Rapid7 InsightIDR vs SentinelOne Singularity Identity comparison

Rapid7 InsightIDR vs. SentinelOne Singularity Identity

Download the complete report

Helped 868,787 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Rapid7 InsightIDR

Ranking in Threat Deception Platforms

4th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (14th), User Entity Behavior Analytics (UEBA) (5th), Endpoint Detection and Response (EDR) (25th), Extended Detection and Response (XDR) (17th)

SentinelOne Singularity Ide...

Ranking in Threat Deception Platforms

2nd

Average Rating

9.0

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

Vulnerability Management (10th), Advanced Threat Protection (ATP) (8th), Identity Threat Detection and Response (ITDR) (4th)

Mindshare comparison

As of October 2025, in the Threat Deception Platforms category, the mindshare of Rapid7 InsightIDR is 11.6%, up from 11.7% compared to the previous year. The mindshare of SentinelOne Singularity Identity is 8.1%, up from 6.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Threat Deception Platforms Market Share Distribution
Product	Market Share (%)
SentinelOne Singularity Identity	8.1%
Rapid7 InsightIDR	11.6%
Other	80.3%

Threat Deception Platforms

Featured Reviews

Asim Naeem

Principal IT Security & Compliance at IBEX Holdings Ltd

Providing comprehensive insight into alerts while working towards AI enhancement

I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Read full review

Roftiel Constantine

Global Chief Information Security Officer at Barry-Wehmiller

Provides proactive threat remediation, reduces alert volume, and enhances incident response capabilities

During our pre-purchase evaluation of SentinelOne's EDR capabilities three years ago, we were consistently impressed by the positive relationships customers reported having with SentinelOne's engineers, sales teams, and customer success managers. These strong relationships, evident in the customers' unsolicited feedback, highlighted the "soft skills" and intangible qualities that SentinelOne possessed. This positive customer experience has been mirrored in our own interactions with them. Their responsiveness to our needs, particularly when addressing a couple of challenges we faced, has been excellent. They proactively scheduled weekly meetings to demonstrate their commitment to resolving our issues, a customer-centric approach I admire. SentinelOne's dedication to customer service, including their rapid technology updates and responsiveness to our suggestions, has been crucial to our success in protecting our organization. Their ability to quickly incorporate our needs into new releases is truly impressive and sets them apart. Overall, I highly recommend SentinelOne based on our positive interactions across all levels of their organization.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It improved my organization by building a security alerting program."

"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."

"The solution provides satisfying native integration features"

"The solution is easy to use, and the interface is intuitive."

"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."

"The web interface is great — very useful and user-friendly."

"The alerting to drive investigations and remediation has been its most valuable feature."

"Simple configuration and automatically syncs to the cloud platform."

More Rapid7 InsightIDR pros

"Behind the scenes, SentinelOne has real people who evaluate problems and mark them as false positives. That's what I find most helpful."

"The effectiveness of their AI and behavioral analysis helps mitigate zero-day activities and detect new threats."

"The response is a valuable aspect of SentinelOne."

"The incident and threat logs are great."

"They have different levels of support. We have the highest level where they are constantly checking all the endpoints. If at any certain point, they identify that a computer has been triggered by a virus, a link, or something else, they would automatically tell us that within 15 seconds. If they notice something, they automatically send us an email saying that they noticed something in the computer, and they are going to block it."

"Incident response is one of the key areas where the solution has been very useful. Whenever there is an incident, instead of being reactive, the government is now able to quickly gain the data that it needs to see what its end agency is also seeing and partner with them in real-time to look at the same data and to collaborate where needed, empowering the agency to be able to do their job."

"The protection provided by SentinelOne Singularity Identity is the most valuable feature."

"The product's initial setup phase is straightforward."

More SentinelOne Singularity Identity pros

Cons

"They should add more configuration and security features to it."

"The ability to tune the collector for custom logs would greatly help."

"Cloud risk assessment is one area where I think they need a lot of improvement."

"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."

"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."

"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."

"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."

"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."

More Rapid7 InsightIDR cons

"One area for improvement would be the self-healing nature of the agent."

"A lot of those features came from an acquisition of a different company."

"To improve SentinelOne, I would suggest adding a network detection and response capability."

"The primary reason for this discontent is that we frequently encounter performance issues with our servers."

"The UI can be more user-friendly."

"I don't like SentinelOne's reporting tools. Their reports seem fine theoretically, but the issue is the sample size. For example, it will report that there were four incidents, and that equals 25 percent fewer incidents compared to the previous months. It would be a great improvement if I could expand the range to see reports for the last six months, but it's always one month. That would be an easy thing for them to resolve."

"There is a clear roadmap for improvements, including enhancing capabilities with AI and seamless functionality in an MSP model for deeper visibility across multiple agencies. Further development is anticipated to continue enhancing the solution."

"The resolution turnaround from SentinelOne Singularity Identity's support should be improved."

More SentinelOne Singularity Identity cons

Pricing and Cost Advice

"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."

"I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability."

"It is more reasonably priced than other vendors."

"The pricing of the solution depends on the user. But there is a yearly licensing cost."

"The pricing and licensing are competitive."

"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help."

More Rapid7 InsightIDR pricing and cost advice

"The pricing is a bit high."

"Ideally, I would like SentinelOne to lower their prices a little bit."

"SentinelOne seemed to offer more while being priced lower than its competitors."

"Its price is a little bit high. It is a nice product, but it comes at a cost. Compared to other products, it is not cheap, but you sometimes have to pay for the value you get. It is not cheap, but it is worth it."

"There is a need to make yearly payments towards the licensing charges associated with the product...I think the prices associated with the product are okay and it is not too expensive."

"Their pricing has been fair, especially in the current market, and they haven't excessively increased prices at renewal times like many vendors do."

"The price of SentinelOne Singularity Identity is relatively high, but it offers numerous features and capabilities that make it well worth the investment."

"Compared to competitors, it's well-priced for the quality offered, and I don't see anyone surpassing them in that regard."

More SentinelOne Singularity Identity pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Threat Deception Platforms solutions are best for your needs.

See recommendations

868,787 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

Manufacturing Company

Government

Computer Software Company

13%

Financial Services Firm

Manufacturing Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	20
Midsize Enterprise	5
Large Enterprise	6

By reviewers
Company Size	Count
Small Business	4
Midsize Enterprise	5
Large Enterprise	13

Questions from the Community

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

What do you like most about SentinelOne Singularity Identity?

The XDR capabilities are very good.

What is your experience regarding pricing and costs for SentinelOne Singularity Identity?

I have no visibility into pricing, setup costs, or licensing as the government handles these aspects directly with SentinelOne. We do the integrating, and they process the payments.

What needs improvement with SentinelOne Singularity Identity?

Regarding improvements, I believe that API integration in third-party applications could be better. The Singularity tool uses its own credential in the record features.

Rapid7 InsightVM vs Rapid7 InsightIDR

Comparisons

Compared 8% of the time

Darktrace vs Rapid7 InsightIDR

Compared 8% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 7% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 6% of the time

Cortex XDR by Palo Alto Networks vs Rapid7 InsightIDR

Compared 2% of the time

More Rapid7 InsightIDR Competitors

Tenable Vulnerability Management vs SentinelOne Singularity Identity

Compared 10% of the time

Microsoft Defender for Identity vs SentinelOne Singularity Identity

Compared 10% of the time

CrowdStrike Falcon vs SentinelOne Singularity Identity

Compared 9% of the time

Huntress Managed ITDR vs SentinelOne Singularity Identity

Compared 9% of the time

Microsoft Entra ID Protection vs SentinelOne Singularity Identity

Compared 6% of the time

More SentinelOne Singularity Identity Competitors

Product Reports

Rapid7 InsightIDR

Download Rapid7 InsightIDR product report

SentinelOne Singularity Identity

Download SentinelOne Singularity Identity product report

Also Known As

InsightIDR

No data available

Overview

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

Singularity Identity, a component of the Singularity platform, provides threat detection & response (ITDR) capabilities to defend Active Directory and domain-joined endpoints in real-time from adversaries aiming to gain persistent, elevated privilege and move covertly. Singularity Identity provides actionable, high-fidelity insight as attacks emerge from managed and unmanaged devices. It detects identity misuse and reconnaissance activity happening within endpoint processes targeting critical domain servers, service accounts, local credentials, local data, network data, and cloud data. On-agent cloaking and deception techniques slow the adversary down while providing situational awareness and halting adversarial attempts at lateral movement. Singularity Identity helps you detect and respond to identity-based attacks, providing early warning while misdirecting them away from production assets.

Singularity Identity’s primary use case is to protect credential data and disrupt identity-based attacks. The most valuable function of Singularity Identity is its ability to misdirect attackers by providing deceptive data to identity-based recon attacks. Additionally, it can hide and deny access to locally stored credentials or identity data on Active Directory domain controllers.

Singularity Identity also provides rapid detection and respond to identity attacks, capturing attack activity and feeding it directly to the Singularity platform’s Security DataLake for enterprise-wide analysis and response.

By implementing Singularity Identity, organizations benefit from enhanced security, reduced credential-related risks, and improved user productivity. It detects and responds to identity-based attacks, ensuring only authorized individuals can access critical identity data. With its cloaking capabilities to hide identity stored locally on endpoints or in the identity infrastructure and it’s ability to provide decoy results to identity-based attacks, organizations can effectively secure their sensitive or privileged identities, resulting in improved overall identity security.

SentinelOne

Sample Customers

Liberty Wines, Pioneer Telephone, Visier

Information Not Available

Rapid7 InsightIDR vs. SentinelOne Singularity Identity