No more typing reviews! Try our Samantha, our new voice AI agent.

Kaspersky Anti Targeted Attack vs Rapid7 InsightIDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 9, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Kaspersky Anti Targeted Attack
Average Rating
6.6
Reviews Sentiment
6.1
Number of Reviews
6
Ranking in other categories
Network Traffic Analysis (NTA) (24th), Network Detection and Response (NDR) (27th)
Rapid7 InsightIDR
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (25th), User Entity Behavior Analytics (UEBA) (11th), Endpoint Detection and Response (EDR) (47th), Threat Deception Platforms (6th), Extended Detection and Response (XDR) (28th)
 

Mindshare comparison

While both are Network Security Systems solutions, they serve different purposes. Kaspersky Anti Targeted Attack is designed for Network Traffic Analysis (NTA) and holds a mindshare of 1.3%, up 0.6% compared to last year.
Rapid7 InsightIDR, on the other hand, focuses on Security Information and Event Management (SIEM), holds 2.2% mindshare, down 2.6% since last year.
Network Traffic Analysis (NTA) Mindshare Distribution
ProductMindshare (%)
Kaspersky Anti Targeted Attack1.3%
Darktrace15.6%
Cisco Secure Network Analytics8.8%
Other74.3%
Network Traffic Analysis (NTA)
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Rapid7 InsightIDR2.2%
Splunk Enterprise Security7.3%
IBM Security QRadar5.3%
Other85.2%
Security Information and Event Management (SIEM)
 

Featured Reviews

FarkhundAbbas - PeerSpot reviewer
Security Engineer at adcb
The tool provides excellent sandboxing and email security features, but the backup and recovery features are not good
If my primary solution is down, no backup solution is available to restore it. It is one of the biggest weaknesses of the platform. If I need to update the solution, there is no option to pick the events and the logs from it and deploy it in another solution. The backup and recovery features of the product are not good. I need backup. If the tool is down for some time, I cannot get the logs at that particular time.
SohailHyder - PeerSpot reviewer
Head Of Cyber Security at Super Secure
Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The Kaspersky Anti-Targeted Attack Platform provides visibility into telemetry data, enabling comprehensive monitoring of environmental activities."
"I feel the anti-ransomware update is one of the tool's valuable features."
"The solution is very easy to use. Its interface is very simple, and you can build IOC's indicators. You can use your rules to detect these attacks because you can leverage threat intelligence. Y"
"The most valuable use is detailing metadata collection from the endpoint and network."
"Kaspersky Anti-Targeted Attack Platform is stable and runs all the time."
"The product's deployment phase is easy."
"The email security feature is really good."
"They can subscribe to Rapid7 because it is more valuable and delivers a greater return on investment."
"Great coverage of all systems within our network from endpoint to firewall."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"Rapid7's reporting is more robust than Tenable's."
"Dashboards, including the main screen, provide much-needed information at a glance, without hours of coding and sifting through logs to find it. In case of an actual security incident, I have faith that insightIDR has retained all logs in a secure manner that prevents log tampering as well."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
 

Cons

"The backup and recovery features of the product are not good."
"I think the tool is still not really good enough for integration compared to other products."
"Kaspersky Anti-Targeted Attack Platform is not a good product. We had problems with endpoints and the solution did not detect it. We didn't get any alerts about the attack."
"In some of the places I have come across, even though they use Kaspersky, the ransomware enters their system."
"The blind spot or gap in the platform is network analysis functionality."
"The solution lacks cloud integrations."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
"There is a future in AI with Rapid7, however, it is not fully operated. There are certain limitations with Rapid7 that I am working on."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"The ability to tune the collector for custom logs would greatly help."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
 

Pricing and Cost Advice

"Kaspersky Anti-Targeted Attack Platform is cheap."
"The solution has competitive pricing."
"Kaspersky is one of the cheaper solutions."
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"Rapid7 InsightIDR is priced very well and is cost-effective."
"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"The pricing and licensing are competitive."
"It is more reasonably priced than other vendors."
"​Accurately predict your licensing counts as this is a subscription based product.​"
report
Use our free recommendation engine to learn which Network Traffic Analysis (NTA) solutions are best for your needs.
904,748 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
11%
Comms Service Provider
11%
Outsourcing Company
11%
Educational Organization
8%
Financial Services Firm
9%
Manufacturing Company
9%
Computer Software Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise5
Large Enterprise6
 

Questions from the Community

Ask a question
Earn 20 points
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What needs improvement with Rapid7 InsightIDR?
If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature...
What is your primary use case for Rapid7 InsightIDR?
I am working with Rapid7 InsightOps and Rapid7 InsightIDR because the requirement is as such from the customer side, particularly the banks. Whatever the requirement is, these are the products that...
 

Also Known As

Kaspersky Anti Targeted Attack
InsightIDR
 

Overview

 

Sample Customers

Republic of Serbia, Goods.ru, Tael, Insolar
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about Darktrace, Auvik, SolarWinds and others in Network Traffic Analysis (NTA). Updated: June 2026.
904,748 professionals have used our research since 2012.