No more typing reviews! Try our Samantha, our new voice AI agent.

Kaspersky Next EDR Foundations vs Rapid7 InsightIDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 9, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Kaspersky Next EDR Foundations
Ranking in Endpoint Detection and Response (EDR)
27th
Average Rating
7.8
Reviews Sentiment
6.6
Number of Reviews
15
Ranking in other categories
Ransomware Protection (9th)
Rapid7 InsightIDR
Ranking in Endpoint Detection and Response (EDR)
47th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (25th), User Entity Behavior Analytics (UEBA) (11th), Threat Deception Platforms (6th), Extended Detection and Response (XDR) (28th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Kaspersky Next EDR Foundations is 0.9%, up from 0.5% compared to the previous year. The mindshare of Rapid7 InsightIDR is 1.2%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Kaspersky Next EDR Foundations0.9%
Rapid7 InsightIDR1.2%
Other94.3%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
HM
Cyber Security Manager at Greater Cairo Water Company (GCWC)
Centralized endpoint control has strengthened defense in depth across our distributed branches
When considering features or capabilities of Kaspersky Next EDR Foundations that I have found most valuable, it appears similar to other vendors, and I don't find a unique feature in it as it looks comparable to any other EDR solution. However, we purchased it because we have had Kaspersky Endpoint for 10 years, so it has fantastic integration between EDR and the endpoint. Additionally, Kaspersky is one of the famous leaders in endpoint protection in the world. The centralized management console of Kaspersky Next EDR Foundations has helped me streamline my security protocols significantly. This helps me a great deal because we are a large enterprise and we need centralization. It simplifies operations for us. We have many branches around Cairo, which is the capital of Egypt, and because we need centralization, we cannot perform our tasks without it.
SohailHyder - PeerSpot reviewer
Head Of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The biggest positive impact I see from Cortex XDR by Palo Alto Networks is a significant reduction in the number of people required to manage it."
"The most valuable for us is the correlation feature."
"Cortex XDR by Palo Alto Networks has helped lighten the load of our security analysts because it was the major tool that we were using and the one we utilized most."
"The solution's most valuable feature is the user interface."
"We use it for malicious connections from malicious websites, to identify payloads that might be inside the traffic, to identify malicious processes or bugs that are running on the network, and any activities that tend to lead to data infiltration."
"We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action."
"Cortex is the best tool for endpoint detection, and I have used it to verify hashes or domains to identify malicious activity, trigger playbooks that automate and gather endpoint logs, block malicious processes, and update incident tickets, showcasing end-to-end processes with automation in investigation and reducing the analysis workflow."
"Palo Alto is one of the tech vendors that always provides top-of-the-line products."
"In terms of software performance, it has been effective in providing good security."
"I find the EDR service valuable as it adds extra protection and provides a centralized view."
"The most valuable component of the solution is the malware detection feature."
"It is a powerful tool for zero-day attack prevention."
"The product works perfectly to prevent malware in our organization."
"Kaspersky Endpoint Security Cloud is a very good solution for endpoint protection."
"We had the cloud suite of KasperskyEndpoint Security Cloud, and its monitoring was fine."
"I would say that Kaspersky Endpoint Security Cloud is one of the best, very effective software because of its vulnerability assessment and threat assessments."
"The most valuable features have to do with ease-of-use, as it is easy to check the events, investigate suspicious activities, and do forensic analysis, and the web interface is great — very useful and user-friendly."
"The solution is very intuitive, it's easy to set up, is absolutely stable, and has a lot of integration with other security products."
"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."
"I've used other products such as QRadar and other SIEM solutions and I find this solution is much more simplified and user-friendly."
"The solution is very cost-effective because they are not charging based on the EPS but on the number of assets."
"Features for user behavior analytics and the rules for attack review are good."
"InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."
"It is a very stable solution."
 

Cons

"The solution needs better reports. I think they should let the customer go in and customize the reports."
"We have found that there are times Cortex XDR by Palo Alto Networks does not detect some of the viruses, we have to use another protection solution called Kaspersky."
"The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons."
"For working with the solution, you only really need a web browser, however, we've found that working on Chrome, for example, is horrible."
"There is a severe gap in functionality between Windows, Linux, and Mac versions. For example all folder restriction settings are Windows only. Traps 5.0+ does not have SAML / LDAP integration."
"The solution should add unwanted malicious hash values to a block list so that whenever the action is triggered, it will automatically prevent the malicious content."
"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint."
"There is also no recovery feature; if some endpoint is under attack there must be the possibility of recovering it or restoring it to a normal state."
"Certain shortcomings in the anti-ransomware part of the solution need improvement. XDR and MDR, along with threat hunting, a big step in cybersecurity today, need improvement."
"Sometimes, the tool consumes a lot of resources from the endpoints, making it an area of concern where improvements are required since it currently consumes a little bit of RAM."
"The tool's update management can be better. In future releases, the addition of a DLP module would be valuable."
"Its high CPU usage also slows down devices, particularly those with lower specifications like Core i3."
"Kaspersky doesn't provide local support."
"One area where the product could be improved is in its delivery and installation process."
"Kaspersky Next EDR Foundations could be improved if it depended more on artificial intelligence, as other vendors such as CrowdStrike do."
"It requires specific expertise or certified professionals to deploy the product. There is a need to expand the offerings to various industries covering different-sized businesses."
"The dashboard is an area that could be simplified. For management, it should be clear and the files should be there."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"I'd like to see a mobile application included and some feature related to the generality of segregation for internal users that access the application."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"The APIs can be further improved in Rapid7."
 

Pricing and Cost Advice

"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"I don't recall what the cost was, but it wasn't really that expensive."
"I am using the Community edition."
"Our customers have expressed that the price is high."
"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."
"The price of the product is not very economical."
"The product’s price is flexible."
"The pricing is favorable, and there are no additional expenses associated with using the product."
"Kaspersky Endpoint Security Cloud is a cost-effective solution."
"I find Kaspersky Endpoint Security Cloud more accessible in terms of pricing."
"The product is averagely priced."
"The solution is moderately priced and cannot be considered an expensive or cheap tool."
"We had to pay an annual licensing fee for KasperskyEndpoint Security Cloud."
"The platform is expensive."
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"The solution has a mid-range price point in the market"
"Rapid7 InsightIDR is priced very well and is cost-effective."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"It is a reasonably priced solution."
"The pricing is good, and it is not very expensive."
"It is more reasonably priced than other vendors."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Comms Service Provider
15%
Construction Company
10%
Financial Services Firm
10%
Outsourcing Company
7%
Manufacturing Company
9%
Financial Services Firm
9%
Computer Software Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise3
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise5
Large Enterprise6
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What needs improvement with KasperskyEndpoint Security Cloud?
Kaspersky Next EDR Foundations could be improved if it depended more on artificial intelligence, as other vendors suc...
What is your primary use case for KasperskyEndpoint Security Cloud?
I use Kaspersky Next EDR Foundations for endpoint detection and response.
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is a...
What needs improvement with Rapid7 InsightIDR?
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as ...
What is your primary use case for Rapid7 InsightIDR?
I am working with Rapid7 InsightOps and Rapid7 InsightIDR because the requirement is as such from the customer side, ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
InsightIDR
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about Kaspersky Next EDR Foundations vs. Rapid7 InsightIDR and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.