No more typing reviews! Try our Samantha, our new voice AI agent.

Kaspersky Next EDR Foundations vs Rapid7 InsightIDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 9, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Kaspersky Next EDR Foundations
Ranking in Endpoint Detection and Response (EDR)
27th
Average Rating
7.8
Reviews Sentiment
6.6
Number of Reviews
15
Ranking in other categories
Ransomware Protection (9th)
Rapid7 InsightIDR
Ranking in Endpoint Detection and Response (EDR)
47th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (25th), User Entity Behavior Analytics (UEBA) (11th), Threat Deception Platforms (6th), Extended Detection and Response (XDR) (28th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Kaspersky Next EDR Foundations is 0.9%, up from 0.5% compared to the previous year. The mindshare of Rapid7 InsightIDR is 1.2%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Kaspersky Next EDR Foundations0.9%
Rapid7 InsightIDR1.2%
Other94.3%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
HM
Cyber Security Manager at Greater Cairo Water Company (GCWC)
Centralized endpoint control has strengthened defense in depth across our distributed branches
When considering features or capabilities of Kaspersky Next EDR Foundations that I have found most valuable, it appears similar to other vendors, and I don't find a unique feature in it as it looks comparable to any other EDR solution. However, we purchased it because we have had Kaspersky Endpoint for 10 years, so it has fantastic integration between EDR and the endpoint. Additionally, Kaspersky is one of the famous leaders in endpoint protection in the world. The centralized management console of Kaspersky Next EDR Foundations has helped me streamline my security protocols significantly. This helps me a great deal because we are a large enterprise and we need centralization. It simplifies operations for us. We have many branches around Cairo, which is the capital of Egypt, and because we need centralization, we cannot perform our tasks without it.
SohailHyder - PeerSpot reviewer
Head Of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cortex XDR by Palo Alto Networks saves time in various ways, although the user interface is fairly standard."
"The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past."
"The tool is designed to scale for large enterprises and handle large volumes of data."
"The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical."
"The solution allows us to gain remote access without the user's knowledge and take the necessary actions on the device."
"The tool is easy to use."
"Its interface and pricing are most valuable, and it is better than other vendors in terms of security."
"The product's initial setup phase is very easy."
"I find the EDR service valuable as it adds extra protection and provides a centralized view."
"We had the cloud suite of KasperskyEndpoint Security Cloud, and its monitoring was fine."
"The standout features of Kaspersky Endpoint Security Cloud include its cloud-based console and the simplicity of managing endpoints."
"All features in Kaspersky Endpoint Security Cloud are perfect, and I am interested in working with Kaspersky Endpoint Security Cloud."
"Kaspersky Endpoint Security Cloud is a very good solution for endpoint protection."
"It is a powerful tool for zero-day attack prevention."
"The product works perfectly to prevent malware in our organization."
"In Kaspersky Endpoint Security Cloud, anti-phishing and anti-malware are two very powerful aspects."
"I like the tool's user analysis feature."
"I like that it's a cloud-based solution."
"Previously, when something happened, such as when a hacker was attacking one of our customers, we were always behind, or we did not know that we were hacked until the ransomware started, but with the Rapid7 solution, at every step, we could online see what a person was doing, and we could prevent ransomware."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."
"Log search allows us to dive deep into aggregated logs and query all event types at once.​"
"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."
 

Cons

"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
"There are some third-party solutions that are difficult to integrate with, which is something that can be improved."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
"I would like to see improvement in the tool's user interface, particularly in the area of managing alerts and providing more reporting capabilities."
"To jump from the partner to Palo Alto directly was challenging."
"The solution should force customers to integrate with network traffic to see the full benefits of XDR."
"There's an overall lack of features."
"However, if you do not have Palo Alto in your environment, you are paying these additional services just for Cortex XDR by Palo Alto Networks, so it is not a cost-effective solution."
"While the product provides a good level of protection, we need better support, especially in terms of being kept informed about new threats and specific configurations needed."
"Kaspersky's cloud solution should be improved because the on-premises features are unavailable in the cloud."
"Its high CPU usage also slows down devices, particularly those with lower specifications like Core i3."
"Kaspersky doesn't provide local support."
"Recently, there was a company which was attacked by phishing emails, and out of 10, it was only blocking three emails."
"One area where the product could be improved is in its delivery and installation process."
"The tool's update management can be better. In future releases, the addition of a DLP module would be valuable."
"Certain shortcomings in the anti-ransomware part of the solution need improvement. XDR and MDR, along with threat hunting, a big step in cybersecurity today, need improvement."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"Needs a better ability to customize the check within the console."
"The APIs can be further improved in Rapid7."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"The ability to tune the collector for custom logs would greatly help."
"Rapid7's customer support is awful. They didn't respond at all."
 

Pricing and Cost Advice

"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"The cost depends on your chosen license type, like Pro or other licenses."
"The price of the product is not very economical."
"The pricing is a little bit on the expensive side."
"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month."
"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
"The solution is moderately priced and cannot be considered an expensive or cheap tool."
"The solution is reasonably priced."
"The platform is expensive."
"The pricing is favorable, and there are no additional expenses associated with using the product."
"The product’s price is flexible."
"Kaspersky Endpoint Security Cloud is a cost-effective solution."
"We had to pay an annual licensing fee for KasperskyEndpoint Security Cloud."
"I find Kaspersky Endpoint Security Cloud more accessible in terms of pricing."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"Rapid7 InsightIDR is priced very well and is cost-effective."
"Rapid7 InsightIDR charges us based on the endpoints we connect to."
"It is more reasonably priced than other vendors."
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
"The pricing is good, and it is not very expensive."
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Comms Service Provider
15%
Construction Company
10%
Financial Services Firm
10%
Outsourcing Company
7%
Manufacturing Company
9%
Financial Services Firm
9%
Computer Software Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise3
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise5
Large Enterprise6
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What needs improvement with KasperskyEndpoint Security Cloud?
Kaspersky Next EDR Foundations could be improved if it depended more on artificial intelligence, as other vendors suc...
What is your primary use case for KasperskyEndpoint Security Cloud?
I use Kaspersky Next EDR Foundations for endpoint detection and response.
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is a...
What needs improvement with Rapid7 InsightIDR?
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as ...
What is your primary use case for Rapid7 InsightIDR?
I am working with Rapid7 InsightOps and Rapid7 InsightIDR because the requirement is as such from the customer side, ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
InsightIDR
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about Kaspersky Next EDR Foundations vs. Rapid7 InsightIDR and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.