No more typing reviews! Try our Samantha, our new voice AI agent.

Kaspersky Next XDR Optimum vs Rapid7 InsightIDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 9, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Kaspersky Next XDR Optimum
Ranking in Endpoint Detection and Response (EDR)
21st
Ranking in Extended Detection and Response (XDR)
14th
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
124
Ranking in other categories
Endpoint Protection Platform (EPP) (11th), Endpoint Compliance (5th)
Rapid7 InsightIDR
Ranking in Endpoint Detection and Response (EDR)
47th
Ranking in Extended Detection and Response (XDR)
28th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (25th), User Entity Behavior Analytics (UEBA) (11th), Threat Deception Platforms (6th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Kaspersky Next XDR Optimum is 1.8%, down from 2.8% compared to the previous year. The mindshare of Rapid7 InsightIDR is 1.2%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Kaspersky Next XDR Optimum1.8%
Rapid7 InsightIDR1.2%
Other93.4%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
SR
Group CIO at Thal Industries Corporation Ltd
Have maintained strong endpoint protection through behavioral analysis and daily monitoring
I previously mentioned that Kaspersky Endpoint Security for Business doesn't have built-in DLP, which was a concern. I think they could add it in the future; however, antivirus cannot provide a proper DLP solution, but they can offer a mix of DLP, similar to Trend Micro Apex One, which provides some sort of DLP file management. Nonetheless, we need a proper DLP solution such as Forcepoint or Symantec, whichever suits us. We'll be conducting performance evaluation in the next quarter while working on other projects. More value means a better GUI, user interface, and comprehensive reporting capabilities. In Sophos, we receive a daily system-generated report about what is happening, plus an alert system. The reporting system in Trend Micro is also excellent; I receive an email every day at 10:00 AM with a report for the last 24 hours.
SohailHyder - PeerSpot reviewer
Head Of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The positive impacts I see from Cortex XDR by Palo Alto Networks include a complete 360-degree view of our security posture altogether, being a uniform platform where we are ingesting logs from multiple resources."
"Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about."
"Cortex XDR is stable, offering high quality and reliable performance."
"Traps pays for itself within the first 16 months of a three-year subscription."
"Cortex XDR is a very capable solution for protecting large networks and a lot of endpoints. It's very useful because the automation is very high, and if you combine it with the features on Palo Alto firewalls, it provides very strong protection."
"We can visualize and control the activities in the environment from anywhere."
"After installing this solution, it identified, blocked, and provided the complete attack chain, which was very helpful."
"I have found the solution to be very easy in respect of the integration and configurable."
"Kaspersky protects our company from ransomware attacks; we have multiple sites across the country, including the principal headquarters and different towns, and we can see any viruses that are in the network and take action."
"The initial setup is very simple."
"It has helped our company protect the confidential data of our customers."
"Using dashboards, it is very easy to manage."
"Kaspersky is the best, one of the top three in the world, and I would definitely recommend it to others who are considering implementation."
"Kaspersky Endpoint Security for Business has models that provide more security than other solutions"
"The interface is friendly."
"It helps minimize breach of data and stabilize our network."
"This is a great product and the team is very willing to work with companies."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
"I like that it's a cloud-based solution."
"The UI is very good."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"The solution is very cost-effective because they are not charging based on the EPS but on the number of assets."
"Features for user behavior analytics and the rules for attack review are good."
 

Cons

"The negative aspect I see is the economic model used by Palo Alto."
"Limited remote connection."
"In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex."
"The encryption is not up to the mark."
"The dashboard could use some significant improvement, just making it more useful with more information. It has a limited amount of information right now. It is customizable, but I'd love to see a better out-of-box dashboard."
"The connection to the internet has not performed as expected."
"There's an overall lack of features."
"Managing the product should be easier."
"The performance level could be better."
"Areas for improvement include signature update management and selecting the respective features on the endpoint side."
"We are having some troubles because some American companies we work with don't want to work with Kaspersky."
"The admin console must be a little bit easier."
"From time to time, some users loose connection via the Network Agent."
"We need a more complete Mobile Device Management (MDM) system."
"The GUI of the product is too basic, making it an area where improvements are required."
"The reports aren't so good. To make it a perfect ten they should improve the reports and web interface."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"Needs a better ability to customize the check within the console."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses.​"
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
 

Pricing and Cost Advice

"The pricing is a little high. It is per user per year."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"This is an expensive solution."
"The pricing is okay, although direct support can be expensive."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"The price of the product is not very economical."
"It has reasonable pricing for the use cases it provides to the company."
"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"Pricing is very competitive and licensing is very much ethical."
"Licensing fees are paid on a yearly basis."
"We have approximately 700 licenses for this solution and we pay annually."
"We have an annual license and there is a fee per device used. The price is fair compared to the latest EDR solution."
"It's an affordable security solution."
"Licensing fees are paid on a yearly basis."
"I think the price of this solution is good."
"The licensing is fine, and it is well within reasonable rates."
"It is more reasonably priced than other vendors."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"Rapid7 InsightIDR is priced very well and is cost-effective."
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
903,871 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
11%
Comms Service Provider
9%
Construction Company
9%
Manufacturing Company
9%
Financial Services Firm
8%
Comms Service Provider
7%
Manufacturing Company
9%
Financial Services Firm
9%
Computer Software Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business63
Midsize Enterprise27
Large Enterprise33
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise5
Large Enterprise6
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What needs improvement with Kaspersky Endpoint Security?
Kaspersky Endpoint Security for Business does not have encryption tools. It uses the Windows BitLocker tool, which is...
What is your experience regarding pricing and costs for Kaspersky Endpoint Security for Business?
The pricing and licensing cost of Kaspersky Endpoint Security is cheaper compared to Trend Micro.
What is your primary use case for Kaspersky Endpoint Security for Business?
I have good experience in the sales part of Kaspersky Endpoint Security for Business, not the technical side. I am no...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is a...
What needs improvement with Rapid7 InsightIDR?
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as ...
What is your primary use case for Rapid7 InsightIDR?
I am working with Rapid7 InsightOps and Rapid7 InsightIDR because the requirement is as such from the customer side, ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Kaspersky Work Space Security, Kaspersky Endpoint Security
InsightIDR
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
ACMS, Arqiva, Pakistan International Airlines, RAO UES
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about Kaspersky Next XDR Optimum vs. Rapid7 InsightIDR and other solutions. Updated: June 2026.
903,871 professionals have used our research since 2012.