Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Endpoint vs Rapid7 InsightIDR comparison

Microsoft and Rapid7 are both solutions in the Endpoint Detection and Response (EDR) category. Microsoft is ranked #3 with an average rating of 8.3, while Rapid7 is ranked #24 with an average rating of 8.2. Microsoft holds a 10.5% mindshare in EDR, compared to Rapid7’s 1.1% mindshare. Additionally, 94% of Microsoft users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.
Microsoft Defender for Endp...
Read 197 Microsoft Defender for Endpoint reviews
  • 21,591 Views
  • 17,028 Comparison Views
94% willing to recommend
Rapid7 InsightIDR
Read 32 Rapid7 InsightIDR reviews
  • 1,895 Views
  • 1,212 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

Rapid7 InsightIDR and Microsoft Defender for Endpoint are leading security solutions. Reviews indicate Rapid7 InsightIDR is favored for pricing and support while Microsoft Defender for Endpoint is preferred for its comprehensive features, making users feel it is worth the investment.

Features: Rapid7 InsightIDR is user-friendly and known for strong threat detection. Microsoft Defender for Endpoint is known for integration with Microsoft tools and advanced threat protection. InsightIDR's incident detection is simpler, while Defender's integration capabilities are more versatile for larger ecosystems.

Room for Improvement: Rapid7 InsightIDR users desire enhanced analytics and deeper threat intelligence. Microsoft Defender for Endpoint users seek improvements in system performance and fewer false positives. Performance optimization in Defender is more frequently noted.

Ease of Deployment and Customer Service: Rapid7 InsightIDR has a quick deployment process and responsive support. Microsoft Defender for Endpoint provides efficient deployment but has some complexity due to integration. Customer services are well-regarded, with Rapid7's support slightly more praised for its promptness.

Pricing and ROI: Rapid7 InsightIDR is considered cost-effective with a favorable ROI due to lower setup costs and reliable performance. Microsoft Defender for Endpoint, although more expensive, offers a higher ROI through robust features and extensive security measures. Users feel the higher price is justified by its advanced capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Microsoft Defender for Endpoint vs. Rapid7 InsightIDR Report (Updated: April 2025).
Buyer's Guide
Microsoft Defender for Endpoint vs. Rapid7 InsightIDR
April 2025
Download the complete report
Helped 851,491 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender for Endp...
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
197
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Microsoft Security Suite (5th)
Rapid7 InsightIDR
Ranking in Endpoint Detection and Response (EDR)
24th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (13th), User Entity Behavior Analytics (UEBA) (3rd), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (15th)
 

Mindshare comparison

As of May 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Microsoft Defender for Endpoint is 10.5%, down from 14.1% compared to the previous year. The mindshare of Rapid7 InsightIDR is 1.1%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.
Read full review
Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like that it's easy to deploy because it already comes with Windows 10. Overall, it has all the features that we need. Easy to deploy, comes with updates, and comes with Windows updates. You don't have to really manage or update the signature."
"Microsoft Defender for Endpoint is extremely stable."
"The automatic attack disruption feature in Microsoft Defender for Endpoint works great."
"A few years ago, when I was using a different product, I was affected by a virus that destroyed everything. Since using Microsoft Defender, I have not had this kind of problem."
"The technical support from Microsoft is very good. We are part of the Microsoft Suite, and from being part of this we have consistent news regarding Microsoft Defender for Endpoint."
"Microsoft Defender can block some viruses or malware. So, it can protect my files. It can save files on Office 365 OneDrive. I use encryption for some files, then I can recover them from OneDrive."
"It doesn't cause the slowness of the system, which is one of the reasons why I like it."
"Microsoft Defender for Endpoint's WCS function, a content filtering solution, has proven to be the most useful, stable, and reliable option for our current needs."
More Microsoft Defender for Endpoint pros
"The solution is very scalable in terms of the licensing model."
"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"Log search allows us to dive deep into aggregated logs and query all event types at once.​"
"Features for user behavior analytics and the rules for attack review are good."
"I like that it's a cloud-based solution."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
More Rapid7 InsightIDR pros
 

Cons

"Where we stand right now, compared to other products that are there in the market, they still have to work on their threat intelligence and the overall maturity of detecting the malware."
"Microsoft Defender for Endpoint does not provide much flexibility in terms of threats."
"We would like more customization."
"The product development team makes frequent changes that affect the stability of the solution."
"A challenge is that it is not a multi-tenant solution. Microsoft's tenant is a licensed tenant. I'm an MSSP. So, I have multiple customers. In Microsoft's world, that means that I can't just buy an E5 license and give that out to all my customers. That won't work because all of the customer data resides within a single tenant in Microsoft's world. Other products—such as SentinelOne, Palo Alto Cortex, CrowdStrike, et cetera—are multi-tenant. So, I can have it at the top of the pyramid for my analyst to look into it and see all the customers, but each customer's data is separate. If the customer wants to look at what we see, they would only see their data, whereas in the Microsoft world, if I've got multiple customers connected to the same Microsoft tenant, they would see everybody else's data, which is a privacy problem in Europe. It is not possible to share the data, and it is a breach of privacy."
"The reporting in Microsoft Defender for Endpoint should improve. The solution has limited features."
"It can get a bit laggy sometimes. Other than that, we don't have any issues. They constantly tweak it and fix it up based on users' feedback. It has improved a lot over the past four years. Defender for Endpoint never really used to be a good endpoint security solution, but over the past couple of years, Microsoft has invested heavily in it. So, it has come a long way in all aspects of endpoint security. If they want to make it better, they should just continue investing in the current path of what they've been doing over the past couple of years."
"This solution needs to move beyond relying on virus definitions alone and protect the system using behavioral analysis of the processes that are running."
More Microsoft Defender for Endpoint cons
"The main problem lies in the processes within the client's operating systems."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"The ability to tune the collector for custom logs would greatly help."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"Lacks a mobile application."
More Rapid7 InsightIDR cons
 

Pricing and Cost Advice

"Microsoft Defender for Endpoint is cost-effective because there's one unified license, and with this unified license, you get the capabilities for your cloud applications, servers, and endpoints as well. Therefore, it saves us a lot of money because the cost with other solutions is for just one piece of OS or maybe an urban environment. The licensing process is not complex as well."
"I pay for it through the Windows Professional or Standard license. It is a one-time cost for me, and I use the same license."
"It is within the same range as other products. It is not too expensive, and it is also not cheap. Its price can be better, but, well, it is Microsoft."
"Because Microsoft Defender comes as an add-on, it can be a bit expensive if you're trying to buying it separately. Another option is to upgrade, but the enterprise licenses for Microsoft can also be quite a bit pricey. Overall, the cost of Microsoft Defender compared to that of other endpoint detection solutions is slightly higher."
"It isn't cheap, but it's reasonable and fair."
"We pay a yearly license for Microsoft Defender. We also have a support contract with them."
"It is so expensive. It isn't cheaper than McAfee or other solutions."
"It is affordable and comes in the Office 365 bundle."
More Microsoft Defender for Endpoint pricing and cost advice
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"Rapid7 InsightIDR's pricing is reasonable."
"It is a reasonably priced solution."
"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
More Rapid7 InsightIDR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
See recommendations
851,491 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
24%
Computer Software Company
12%
Government
7%
Financial Services Firm
7%
Computer Software Company
16%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
See all answers
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
See all answers
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
See all answers
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
See all answers
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightIDR?
The product pricing is very cheap.
See all answers
 

Comparisons

CrowdStrike Falcon vs Microsoft Defender for Endpoint Logo
CrowdStrike Falcon vs Microsoft Defender for Endpoint
Compared 8% of the time
Symantec Endpoint Security vs Microsoft Defender for Endpoint Logo
Symantec Endpoint Security vs Microsoft Defender for Endpoint
Compared 5% of the time
Microsoft Intune vs Microsoft Defender for Endpoint Logo
Microsoft Intune vs Microsoft Defender for Endpoint
Compared 4% of the time
F-Secure Total vs Microsoft Defender for Endpoint Logo
F-Secure Total vs Microsoft Defender for Endpoint
Compared 4% of the time
HP Wolf Security vs Microsoft Defender for Endpoint Logo
HP Wolf Security vs Microsoft Defender for Endpoint
Compared 4% of the time
More Microsoft Defender for Endpoint Competitors
Darktrace vs Rapid7 InsightIDR Logo
Darktrace vs Rapid7 InsightIDR
Compared 10% of the time
Microsoft Sentinel vs Rapid7 InsightIDR Logo
Microsoft Sentinel vs Rapid7 InsightIDR
Compared 9% of the time
Rapid7 InsightVM vs Rapid7 InsightIDR Logo
Rapid7 InsightVM vs Rapid7 InsightIDR
Compared 8% of the time
CrowdStrike Falcon vs Rapid7 InsightIDR Logo
CrowdStrike Falcon vs Rapid7 InsightIDR
Compared 5% of the time
Trend Vision One vs Rapid7 InsightIDR Logo
Trend Vision One vs Rapid7 InsightIDR
Compared 3% of the time
More Rapid7 InsightIDR Competitors
 

Product Reports

Buyer's Guide
Microsoft Defender for Endpoint
May 2025
Microsoft Defender for Endpoint reportDownload Microsoft Defender for Endpoint product report
Buyer's Guide
Rapid7 InsightIDR
May 2025
Rapid7 InsightIDR reportDownload Rapid7 InsightIDR product report
 

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
InsightIDR
 

Interactive Demo

Microsoft
Demo not available
Rapid7
 

Overview

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7
 

Sample Customers

Petrofrac, Metro CSG, Christus Health
Liberty Wines, Pioneer Telephone, Visier
Buyer's Guide
Microsoft Defender for Endpoint vs. Rapid7 InsightIDR
April 2025
Free Report: Microsoft Defender for Endpoint vs. Rapid7 InsightIDR
Find out what your peers are saying about Microsoft Defender for Endpoint vs. Rapid7 InsightIDR and other solutions. Updated: April 2025.
DOWNLOAD NOW
851,491 professionals have used our research since 2012.
See our Microsoft Defender for Endpoint vs. Rapid7 InsightIDR report.
See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.