We performed a comparison between Forescout Platform and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"The comprehensiveness of Microsoft's threat detection is good."
"The solution's implementation and operation are very easy."
"The most valuable features of ForeScout is the fact that it can do network access control either with 802.1x or without 802.1x."
"The visibility is the main benefit. We now know how many devices are connected, what the use for each device is and what kind of devices we have in our environment."
"The 802.1X compliance authentication feature of this solution is very good."
"Forescout Platform is stable, it is great."
"Forescout Platform provides multiple features. They have a very effective device fingerprinting in their cloud. You do not need to add any devices manually, such as in Mac devices. Other solutions you have to add IoT devices and OT devices manually. This is one of the major areas that Forescout Platform is excelling in."
"The most valuable features of the Forescout Platform are NAC for sharing, Network Access Control, and port sharing of the devices."
"Forescout has a feature that blocks the endpoint at the point of collection. It sets preconditions and will block the system if those aren't met."
"The solution's initial setup is easy."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"The support team is not competent or responsive."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"The support could be more knowledgable to improve their offering."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"The solution's customer support is bad and should be improved."
"Regarding pricing, there is room for improvement to enhance competitiveness with other vendors and solutions."
"Although Forescout manages endpoints and network devices, there is no capability for user management."
"Definitely, having more third-party integration would be an improvement."
"As a product, there is nothing to complain about. However, they should improve their overall support. You need that level of knowledge, that level of information is clearly not available. First and foremost, that information is not accessible. The second point to mention is that once you purchase the later support and services. That is, they will continue to charge you for every service."
"I believe that the overall user experience has not always been preferable."
"Forescout Platform needs to improve how the device works in preventing rogue servers."
"Forescout Platform could improve the integration or compatibility with other solutions, such as Chinese-made solutions. They do not have any integration with S33 which is a switch. They do not have good integration with new solutions in the market. They do integrate well with Rocket, Cisco, Juniper, and quite a few more but they could expand the integration."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"The dashboard is an area that could be simplified."
"I feel it would greatly benefit from more supported log sources."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"The product allows us to make only 30 custom rules."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."
Forescout Platform is ranked 12th in Extended Detection and Response (XDR) with 69 reviews while Rapid7 InsightIDR is ranked 13th in Extended Detection and Response (XDR) with 29 reviews. Forescout Platform is rated 8.4, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar. See our Forescout Platform vs. Rapid7 InsightIDR report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.