Rapid7 InsightIDR vs SECDO Platform comparison

Rapid7 and Palo Alto Networks are both solutions in the Endpoint Detection and Response (EDR) category. Rapid7 is ranked #34 with an average rating of 7.8, while Palo Alto Networks is ranked #66. Rapid7 holds a 1.2% mindshare in EDR, compared to Palo Alto Networks’s 0.3% mindshare. Additionally, 96% of Rapid7 users are willing to recommend the solution, compared to 75% of Palo Alto Networks users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

SECDO Platform and Rapid7 InsightIDR are leading products in the cybersecurity market. Rapid7 InsightIDR seems to have the upper hand due to its richer feature set and comprehensive threat intelligence.

Features: SECDO Platform is renowned for its incident response capabilities, automation features, and straightforward deployment. Rapid7 InsightIDR is known for its comprehensive threat intelligence, user behavior analytics, and robust feature set.

Room for Improvement: SECDO Platform users mention needs for better integration with third-party tools, enhanced scalability, and more detailed reporting. Rapid7 InsightIDR users suggest improvements in reporting functionalities, streamlining the alerting system, and enhancing customer service responsiveness.

Ease of Deployment and Customer Service: SECDO Platform is noted for its straightforward deployment process and responsive customer service. Rapid7 InsightIDR also offers an easy deployment process but receives mixed reviews regarding customer service responsiveness.

Pricing and ROI: SECDO Platform users find the setup cost reasonable with a satisfactory ROI. Rapid7 InsightIDR is viewed as pricier but justified by its comprehensive feature set, leading to a very good ROI.

To learn more, read our detailed Rapid7 InsightIDR vs. SECDO Platform Report (Updated: March 2026).

Buyer's Guide

Rapid7 InsightIDR vs. SECDO Platform

March 2026

Download the complete report

Helped 885,376 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XDR by Palo Alto Net...

Mindshare comparison

As of March 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.4%, down from 4.0% compared to the previous year. The mindshare of Rapid7 InsightIDR is 1.2%, up from 1.0% compared to the previous year. The mindshare of SECDO Platform is 0.3%, up from 0.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR) Mindshare Distribution
Product	Mindshare (%)
Cortex XDR by Palo Alto Networks	3.4%
Rapid7 InsightIDR	1.2%
SECDO Platform	0.3%
Other	95.1%

Endpoint Detection and Response (EDR)

Featured Reviews

ABHISHEK_SINGH

Senior Process Expert at A.P. Moller - Maersk

Gained full visibility and streamlined threat detection through behavior-based insights and AI integration

Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.

Read full review

SohailHyder

Head Of Cyber Security at Super Secure

Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration

If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Read full review

it_user1643085

Founder/ CEO

Great documentation, good technical support, and very in-depth

The initial setup can be complex. I would advise users to leverage all of the access with Palo Alto, in terms of setting up with the technical account management teams. They need to ensure that what they have in mind for the product is actually going to be what happens. I have not run into any problems with deploying the product. Any of their security products are well-documented, either with open source intelligence or the documentation from Palo Alto. We had a client with less than a thousand users that received a dedicated engineer and a technical account manager that was able to walk them through the first 90 days of ownership. The support is certainly there.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Previously, we had to install endpoint protection per machine and then scan and update, but Cortex XDR basically does that centrally and predictably, so we have more time to do day-to-day work rather than spend time chasing those endpoints."

"Cortex XDR is a very capable solution for protecting large networks and a lot of endpoints. It's very useful because the automation is very high, and if you combine it with the features on Palo Alto firewalls, it provides very strong protection."

"Implementing Cortex XDR by Palo Alto Networks has had a significant impact on my security analyst workload because it becomes much easier."

"Cortex XDR by Palo Alto Networks has helped lighten the load of our security analysts because it was the major tool that we were using and the one we utilized most."

"Cortex XDR lets us manage several clients from the same console, and its endpoint defense is more advanced than traditional antivirus."

"My advice for others looking into using Cortex is that it is very easy to use and very useful for the customer environment, whether it's a public or private one."

"If you are looking to deploy a security solution as a whole, this is a good option."

"We have found in our test Cortex XDR by Palo Alto Networks to be a very good tool."

More Cortex XDR by Palo Alto Networks pros

"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless."

"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."

"Simple configuration and automatically syncs to the cloud platform."

"It is a very stable solution."

"I like that it's a cloud-based solution."

"The UI is very good."

"The platform offers unlimited storage and agent-based solutions."

"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."

More Rapid7 InsightIDR pros

"Technical support is great. Palo Alto is extremely helpful and responsive."

"This is a mature product in terms of threat detection."

"Palo Alto is extremely helpful and responsive and there is a lot of training documentation provided, making it a good, in-depth solution for enterprise clients that typically works a lot better than SIEM tools out of the box."

"The ease of deployment is a valuable feature."

"It basically automates the entire alert investigation process."

Cons

"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."

"A better pricing plan would make this product more competitive."

"The deployment is pretty hard."

"We had a problem with getting our older endpoints up to date, but their newest updates have been really good."

"For working with the solution, you only really need a web browser, however, we've found that working on Chrome, for example, is horrible."

"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."

"This is a very costly product."

"There is also no recovery feature; if some endpoint is under attack there must be the possibility of recovering it or restoring it to a normal state."

More Cortex XDR by Palo Alto Networks cons

"The main problem lies in the processes within the client's operating systems."

"There is a future in AI with Rapid7, however, it is not fully operated. There are certain limitations with Rapid7 that I am working on."

"Personally, I feel it would greatly benefit from more supported log sources."

"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."

"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."

"Customised alert recipients need to be added to allow better first-line action and quicker response."

"Cloud risk assessment is one area where I think they need a lot of improvement."

"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."

More Rapid7 InsightIDR cons

"Maybe the notifications setting could use a simpler setting."

"Many will try to use this as an out-of-the-box solution, however, it needs to be configured to fit what a company would like to do with it."

"The price should be reduced in order to be more competitive in the market."

"The price of this solution is higher than the competitors."

"Many will try to use this as an out-of-the-box solution, however, it needs to be configured to fit what a company would like to do with it."

"Maybe the notifications setting could use a simpler setting."

Pricing and Cost Advice

"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."

"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."

"The price of the product is not very economical."

"This is an expensive solution."

"I don't recall what the cost was, but it wasn't really that expensive."

"The pricing is a little high. It is per user per year."

"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."

"The price of the solution is high for the license and in general."

More Cortex XDR by Palo Alto Networks pricing and cost advice

"Accurately predict your licensing counts as this is a subscription based product."

"The solution has a mid-range price point in the market"

"The pricing of the solution depends on the user. But there is a yearly licensing cost."

"I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability."

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

"Rapid7 InsightIDR is priced very well and is cost-effective."

"It is a reasonably priced solution."

"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."

More Rapid7 InsightIDR pricing and cost advice

"Be sure of the actual number of endpoints in your company."

"The price of this solution is the highest in the market, although there are no costs in addition to the standard licensing fees."

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

885,376 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Construction Company

13%

Manufacturing Company

Computer Software Company

Financial Services Firm

Computer Software Company

10%

Financial Services Firm

Manufacturing Company

Government

Performing Arts

22%

Manufacturing Company

Comms Service Provider

Retailer

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	44
Midsize Enterprise	20
Large Enterprise	47

By reviewers
Company Size	Count
Small Business	20
Midsize Enterprise	5
Large Enterprise	6

No data available

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...

See all answers

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...

See all answers

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is a...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

What needs improvement with Rapid7 InsightIDR?

If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as ...

See all answers

Ask a question

Earn 20 points

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks

Compared 9% of the time

SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks

Compared 6% of the time

CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Cortex XSIAM vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks

Compared 3% of the time

More Cortex XDR by Palo Alto Networks Competitors

Splunk Enterprise Security vs Rapid7 InsightIDR

Compared 5% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 5% of the time

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 4% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 4% of the time

Darktrace vs Rapid7 InsightIDR

Compared 3% of the time

More Rapid7 InsightIDR Competitors

Palo Alto Networks Cortex XSOAR vs SECDO Platform

Compared 11% of the time

VMware Carbon Black Endpoint vs SECDO Platform

Compared 9% of the time

IBM Resilient vs SECDO Platform

Compared 9% of the time

Fortinet FortiSOAR vs SECDO Platform

Compared 7% of the time

VMware Carbon Black Cloud vs SECDO Platform

Compared 7% of the time

More SECDO Platform Competitors

Product Reports

Buyer's Guide

Cortex XDR by Palo Alto Networks

March 2026

Download Cortex XDR by Palo Alto Networks product report

Buyer's Guide

Rapid7 InsightIDR

March 2026

Download Rapid7 InsightIDR product report

Buyer's Guide

Security Incident Response

March 2026

Download SECDO Platform product report

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps

InsightIDR

No data available

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?

Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
Multi-layered Security: Combines various security measures for comprehensive protection.
Endpoint Protection: Safeguards against malware and exploits.
Behavioral Analysis: Monitors suspicious activity for early detection.
Automatic Threat Response: Automates responses to neutralize threats.

What benefits should users expect?

Ease of Use: Simplifies security management with intuitive design.
Resource Efficiency: Minimizes impact on system resources.
Integration Capabilities: Works well with existing security setups.
Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

SECDO enables security teams to identify and remediate incidents fast. Using thread-level endpoint monitoring and causality analytics, SECDO provides visibility into every endpoint along with the context necessary for understanding whether a suspicious activity is a genuine threat. Unique deception techniques force threats like ransomware out into the open early, and trigger automated containment and remediation.

SECDO provides the most intuitive investigation experience available so you can quickly unravel complex incidents across the organization. You can investigate incidents detected by SECDO as well as alerts from the SIEM. SECDO visualizes the attack chain so you immediately understand the “who, what, where, when and how” behind the incident. Then, based on an analysis of exactly how endpoints were compromised, SECDO surgically remediates the incident with minimum user impact.

Palo Alto Networks

Sample Customers

CBI Health Group, University Honda, VakifBank

Liberty Wines, Pioneer Telephone, Visier

Valley National Bank, IDT Corporation

Buyer's Guide

Rapid7 InsightIDR vs. SECDO Platform

March 2026

Free Report: Rapid7 InsightIDR vs. SECDO Platform

Find out what your peers are saying about Rapid7 InsightIDR vs. SECDO Platform and other solutions. Updated: March 2026.

DOWNLOAD NOW

885,376 professionals have used our research since 2012.

See our Rapid7 InsightIDR vs. SECDO Platform report.

See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.