enterprise47
No data available
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise5
Large Enterprise6
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
See all answers
Ask a question
Earn 20 points
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is a...
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightIDR?
The product pricing is very cheap.
See all answers
What needs improvement with Rapid7 InsightIDR?
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as ...
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 9% of the time
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Compared 6% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks
Compared 3% of the time
More Cortex XDR by Palo Alto Networks Competitors
Vectra AI vs ExtraHop Reveal(x) 360 Logo
Vectra AI vs ExtraHop Reveal(x) 360
Compared 11% of the time
Fortinet FortiGate vs ExtraHop Reveal(x) 360 Logo
Fortinet FortiGate vs ExtraHop Reveal(x) 360
Compared 9% of the time
ExtraHop Reveal(x) vs ExtraHop Reveal(x) 360 Logo
ExtraHop Reveal(x) vs ExtraHop Reveal(x) 360
Compared 8% of the time
NetWitness NDR vs ExtraHop Reveal(x) 360 Logo
NetWitness NDR vs ExtraHop Reveal(x) 360
Compared 7% of the time
SentinelOne Singularity Complete vs ExtraHop Reveal(x) 360 Logo
SentinelOne Singularity Complete vs ExtraHop Reveal(x) 360
Compared 4% of the time
More ExtraHop Reveal(x) 360 Competitors
Splunk Enterprise Security vs Rapid7 InsightIDR Logo
Splunk Enterprise Security vs Rapid7 InsightIDR
Compared 5% of the time
Microsoft Sentinel vs Rapid7 InsightIDR Logo
Microsoft Sentinel vs Rapid7 InsightIDR
Compared 5% of the time
Rapid7 InsightVM vs Rapid7 InsightIDR Logo
Rapid7 InsightVM vs Rapid7 InsightIDR
Compared 4% of the time
CrowdStrike Falcon vs Rapid7 InsightIDR Logo
CrowdStrike Falcon vs Rapid7 InsightIDR
Compared 4% of the time
Darktrace vs Rapid7 InsightIDR Logo
Darktrace vs Rapid7 InsightIDR
Compared 3% of the time
More Rapid7 InsightIDR Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2026
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Intrusion Detection and Prevention Software (IDPS)
February 2026
ExtraHop Reveal(x) 360 reportDownload ExtraHop Reveal(x) 360 product report
Buyer's Guide
Rapid7 InsightIDR
March 2026
Rapid7 InsightIDR reportDownload Rapid7 InsightIDR product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
ExtraHop Reveal(X) Cloud, Reveal(X) Cloud
InsightIDR
 

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?
  • Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
  • Multi-layered Security: Combines various security measures for comprehensive protection.
  • Endpoint Protection: Safeguards against malware and exploits.
  • Behavioral Analysis: Monitors suspicious activity for early detection.
  • Automatic Threat Response: Automates responses to neutralize threats.
What benefits should users expect?
  • Ease of Use: Simplifies security management with intuitive design.
  • Resource Efficiency: Minimizes impact on system resources.
  • Integration Capabilities: Works well with existing security setups.
  • Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

Cloud is where your business operates, where it innovates, how it enables employees, and how it connects with customers. Adversaries know this, and that's why attacks against cloud assets in IaaS, PaaS, and SaaS environments are increasing. With Reveal(x) 360, you can mitigate the blast radius of advanced threats like ransomware and supply chain attacks with unified security across multicloud and hybrid environments in a single management pane.

ExtraHop Networks

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7
 

Sample Customers

CBI Health Group, University Honda, VakifBank
Wizards of the Coast
Liberty Wines, Pioneer Telephone, Visier
Buyer's Guide
ExtraHop Reveal(x) 360 vs. Rapid7 InsightIDR
February 2026
Free Report: ExtraHop Reveal(x) 360 vs. Rapid7 InsightIDR
Find out what your peers are saying about ExtraHop Reveal(x) 360 vs. Rapid7 InsightIDR and other solutions. Updated: February 2026.
DOWNLOAD NOW
885,311 professionals have used our research since 2012.
See our ExtraHop Reveal(x) 360 vs. Rapid7 InsightIDR report.
See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.