Rapid7 InsightIDR vs VMware Carbon Black Endpoint comparison

Rapid7 and Broadcom are both solutions in the Endpoint Detection and Response (EDR) category. Rapid7 is ranked #23 with an average rating of 7.8, while Broadcom is ranked #36 with an average rating of 6.8. Rapid7 holds a 1.2% mindshare in EDR, compared to Broadcom’s 1.7% mindshare. Additionally, 96% of Rapid7 users are willing to recommend the solution, compared to 89% of Broadcom users who would recommend it.

Rapid7 InsightIDR

Read 32 Rapid7 InsightIDR reviews

6,954 Views
2,017 Comparison Views

96% willing to recommend

VMware Carbon Black Endpoint

Read 64 VMware Carbon Black Endpoint reviews

5,214 Views
3,441 Comparison Views

89% willing to recommend

Rapid7 InsightIDR

VMware Carbon Black Endpoint

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

VMware Carbon Black Endpoint and Rapid7 InsightIDR are two prominent endpoint security solutions. Rapid7 InsightIDR holds an edge for its comprehensive suite and higher user satisfaction, while VMware Carbon Black stands out for its pricing and support.

Features: VMware Carbon Black Endpoint offers strong malware detection, threat hunting capabilities, and competitive pricing. Rapid7 InsightIDR includes advanced analytics, automated incident response, and a robust performance feature set.

Room for Improvement: VMware Carbon Black Endpoint users need better integration with other security tools, a more intuitive management console, and simplified initial setup. Rapid7 InsightIDR users want enhancements in reporting, more flexible deployment options, and improved integration with existing tools.

Ease of Deployment and Customer Service: VMware Carbon Black Endpoint is praised for its deployment process but critiqued for complex initial setup. Rapid7 InsightIDR receives positive feedback for straightforward deployment and efficient customer service, making it simpler and more reliable for users.

Pricing and ROI: VMware Carbon Black Endpoint is appreciated for its competitive pricing and perceived value. Rapid7 InsightIDR, while more expensive, is seen as worth the investment due to its extensive features and robust performance, justified by its higher ROI according to users.

To learn more, read our detailed Rapid7 InsightIDR vs. VMware Carbon Black Endpoint Report (Updated: December 2025).

Buyer's Guide

Rapid7 InsightIDR vs. VMware Carbon Black Endpoint

December 2025

Download the complete report

Helped 881,757 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Rapid7 InsightIDR

Ranking in Endpoint Detection and Response (EDR)

23rd

Average Rating

8.4

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (14th), User Entity Behavior Analytics (UEBA) (8th), Threat Deception Platforms (4th), Extended Detection and Response (XDR) (18th)

VMware Carbon Black Endpoint

Ranking in Endpoint Detection and Response (EDR)

36th

Average Rating

7.8

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (38th), Security Incident Response (7th), Ransomware Protection (8th)

Mindshare comparison

As of February 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Rapid7 InsightIDR is 1.2%, up from 1.0% compared to the previous year. The mindshare of VMware Carbon Black Endpoint is 1.7%, down from 2.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR) Market Share Distribution
Product	Market Share (%)
Rapid7 InsightIDR	1.2%
VMware Carbon Black Endpoint	1.7%
Other	97.1%

Endpoint Detection and Response (EDR)

Featured Reviews

SohailHyder

Head Of Cyber Security at Super Secure

Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration

If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Read full review

reviewer2689206

Senior VP, Technology & Leading Technology Office at a outsourcing company with 1,001-5,000 employees

Behavior analytics has strengthened threat prediction yet still needs to improve overall standing

Regarding the real-time monitoring feature with VMware Carbon Black Endpoint, it is helpful in addressing unseen threats. I find the behavior analysis feature beneficial. I assess VMware Carbon Black Endpoint's machine learning capabilities in detecting unknown threats as fantastic. The behavior and analytics feature employs machine learning, and these are features which make the product and give that distinguishing, differentiating factor. The intelligent threat hunting capabilities have impacted my customers' cybersecurity efforts by giving them the edge to be prepared well in advance. Whenever this feature provides prediction, you know what action to take. You are aware of a possible attack and what kind of attack it may be, so you are much better prepared.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Log search allows us to dive deep into aggregated logs and query all event types at once."

"The solution provides satisfying native integration features"

"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."

"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."

"The solution is very stable and works very well for what I need it to do."

"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."

"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."

"The ability to ingest Office 365 log files, then process them into events and display them on a map."

More Rapid7 InsightIDR pros

"Carbon Black Cb Defense has a nice component called Alert Triage. It contains full details of the process execution "kill chain" and "go live" for immediate remediation."

"The feature I found most valuable in Carbon Black CB Defense is the ongoing monitoring feature that works by emailing updates about any detections found."

"The product's most valuable feature is its ability to be fully integrated with the VMware environment."

"I like its reporting."

"It is stable and easy to set up."

"The most valuable feature of the solution stems from the support it provides."

"The most valuable asset is the time-lining capability for any breach activity."

"Some of the valuable features I have found are the online documentation of the solution is well organized and thorough. I like the simplicity of bypass and the visualization of the active components."

More VMware Carbon Black Endpoint pros

Cons

"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."

"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."

"They should add more configuration and security features to it."

"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."

"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."

"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."

"The APIs can be further improved in Rapid7."

"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."

More Rapid7 InsightIDR cons

"There could be more knowledge. I think they made a mistake when they took away the Check Point integration, because it provides more automation and also more threat intelligence."

"With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue."

"This solution could have greater granular control on how certain applications work."

"The device control feature could also be compatible with the user’s profile as well."

"I'm not sure as to the logic of how we've decided to customize it. We've only really used it since February and therefore there may be more to do on that front. That's why it's hard to say if something is missing or if we just aren't utilizing it."

"I am not sure whether Carbon Black CB Defense can be considered as a stable solution or not."

"In the past, we've seen some stability issues in the latest version releases. We tend to hang back one version just to make sure issues are fully resolved to avoid user disruption."

"CB Defense could be more compatible with Linux, and its cloud provision could be improved."

More VMware Carbon Black Endpoint cons

Pricing and Cost Advice

"It is a reasonably priced solution."

"It is more reasonably priced than other vendors."

"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."

"The pricing is good, and it is not very expensive."

"Rapid7 InsightIDR is priced very well and is cost-effective."

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."

"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."

More Rapid7 InsightIDR pricing and cost advice

"The product is quite reasonable."

"This is a really expensive product and we pay licensing fees on a yearly basis."

"The cost is a considerable factor, but the benefit factor is the most important. When you compare it with other products, the price is high. Carbon Black will negotiate the price."

"Price-wise, VMware Carbon Black Endpoint is a highly-priced solution. Regarding the licensing cost of the solution, one needs to opt for an annual subscription."

"We have branches, we have different companies, but we cannot buy less than 100 licenses. This does not make sense to me... It should be more flexible. I can understand their saying, "Okay, to be a customer you need 100," but to add on to that number it should be something very straightforward. If I need to add five, for example, I shouldn't need to add 100."

"Carbon Black provides competitive pricing."

"The product’s price is less expensive than other vendors."

"Carbon Black might be a touch more expensive than Symantec. They tend to get a premium for their capabilities. They're sort of an industry leader in a lot of areas with the functionality that they provide."

More VMware Carbon Black Endpoint pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

881,757 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

12%

Financial Services Firm

Manufacturing Company

Government

Financial Services Firm

12%

Government

Computer Software Company

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	20
Midsize Enterprise	5
Large Enterprise	6

By reviewers
Company Size	Count
Small Business	31
Midsize Enterprise	9
Large Enterprise	31

Questions from the Community

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

What to choose: an endpoint antivirus, an EDR solution or both?

I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...

See all answers

What's the difference between Carbon Black CB Response and Carbon Black CB Defense?

Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...

See all answers

What do you like most about Carbon Black CB Defense?

VMware Carbon Black Endpoint is a highly stable solution.

See all answers

Comparisons

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 5% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 5% of the time

Splunk Enterprise Security vs Rapid7 InsightIDR

Compared 5% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 4% of the time

Darktrace vs Rapid7 InsightIDR

Compared 3% of the time

More Rapid7 InsightIDR Competitors

CrowdStrike Falcon vs VMware Carbon Black Endpoint

Compared 16% of the time

Microsoft Defender for Endpoint vs VMware Carbon Black Endpoint

Compared 7% of the time

SentinelOne Singularity Complete vs VMware Carbon Black Endpoint

Compared 6% of the time

Cortex XDR by Palo Alto Networks vs VMware Carbon Black Endpoint

Compared 5% of the time

Trellix Endpoint Security Platform vs VMware Carbon Black Endpoint

Compared 4% of the time

More VMware Carbon Black Endpoint Competitors

Product Reports

Buyer's Guide

Rapid7 InsightIDR

January 2026

Download Rapid7 InsightIDR product report

Buyer's Guide

VMware Carbon Black Endpoint

January 2026

Download VMware Carbon Black Endpoint product report

Also Known As

InsightIDR

Carbon Black CB Defense, Bit9, Confer

Overview

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

VMware Carbon Black Endpoint enhances endpoint security with its robust EDR, threat detection, and live response features. The cloud-based architecture supports remote management and easy setup while behavioral monitoring and dynamic grouping minimize security risks.

VMware Carbon Black Endpoint is designed for those seeking comprehensive endpoint protection. With its cloud-based deployment, organizations experience streamlined remote control and simplified rollout processes. Its behavioral monitoring, incident response capabilities, and firewall integration deliver advanced security measures. Although it addresses many security challenges, areas like manual alert management, on-demand scanning, and integration with systems like AlienVault USM require refinement. Improved UI, EDR components, and flexible pricing models would enhance user satisfaction. On-premise deployment infrastructure and compatibility issues with some operating systems need attention. Enhanced reporting, container security, and multi-tenancy support are also essential for fulfilling industry needs. AI-driven analysis and threat isolation empower companies by fostering proactive management.

What are the key features of VMware Carbon Black Endpoint?

EDR Capabilities: Offers comprehensive endpoint detection and response to identify and mitigate threats.
Live Response: Enables real-time threat response actions for rapid containment and remediation.
Threat Detection: Uses advanced AI to identify and isolate potential security risks effectively.
Cloud-Based Architecture: Facilitates remote management and easy deployment of security measures.
Behavioral Monitoring: Continuously analyzes application behavior to detect anomalies and threats.
Dynamic Grouping: Organizes devices for improved management and targeted security policies.
Firewall Integration: Enhances security by integrating existing firewall solutions for a layered defense approach.
Whitelisting and Policy Management: Streamlines security configurations by managing allowed applications and user access policies.

What benefits should users look for when evaluating VMware Carbon Black Endpoint?

Ease of Setup: Simplifies initial deployment and management processes.
Scalability: Supports organizational growth by easily adapting to expanding security needs.
Detailed Process Monitoring: Provides deep visibility into application processes to identify threats efficiently.
Threat Isolation: Promotes proactive threat management, helping minimize the impact of security breaches.

VMware Carbon Black Endpoint finds extensive application in industries focused on stringent security requirements. Managed security service providers leverage its capabilities to deliver comprehensive protection to multiple clients worldwide. Organizations use it primarily for antivirus protection and incident management, integrating it with their existing security frameworks to strengthen endpoint visibility and real-time threat prevention. Its advanced detection and application control features make it a preferred choice in industries that prioritize robust security measures. However, it requires improvements in terms of system compatibility and customization flexibility to better serve diverse industry environments.

Broadcom

Sample Customers

Liberty Wines, Pioneer Telephone, Visier

Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America

Buyer's Guide

Rapid7 InsightIDR vs. VMware Carbon Black Endpoint

December 2025

Free Report: Rapid7 InsightIDR vs. VMware Carbon Black Endpoint

Find out what your peers are saying about Rapid7 InsightIDR vs. VMware Carbon Black Endpoint and other solutions. Updated: December 2025.

DOWNLOAD NOW

881,757 professionals have used our research since 2012.

See our Rapid7 InsightIDR vs. VMware Carbon Black Endpoint report.

See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.