Try our new research platform with insights from 80,000+ expert users

Microsoft ATA [EOL] vs Rapid7 InsightIDR comparison

Microsoft and Rapid7 are both solutions in the User Entity Behavior Analytics (UEBA) category. Additionally, 50% of Microsoft users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.
Microsoft ATA [EOL]
Read 3 Microsoft ATA [EOL] reviews
    50% willing to recommend
    Rapid7 InsightIDR
    Read 32 Rapid7 InsightIDR reviews
    • 7,194 Views
    • 1,007 Comparison Views
    95% willing to recommend
     

    Comparison Buyer's Guide

    Download the report
    Executive Summary
    We performed a comparison between Microsoft ATA [EOL] and Rapid7 InsightIDR based on real PeerSpot user reviews.

    Find out what your peers are saying about IBM, Exabeam, Cynet and others in User Entity Behavior Analytics (UEBA).

    DOWNLOAD THE COMPLETE REPORT
    To learn more, read our detailed User Entity Behavior Analytics (UEBA) Report (Updated: August 2025).
    Buyer's Guide
    User Entity Behavior Analytics (UEBA)
    August 2025
    Download the complete report
    Helped 867,445 peers since 2012

    Review summaries and opinions

    We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
     

    Categories and Ranking

    Microsoft ATA [EOL]
    Average Rating
    6.6
    Number of Reviews
    3
    Ranking in other categories
    No ranking in other categories
    Rapid7 InsightIDR
    Average Rating
    8.4
    Reviews Sentiment
    7.4
    Number of Reviews
    32
    Ranking in other categories
    Security Information and Event Management (SIEM) (14th), User Entity Behavior Analytics (UEBA) (5th), Endpoint Detection and Response (EDR) (25th), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (16th)
     

    Featured Reviews

    it_user1369068 - PeerSpot reviewer
    Good integration, simple to maintain, and very stable
    Scalability shouldn't be a problem, at least for the size of network team that I work with. Right now we have between 400 and 500 users. This is deployed in a network that is actually about 500 users. We don't plan to increase usage. We're already using it as fully as we can and we don't have any more room. We might look at all the Microsoft programs that relate to office 365, like the ATP, because there is a difference between the ATA and the ATP. We are going to look and see whether there's any gaps that we can close. I think if you compare ATA with the actual ATP it's basically the same functionality. One is more on-premises versus the cloud. Since we are progressively in moving to the cloud, we might look at the ATP, which integrates better with the Microsoft cloud.
    Read full review
    Asim Naeem - PeerSpot reviewer
    Providing comprehensive insight into alerts while working towards AI enhancement
    I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.
    Read full review

    Quotes from Members

    We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
     

    Pros

    "The stability of the solution is very good."
    "One of the most valuable features is the ability to report on questionable activity."
    "The solution works well when used with other Microsoft solutions."
    "The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
    "The platform offers unlimited storage and agent-based solutions."
    "The ability to ingest Office 365 log files, then process them into events and display them on a map."
    "The alerting to drive investigations and remediation has been its most valuable feature.​"
    "The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
    "​​User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
    "It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."
    "I rate Rapid7 nine out of 10 for affordability"
    More Rapid7 InsightIDR pros
     

    Cons

    "Some of the newer features are not completely there yet... For example, there's a tool that allows you to grade your overall internal security and I don't feel that it's completely accurate."
    "It would be ideal if the interface allowed for more granular configurations. For example, if I were to set a rule that is a deviation from the pre-defined rules in the Microsoft product, there's conflict."
    "There are occasions where it generates some false positives and you have to embark into figuring it out. You need to find out if it was a true alert or a false positive. It's a little bit cumbersome in that area."
    "One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
    "Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
    "The dashboard is an area that could be simplified."
    "Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
    "They should add more configuration and security features to it."
    "The solution's XDR agents cannot compete with the XDR solutions out there yet."
    "Lacks a mobile application."
    "Needs a better ability to customize the check within the console."
    More Rapid7 InsightIDR cons
     

    Pricing and Cost Advice

    "I believe we are looking into new licenses. They may be called the E5. Honestly, I don't have it on top of my mind, but I think it's around seven to $10 a user per month."
    "Rapid7 InsightIDR's pricing is reasonable."
    "I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
    "Rapid7 InsightIDR is priced very well and is cost-effective."
    "Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
    "It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
    "Rapid7 InsightIDR charges us based on the endpoints we connect to."
    "​Accurately predict your licensing counts as this is a subscription based product.​"
    "​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
    More Rapid7 InsightIDR pricing and cost advice
    report
    See which vendors are best for you
    Use our free recommendation engine to learn which User Entity Behavior Analytics (UEBA) solutions are best for your needs.
    See recommendations
    867,445 professionals have used our research since 2012.
     

    Top Industries

    By visitors reading reviews
    No data available
    Computer Software Company
    14%
    Manufacturing Company
    8%
    Financial Services Firm
    7%
    Government
    7%
     

    Company Size

    By reviewers
    Large Enterprise
    Midsize Enterprise
    Small Business
    No data available
    By reviewers
    Company SizeCount
    Small Business20
    Midsize Enterprise5
    Large Enterprise6
     

    Questions from the Community

    Ask a question
    Earn 20 points
    What SOC product do you recommend?
    For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
    See all answers
    What do you like most about Rapid7 InsightIDR?
    During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
    See all answers
    What is your experience regarding pricing and costs for Rapid7 InsightIDR?
    The product pricing is very cheap.
    See all answers
     

    Comparisons

    No data available
    Darktrace vs Rapid7 InsightIDR Logo
    Darktrace vs Rapid7 InsightIDR
    Compared 8% of the time
    Rapid7 InsightVM vs Rapid7 InsightIDR Logo
    Rapid7 InsightVM vs Rapid7 InsightIDR
    Compared 8% of the time
    Microsoft Sentinel vs Rapid7 InsightIDR Logo
    Microsoft Sentinel vs Rapid7 InsightIDR
    Compared 8% of the time
    CrowdStrike Falcon vs Rapid7 InsightIDR Logo
    CrowdStrike Falcon vs Rapid7 InsightIDR
    Compared 5% of the time
    Splunk Enterprise Security vs Rapid7 InsightIDR Logo
    Splunk Enterprise Security vs Rapid7 InsightIDR
    Compared 5% of the time
    More Rapid7 InsightIDR Competitors
     

    Product Reports

    Buyer's Guide
    User Entity Behavior Analytics (UEBA)
    August 2025
    Microsoft ATA [EOL] reportDownload Microsoft ATA [EOL] product report
    Buyer's Guide
    Rapid7 InsightIDR
    August 2025
    Rapid7 InsightIDR reportDownload Rapid7 InsightIDR product report
     

    Also Known As

    Microsoft Advanced Threat Analytics, MS ATA [EOL]
    InsightIDR
     

    Overview

    Microsoft Advanced Threat Analytics (ATA) provides a simple and fast way to understand what is happening within your network by identifying suspicious user and device activity with built-in intelligence and providing clear and relevant threat information on a simple attack timeline. Microsoft ATA is an on-premises platform to help you protect your enterprise from advanced targeted attacks by automatically analyzing, learning, and identifying normal and abnormal entity (user, devices, and resources) behavior. It detects suspicious activities and malicious attacks with behavioral analytics, adapts to the changing nature of cyber-security threats, focuses on what is important with a simple attack timeline and reduces false positive fatigue.
    Microsoft

    Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

    Rapid7
     

    Sample Customers

    Turkish Airlines, Seoul National University Bundang Hospital, Empa, The Alberta Teachers' Association
    Liberty Wines, Pioneer Telephone, Visier
    Buyer's Guide
    User Entity Behavior Analytics (UEBA)
    August 2025
    Download Free Report
    Find out what your peers are saying about IBM, Exabeam, Cynet and others in User Entity Behavior Analytics (UEBA). Updated: August 2025.
    DOWNLOAD NOW
    867,445 professionals have used our research since 2012.
    See our list of best User Entity Behavior Analytics (UEBA) vendors.

    We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.