We performed a comparison between Intercept X Endpoint and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"The most valuable feature is the network security."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"The most valuable feature is the anti-ransomware capability. It's been helpful because we have been seeing a lot of information around what the ransomware hit."
"It is not just a simple virus scanning product. It handles more advanced needs."
"Synchronization with the firewall is most valuable."
"The solution has very good usability."
"Very stable solution."
"The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer."
"The solution is overall quite good, the services are performing well. It is very good for those who are using standard PC configurations. It does not block their system up by taking up a lot of resources."
"It does its job — it protects us from viruses. We don't really interact with it very much."
"Log search allows us to dive deep into aggregated logs and query all event types at once."
"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"InsightIDR helps us investigate an environment to discover information about incidents."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"Very intuitive and easy to set up."
"I like the tool's user analysis feature."
"There could be a way to proactively monitor unusual activity ."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The logs could be better."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"It has a performance hit on a local laptop. There's an agent installed and we are bothered a lot by it because it seems to be using a lot of computer resources."
"The pricing could be a bit lower to match the normal retail pricing."
"If we can lower the price, it will be fantastic because it will generate more revenue for us."
"It's a challenge to do system maintenance work on a notebook. You always have to disable Sophos first."
"It should offer better security updates."
"The price of this solution can be improved."
"I recommend that Intercept X Endpoint should include a patch assessment feature. Various vendors offer virtual patching solutions, which could be a game-changer, especially for the financial sector where frequent service restarts are challenging. These solutions allow patching servers without the need for restarts. Incorporating these features into Intercept X Endpoint would enhance its effectiveness in securing endpoints and servers."
"The cloud management console could be a little more user-friendly."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"Needs a better ability to customize the check within the console."
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"The main problem lies in the processes within the client's operating systems."
"They should add more configuration and security features to it."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
Intercept X Endpoint is ranked 4th in Endpoint Detection and Response (EDR) with 101 reviews while Rapid7 InsightIDR is ranked 21st in Endpoint Detection and Response (EDR) with 29 reviews. Intercept X Endpoint is rated 8.4, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar. See our Intercept X Endpoint vs. Rapid7 InsightIDR report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.