Try our new research platform with insights from 80,000+ expert users

Microsoft ATA [EOL] vs Rapid7 InsightIDR comparison

Microsoft and Rapid7 are both solutions in the User Entity Behavior Analytics (UEBA) category. Additionally, 50% of Microsoft users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.
Microsoft ATA [EOL]
Read 3 Microsoft ATA [EOL] reviews
    50% willing to recommend
    Rapid7 InsightIDR
    Read 32 Rapid7 InsightIDR reviews
    • 7,657 Views
    • 995 Comparison Views
    95% willing to recommend
     

    Comparison Buyer's Guide

    Download the report
    Executive Summary
    We performed a comparison between Microsoft ATA [EOL] and Rapid7 InsightIDR based on real PeerSpot user reviews.

    Find out what your peers are saying about IBM, Exabeam, Cynet and others in User Entity Behavior Analytics (UEBA).

    DOWNLOAD THE COMPLETE REPORT
    To learn more, read our detailed User Entity Behavior Analytics (UEBA) Report (Updated: July 2025).
    Buyer's Guide
    User Entity Behavior Analytics (UEBA)
    July 2025
    Download the complete report
    Helped 862,499 peers since 2012

    Review summaries and opinions

    We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
     

    Categories and Ranking

    Microsoft ATA [EOL]
    Average Rating
    6.6
    Number of Reviews
    3
    Ranking in other categories
    No ranking in other categories
    Rapid7 InsightIDR
    Average Rating
    8.4
    Reviews Sentiment
    7.4
    Number of Reviews
    32
    Ranking in other categories
    Security Information and Event Management (SIEM) (14th), User Entity Behavior Analytics (UEBA) (5th), Endpoint Detection and Response (EDR) (25th), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (16th)
     

    Featured Reviews

    it_user1369068 - PeerSpot reviewer
    Good integration, simple to maintain, and very stable
    Scalability shouldn't be a problem, at least for the size of network team that I work with. Right now we have between 400 and 500 users. This is deployed in a network that is actually about 500 users. We don't plan to increase usage. We're already using it as fully as we can and we don't have any more room. We might look at all the Microsoft programs that relate to office 365, like the ATP, because there is a difference between the ATA and the ATP. We are going to look and see whether there's any gaps that we can close. I think if you compare ATA with the actual ATP it's basically the same functionality. One is more on-premises versus the cloud. Since we are progressively in moving to the cloud, we might look at the ATP, which integrates better with the Microsoft cloud.
    Read full review
    Asim Naeem - PeerSpot reviewer
    Providing comprehensive insight into alerts while working towards AI enhancement
    I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.
    Read full review

    Quotes from Members

    We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
     

    Pros

    "One of the most valuable features is the ability to report on questionable activity."
    "The solution works well when used with other Microsoft solutions."
    "The stability of the solution is very good."
    "The platform offers unlimited storage and agent-based solutions."
    "InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."
    "I rate Rapid7 nine out of 10 for affordability"
    "Features for user behavior analytics and the rules for attack review are good."
    "Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
    "Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
    "InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
    "The UI is very good."
    More Rapid7 InsightIDR pros
     

    Cons

    "There are occasions where it generates some false positives and you have to embark into figuring it out. You need to find out if it was a true alert or a false positive. It's a little bit cumbersome in that area."
    "Some of the newer features are not completely there yet... For example, there's a tool that allows you to grade your overall internal security and I don't feel that it's completely accurate."
    "It would be ideal if the interface allowed for more granular configurations. For example, if I were to set a rule that is a deviation from the pre-defined rules in the Microsoft product, there's conflict."
    "The searching feature in Rapid7 InsightIDR needs to evolve"
    "The product allows us to make only 30 custom rules."
    "It would be useful to import threat intelligence in YARA format along with known incorrect email addresses.​"
    "There are certain limitations with Rapid7 that I am working on."
    "Needs a better ability to customize the check within the console."
    "The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
    "The integration capabilities of the solution have certain shortcomings where improvements are required."
    "The dashboard is an area that could be simplified."
    More Rapid7 InsightIDR cons
     

    Pricing and Cost Advice

    "I believe we are looking into new licenses. They may be called the E5. Honestly, I don't have it on top of my mind, but I think it's around seven to $10 a user per month."
    "Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
    "Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
    "The pricing of the solution depends on the user. But there is a yearly licensing cost."
    "Rapid7 InsightIDR is priced very well and is cost-effective."
    "The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
    "Rapid7 InsightIDR's pricing is reasonable."
    "It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
    "The solution has a mid-range price point in the market"
    More Rapid7 InsightIDR pricing and cost advice
    report
    See which vendors are best for you
    Use our free recommendation engine to learn which User Entity Behavior Analytics (UEBA) solutions are best for your needs.
    See recommendations
    862,499 professionals have used our research since 2012.
     

    Top Industries

    By visitors reading reviews
    No data available
    Computer Software Company
    15%
    Financial Services Firm
    8%
    Manufacturing Company
    8%
    Government
    6%
     

    Company Size

    By reviewers
    Large Enterprise
    Midsize Enterprise
    Small Business
    No data available
     

    Questions from the Community

    Ask a question
    Earn 20 points
    What SOC product do you recommend?
    For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
    See all answers
    What do you like most about Rapid7 InsightIDR?
    During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
    See all answers
    What is your experience regarding pricing and costs for Rapid7 InsightIDR?
    The product pricing is very cheap.
    See all answers
     

    Comparisons

    No data available
    Darktrace vs Rapid7 InsightIDR Logo
    Darktrace vs Rapid7 InsightIDR
    Compared 10% of the time
    Microsoft Sentinel vs Rapid7 InsightIDR Logo
    Microsoft Sentinel vs Rapid7 InsightIDR
    Compared 9% of the time
    Rapid7 InsightVM vs Rapid7 InsightIDR Logo
    Rapid7 InsightVM vs Rapid7 InsightIDR
    Compared 8% of the time
    CrowdStrike Falcon vs Rapid7 InsightIDR Logo
    CrowdStrike Falcon vs Rapid7 InsightIDR
    Compared 6% of the time
    Splunk Enterprise Security vs Rapid7 InsightIDR Logo
    Splunk Enterprise Security vs Rapid7 InsightIDR
    Compared 5% of the time
    More Rapid7 InsightIDR Competitors
     

    Product Reports

    Buyer's Guide
    User Entity Behavior Analytics (UEBA)
    July 2025
    Microsoft ATA [EOL] reportDownload Microsoft ATA [EOL] product report
    Buyer's Guide
    Rapid7 InsightIDR
    July 2025
    Rapid7 InsightIDR reportDownload Rapid7 InsightIDR product report
     

    Also Known As

    Microsoft Advanced Threat Analytics, MS ATA [EOL]
    InsightIDR
     

    Overview

    Microsoft Advanced Threat Analytics (ATA) provides a simple and fast way to understand what is happening within your network by identifying suspicious user and device activity with built-in intelligence and providing clear and relevant threat information on a simple attack timeline. Microsoft ATA is an on-premises platform to help you protect your enterprise from advanced targeted attacks by automatically analyzing, learning, and identifying normal and abnormal entity (user, devices, and resources) behavior. It detects suspicious activities and malicious attacks with behavioral analytics, adapts to the changing nature of cyber-security threats, focuses on what is important with a simple attack timeline and reduces false positive fatigue.
    Microsoft

    Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

    Rapid7
     

    Sample Customers

    Turkish Airlines, Seoul National University Bundang Hospital, Empa, The Alberta Teachers' Association
    Liberty Wines, Pioneer Telephone, Visier
    Buyer's Guide
    User Entity Behavior Analytics (UEBA)
    July 2025
    Download Free Report
    Find out what your peers are saying about IBM, Exabeam, Cynet and others in User Entity Behavior Analytics (UEBA). Updated: July 2025.
    DOWNLOAD NOW
    862,499 professionals have used our research since 2012.
    See our list of best User Entity Behavior Analytics (UEBA) vendors.

    We monitor all User Entity Behavior Analytics (UEBA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.