We performed a comparison between Rapid7 InsightIDR and Trellix Endpoint Security based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"The product integrates security into one tool instead of having third-party security tools."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The comprehensiveness of Microsoft's threat detection is good."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"Simple configuration and automatically syncs to the cloud platform."
"Features for user behavior analytics and the rules for attack review are good."
"The UI is very good."
"The primary reason the solution is good is because of its ease-of-use."
"The solution scales well."
"The product’s stability and security features enhance user protection and organizational security."
"The solution is stable."
"I have found the most valuable features to be the ability to manage the solution from anywhere and having an overview of the companies security."
"It provides a lot of information and great visibility, with really great options for managing the environment."
"The installation is pretty straightforward."
"The performance is good."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"We should be able to use the product on devices like Apple, Linux, etc."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"Intrusion detection and prevention would be great to have with 365 Defender."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"I feel it would greatly benefit from more supported log sources."
"Lacks a mobile application."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"I would like to have the ability to have more control over the deployment in the next release. If you have this console in the cloud, you cannot make pilot groups for deploying the agents. We only have the current group. So, as soon as you inject the software, it will go directly into production, which doesn't work for us. We need to build up pilot groups slowly. We already requested to have this feature on the cloud, and we are still waiting."
"There is room to improve with scalability."
"An area of improvement for this solution is to make it easier to manage."
"Some agents become old and then they don't communicate well any longer."
"We don't like the solution since it requires much memory consumption and consumes much CPU resources."
"It didn't work well for some of the use cases. We have different use cases for each entity. Their support is also not good and needs improvement."
"Support-wise they need to be better."
"Trellix lacked email protection when it was a McAfee product. They added this feature during the merger with FireEye, but it hasn't been fully integrated. The core features will be integrated into the next release. FireEye has several solutions for EDR and sandboxing."
Rapid7 InsightIDR is ranked 13th in Extended Detection and Response (XDR) with 29 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 94 reviews. Rapid7 InsightIDR is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Rapid7 InsightIDR vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.