Microsoft Defender for Endpoint vs Rapid7 InsightIDR comparison

Microsoft and Rapid7 are both solutions in the Endpoint Detection and Response (EDR) category. Microsoft is ranked #3 with an average rating of 8.3, while Rapid7 is ranked #25 with an average rating of 8.1. Microsoft holds a 10.1% mindshare in EDR, compared to Rapid7’s 1.2% mindshare. Additionally, 94% of Microsoft users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.

Microsoft Defender for Endp...

Read 198 Microsoft Defender for Endpoint reviews

37,815 Views
17,773 Comparison Views

94% willing to recommend

Rapid7 InsightIDR

Read 32 Rapid7 InsightIDR reviews

7,194 Views
1,870 Comparison Views

95% willing to recommend

Microsoft Defender for Endp...

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Rapid7 InsightIDR and Microsoft Defender for Endpoint are leading security solutions. Reviews indicate Rapid7 InsightIDR is favored for pricing and support while Microsoft Defender for Endpoint is preferred for its comprehensive features, making users feel it is worth the investment.

Features: Rapid7 InsightIDR is user-friendly and known for strong threat detection. Microsoft Defender for Endpoint is known for integration with Microsoft tools and advanced threat protection. InsightIDR's incident detection is simpler, while Defender's integration capabilities are more versatile for larger ecosystems.

Room for Improvement: Rapid7 InsightIDR users desire enhanced analytics and deeper threat intelligence. Microsoft Defender for Endpoint users seek improvements in system performance and fewer false positives. Performance optimization in Defender is more frequently noted.

Ease of Deployment and Customer Service: Rapid7 InsightIDR has a quick deployment process and responsive support. Microsoft Defender for Endpoint provides efficient deployment but has some complexity due to integration. Customer services are well-regarded, with Rapid7's support slightly more praised for its promptness.

Pricing and ROI: Rapid7 InsightIDR is considered cost-effective with a favorable ROI due to lower setup costs and reliable performance. Microsoft Defender for Endpoint, although more expensive, offers a higher ROI through robust features and extensive security measures. Users feel the higher price is justified by its advanced capabilities.

To learn more, read our detailed Microsoft Defender for Endpoint vs. Rapid7 InsightIDR Report (Updated: July 2025).

Buyer's Guide

Microsoft Defender for Endpoint vs. Rapid7 InsightIDR

July 2025

Download the complete report

Helped 867,370 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Microsoft Defender for Endp...

Ranking in Endpoint Detection and Response (EDR)

3rd

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

198

Ranking in other categories

Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (3rd), Anti-Malware Tools (1st), Microsoft Security Suite (4th)

Rapid7 InsightIDR

Ranking in Endpoint Detection and Response (EDR)

25th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (14th), User Entity Behavior Analytics (UEBA) (5th), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (16th)

Mindshare comparison

As of September 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Microsoft Defender for Endpoint is 10.1%, down from 12.3% compared to the previous year. The mindshare of Rapid7 InsightIDR is 1.2%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR) Market Share Distribution
Product	Market Share (%)
Microsoft Defender for Endpoint	10.1%
Rapid7 InsightIDR	1.2%
Other	88.7%

Endpoint Detection and Response (EDR)

Featured Reviews

NaySan @ Suraj Verma

Solution Consultant at BIM Group of Companies

Has effectively blocked sophisticated attacks and malicious activities while providing excellent support

Microsoft Defender for Endpoint is very good, but one suggestion is that in some products, we may need to configure security-related settings, whereas Microsoft Defender for Endpoint works completely differently, providing automatic recommendations and actions that we may need to perform ourselves. Regarding the pricing of Microsoft Defender for Endpoint, during the last three years, we set up the product and sold it, but we faced difficulties because Microsoft pricing is always the same. For example, whether I purchase Microsoft Defender for Endpoint for one year or for the next three years, the pricing remains constant with no discounts available. In contrast, competing products offer reduced pricing for long-term commitments, which makes it difficult for us in that environment. Microsoft should consider this option to remain competitive, but otherwise, everything else is fine.

Read full review

Asim Naeem

Principal IT Security & Compliance at IBEX Holdings Ltd

Providing comprehensive insight into alerts while working towards AI enhancement

I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"We have just started to implement it. It is useful for protection from malware and ransomware."

"Easy to understand and easy to set up endpoint security solution. It's a multifeatured product with web content filtering and automated investigation features. It also has a fantastic vulnerability management dashboard."

"It was quite important to have extra security on our mobile platform because of geopolitical situations, as we are located close to some countries that represent a concern. Defender for Endpoint allows us automatic resolutions if a unit is compromised or if a user clicks a malicious link."

"We are a Microsoft shop, and Defender is a Microsoft solution that provides some security at a reasonable cost."

"We have very good visibility on our endpoints. The level of information it throws back is helpful."

"We have liked the fact that it comes with Microsoft Windows 10 and it is constantly updated with all new virus definitions. It is also updated with new security features on a regular basis."

"The technical support from Microsoft is very good. We are part of the Microsoft Suite, and from being part of this we have consistent news regarding Microsoft Defender for Endpoint."

"It does not make Windows slow, as compared to all of the third part antiviruses."

More Microsoft Defender for Endpoint pros

"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."

"The web interface is great — very useful and user-friendly."

"Simple configuration and automatically syncs to the cloud platform."

"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."

"InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."

"I like that it's a cloud-based solution."

"The alerting to drive investigations and remediation has been its most valuable feature."

"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."

More Rapid7 InsightIDR pros

Cons

"Its price could be better."

"A challenge is that it is not a multi-tenant solution. Microsoft's tenant is a licensed tenant. I'm an MSSP. So, I have multiple customers. In Microsoft's world, that means that I can't just buy an E5 license and give that out to all my customers. That won't work because all of the customer data resides within a single tenant in Microsoft's world. Other products—such as SentinelOne, Palo Alto Cortex, CrowdStrike, et cetera—are multi-tenant. So, I can have it at the top of the pyramid for my analyst to look into it and see all the customers, but each customer's data is separate. If the customer wants to look at what we see, they would only see their data, whereas in the Microsoft world, if I've got multiple customers connected to the same Microsoft tenant, they would see everybody else's data, which is a privacy problem in Europe. It is not possible to share the data, and it is a breach of privacy."

"Microsoft Defender for Endpoint can improve by providing more and different types of reports."

"The system can always be simplified and have a better integration check. More detailed reports would be good. When it does the integrated check, it just shows if the system is okay but I want to know what happened."

"Updates are not coming out of preview quickly enough and it is holding back on the development of the product."

"Sometimes, there are difficulties in downloading a file considered as malicious."

"If the solution could be integrated more with Defender for Cloud, to be more unified, that would help. It is good now, but even more integration could be done with Defender for Cloud. We see two different portals. If Defender for Endpoint could be ported to the CSPM, Defender for Cloud, that would make things even easier for us."

"The scanning is slow when it is working with incoming emails."

More Microsoft Defender for Endpoint cons

"The integration capabilities of the solution have certain shortcomings where improvements are required."

"The product allows us to make only 30 custom rules."

"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."

"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."

"The solution's XDR agents cannot compete with the XDR solutions out there yet."

"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."

"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."

"The APIs can be further improved in Rapid7."

More Rapid7 InsightIDR cons

Pricing and Cost Advice

"As we operate in the educational sector, we are eligible for an educational discount."

"There is no license needed, the solution comes with Microsoft Windows."

"Because Microsoft Defender comes as an add-on, it can be a bit expensive if you're trying to buying it separately. Another option is to upgrade, but the enterprise licenses for Microsoft can also be quite a bit pricey. Overall, the cost of Microsoft Defender compared to that of other endpoint detection solutions is slightly higher."

"The licensing fee is a function of your Office 365 license. The feature set you get is a function of the license as well. There is probably an E2 version, an E3 version, and an E5 version. There are several versions, and not all features are the same. So, you might want to check what features you're expecting because you might get shocked. If you only have an E3 license, the capability isn't the same."

"I'm not too familiar with costs as I'm an architect, though I know about online pricing, as I help two teams with online purchasing and procurement. Nowadays, everyone has an enterprise agreement, such as an E3 license, which we provide to our customers."

"This is an expensive product and licensing for all Microsoft products is a big issue."

"You just pay Windows 10 prices, then you have antivirus software. As a price comparison, Defender's costs are very low."

"It is within the same range as other products. It is not too expensive, and it is also not cheap. Its price can be better, but, well, it is Microsoft."

More Microsoft Defender for Endpoint pricing and cost advice

"It is more reasonably priced than other vendors."

"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."

"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."

"It is a reasonably priced solution."

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

"Rapid7 InsightIDR's pricing is reasonable."

"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."

"Rapid7 InsightIDR is priced very well and is cost-effective."

More Rapid7 InsightIDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

867,370 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

13%

Government

Manufacturing Company

Financial Services Firm

Computer Software Company

14%

Manufacturing Company

Financial Services Firm

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	79
Midsize Enterprise	34
Large Enterprise	87

By reviewers
Company Size	Count
Small Business	20
Midsize Enterprise	5
Large Enterprise	6

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...

See all answers

Which offers better endpoint security - Symantec or Microsoft Defender?

We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...

See all answers

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

Comparisons

CrowdStrike Falcon vs Microsoft Defender for Endpoint

Compared 5% of the time

HP Wolf Security vs Microsoft Defender for Endpoint

Compared 5% of the time

F-Secure Total vs Microsoft Defender for Endpoint

Compared 4% of the time

Symantec Endpoint Security vs Microsoft Defender for Endpoint

Compared 4% of the time

Trellix Endpoint Security Platform vs Microsoft Defender for Endpoint

Compared 4% of the time

More Microsoft Defender for Endpoint Competitors

Darktrace vs Rapid7 InsightIDR

Compared 8% of the time

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 8% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 8% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 5% of the time

Trend Vision One vs Rapid7 InsightIDR

Compared 3% of the time

More Rapid7 InsightIDR Competitors

Product Reports

Buyer's Guide

Microsoft Defender for Endpoint

August 2025

Download Microsoft Defender for Endpoint product report

Buyer's Guide

Rapid7 InsightIDR

August 2025

Download Rapid7 InsightIDR product report

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus

InsightIDR

Interactive Demo

Microsoft

Demo not available

Rapid7

Overview

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

Sample Customers

Petrofrac, Metro CSG, Christus Health

Liberty Wines, Pioneer Telephone, Visier

Buyer's Guide

Microsoft Defender for Endpoint vs. Rapid7 InsightIDR

July 2025

Free Report: Microsoft Defender for Endpoint vs. Rapid7 InsightIDR

Find out what your peers are saying about Microsoft Defender for Endpoint vs. Rapid7 InsightIDR and other solutions. Updated: July 2025.

DOWNLOAD NOW

867,370 professionals have used our research since 2012.

See our Microsoft Defender for Endpoint vs. Rapid7 InsightIDR report.

See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.