Rapid7 InsightIDR vs Trellix Endpoint Security Platform comparison

Rapid7 and Trellix are both solutions in the Endpoint Detection and Response (EDR) category. Rapid7 is ranked #22 with an average rating of 7.8, while Trellix is ranked #10 with an average rating of 7.9. Rapid7 holds a 1.2% mindshare in EDR, compared to Trellix’s 3.7% mindshare. Additionally, 96% of Rapid7 users are willing to recommend the solution, compared to 88% of Trellix users who would recommend it.

Rapid7 InsightIDR

Read 32 Rapid7 InsightIDR reviews

6,636 Views
1,924 Comparison Views

96% willing to recommend

Trellix Endpoint Security P...

Read 159 Trellix Endpoint Security Platform reviews

9,310 Views
6,238 Comparison Views

88% willing to recommend

Rapid7 InsightIDR

Trellix Endpoint Security P...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Dec 21, 2025

Trellix Endpoint Security Platform and Rapid7 InsightIDR are competitors in the security platform category. Based on the data comparison, Trellix holds an advantage in centralized management and advanced threat scanning while Rapid7 excels in user behavior analytics and sophisticated threat detection.

Features: Trellix excels in centralized management, threat prevention, and integration with various security tools. It supports advanced threat scanning and containment. Rapid7 InsightIDR offers robust user behavior analytics, threat intelligence, and integration with cloud-based systems, excelling in sophisticated threat detection and log analysis.

Room for Improvement: Trellix needs to reduce resource consumption, enhance its user interface, and provide better support for non-Windows platforms. Rapid7 InsightIDR would improve with enhanced customization options for alerts, better integration with broader ecosystems, and improvements in dashboard usability and search functionalities.

Ease of Deployment and Customer Service: Trellix supports various deployment models including on-premises and hybrid cloud, offering flexibility though sometimes presenting complexity during setup. Rapid7 InsightIDR, being mostly cloud-based, allows straightforward deployment with easier infrastructure management. Trellix's customer support receives mixed reviews, whereas Rapid7 is praised for responsive and efficient service.

Pricing and ROI: Trellix Endpoint Security is seen as cost-effective despite higher pricing, offering strong ROI through protection capabilities and management efficiency. Rapid7 InsightIDR is competitively priced within the SIEM market, providing significant value with comprehensive threat detection and minimal infrastructure requirements. Both platforms deliver substantial ROI, with reported cost benefits from streamlined operations and improved security.

To learn more, read our detailed Rapid7 InsightIDR vs. Trellix Endpoint Security Platform Report (Updated: December 2025).

Buyer's Guide

Rapid7 InsightIDR vs. Trellix Endpoint Security Platform

December 2025

Download the complete report

Helped 881,114 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Rapid7 InsightIDR

Ranking in Endpoint Detection and Response (EDR)

22nd

Ranking in Extended Detection and Response (XDR)

18th

Average Rating

8.4

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (15th), User Entity Behavior Analytics (UEBA) (7th), Threat Deception Platforms (4th)

Trellix Endpoint Security P...

Ranking in Endpoint Detection and Response (EDR)

10th

Ranking in Extended Detection and Response (XDR)

9th

Average Rating

7.8

Reviews Sentiment

7.2

Number of Reviews

159

Ranking in other categories

Endpoint Protection Platform (EPP) (7th)

Mindshare comparison

As of January 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Rapid7 InsightIDR is 1.2%, up from 0.9% compared to the previous year. The mindshare of Trellix Endpoint Security Platform is 3.7%, down from 4.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR) Market Share Distribution
Product	Market Share (%)
Trellix Endpoint Security Platform	3.7%
Rapid7 InsightIDR	1.2%
Other	95.1%

Endpoint Detection and Response (EDR)

Featured Reviews

SohailHyder

Head of Cyber Security at Super Secure

Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration

If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Read full review

Abhimanyu Das

Senior Associate at a tech vendor with 10,001+ employees

Threat detection is effective, and the solution provides good control over device access, but it still needs better troubleshooting options for agent-related issues.

From an improvement perspective, I am looking for a way to troubleshoot situations where the endpoint agent becomes corrupted and requires reinstallation, as there is currently no option to resolve these issues without rebooting the system. I give it a rating of seven because, in today’s scenario, the portal is complicated to navigate. The Trellix Endpoint Security Platform dashboard is somewhat difficult to understand, and it takes considerable time to familiarize oneself with the tools and policies compared to other solutions. For on-premises deployment, I would also like to highlight that the architecture is quite complex, which is an area Trellix Endpoint Security Platform should consider improving.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."

"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."

"I like that it's a cloud-based solution."

"The ability to ingest Office 365 log files, then process them into events and display them on a map."

"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."

"I rate Rapid7 nine out of 10 for affordability"

"Simple configuration and automatically syncs to the cloud platform."

"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."

More Rapid7 InsightIDR pros

"The compatibility with a variety of laptops is our biggest advantage."

"It is a stable solution...The solution's technical support is good."

"The most valuable feature is the integration between environments."

"The solution is easy to manage, easy to implement, easy to install, and the support is excellent."

"The product is easy to use."

"FireEye Endpoint Security is easy to use and lightweight compared to others."

"Automatic user recovery prior to Windows booting up."

"The technical support services are good."

More Trellix Endpoint Security Platform pros

Cons

"Inability to get access to compliance reports within the solution."

"The searching feature in Rapid7 InsightIDR needs to evolve"

"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."

"If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is."

"There is a future in AI with Rapid7, however, it is not fully operated. There are certain limitations with Rapid7 that I am working on."

"They should add more configuration and security features to it."

"The integration capabilities of the solution have certain shortcomings where improvements are required."

"There are certain limitations with Rapid7 that I am working on."

More Rapid7 InsightIDR cons

"The initial setup can be a bit complicated for those unfamiliar with the product."

"If you have another endpoint product running on the same machine, you have to fine tune functions from FireEye to avoid performance and user experience issues."

"There are more secure featured solutions from McAfee on the market but for smaller companies like ours, they are too expensive."

"It would be nice if the solution was a bit more stable."

"Intrusion detection and intervention seem to be falling behind the competition."

"In some cases, the detection part was not accurate enough. We opened a few cases for the vendor to help us with some miscategorized findings on the endpoints. There were some false positive detections, and we had to work with the vendor to get them tested. We even had some incidents that were not detected. It was a black box type of solution for us."

"McAfee Endpoint Protection could improve the word control feature."

"We would like to solution to offer better security."

More Trellix Endpoint Security Platform cons

Pricing and Cost Advice

"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."

"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."

"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

"The pricing is good, and it is not very expensive."

"The pricing of the solution depends on the user. But there is a yearly licensing cost."

"It is a reasonably priced solution."

"Accurately predict your licensing counts as this is a subscription based product."

More Rapid7 InsightIDR pricing and cost advice

"The product pricing is high."

"It provides good value by striking a balance between cost-effectiveness and feature richness."

"The initial price is very good as they give good initial discounts, but it seems a little expensive once you renew the license."

"This product is costly."

"It is based on an annual subscription."

"The pricing is comparable to other solutions on the market."

"Licensing fees are billed on a yearly basis."

"The pricing is reasonable."

More Trellix Endpoint Security Platform pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

881,114 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

11%

Financial Services Firm

Manufacturing Company

Government

Manufacturing Company

14%

Government

12%

Financial Services Firm

Computer Software Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	20
Midsize Enterprise	5
Large Enterprise	6

By reviewers
Company Size	Count
Small Business	67
Midsize Enterprise	36
Large Enterprise	61

Questions from the Community

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

How does McAfee Endpoint Security compare with MVISION?

The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deploy various components as desired with McAfee Endpoint Security, whereas many othe...

See all answers

How does Crowdstrike Falcon compare with FireEye Endpoint Security?

The Crowdstrike Falcon program has a simple to use user interface, making it both an easy to use as well as an effective program. Its graphical design is such that it makes an extremely useful too...

See all answers

What do you like most about McAfee Endpoint Security?

It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts.

See all answers

Comparisons

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 6% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 5% of the time

Splunk Enterprise Security vs Rapid7 InsightIDR

Compared 5% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 4% of the time

Darktrace vs Rapid7 InsightIDR

Compared 4% of the time

More Rapid7 InsightIDR Competitors

Microsoft Defender for Endpoint vs Trellix Endpoint Security Platform

Compared 9% of the time

CrowdStrike Falcon vs Trellix Endpoint Security Platform

Compared 5% of the time

Trellix Endpoint Detection and Response (EDR) vs Trellix Endpoint Security Platform

Compared 5% of the time

SentinelOne Singularity Complete vs Trellix Endpoint Security Platform

Compared 5% of the time

Tanium vs Trellix Endpoint Security Platform

Compared 4% of the time

More Trellix Endpoint Security Platform Competitors

Product Reports

Buyer's Guide

Rapid7 InsightIDR

January 2026

Download Rapid7 InsightIDR product report

Buyer's Guide

Trellix Endpoint Security Platform

January 2026

Trellix Endpoint Security Platform report

Download Trellix Endpoint Security Platform product report

Also Known As

InsightIDR

McAfee Endpoint Security, McAfee Endpoint Protection, Intel Security Total Protection for Endpoint, McAfee Complete Endpoint Protection, Trellix Endpoint Security (ENS)

Overview

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

Trellix Endpoint Security Platform offers essential features like centralized management, threat prevention, and encryption, facilitating seamless scaling and integration with other systems while prioritizing user security.

This comprehensive platform focuses on endpoint protection, antivirus capabilities, and malware defense. It enhances cybersecurity with data loss prevention, advanced threat detection, and AI-driven features for reliable protection without impacting performance. Central management and advanced reporting streamline integration and ease of use. Flexible policy deployment through the management console and its robust security measures, such as DLP and device control, further increase protection. Challenges include high CPU and memory usage affecting performance, a complex interface, and lengthy deployment. Third-party integration and Windows Hello support need improvement. Additional concerns involve improved threat detection and faster technical support responses.

What are the key features of Trellix Endpoint Security Platform?

Centralized Management: Allows seamless integration and scaling with consistent control across environments.
Threat Prevention: Provides comprehensive antivirus and malware protection to secure systems.
Encryption: Ensures data security with robust encryption techniques.
Advanced Reporting: Facilitates detailed insights and analysis for better decision-making.
AI-Driven Detection: Offers reliable threat detection without impacting system performance.

What benefits should users look for in reviews?

Comprehensive Protection: Offers extensive security measures for protecting digital environments.
Ease of Integration: Simplifies the process of incorporating into current systems and processes.
Flexible Policy Deployment: Supports adaptable policy management to meet diverse requirements.
Scalability: Enables growth while maintaining efficiency and security.
Robust Security Features: Provides advanced security measures like DLP and device control.

Trellix Endpoint Security Platform is widely implemented in industries such as banking and government for securing mobile and desktop devices. Its capabilities cover network security, device control, and remote access protection, catering to diverse environments by offering robust cybersecurity management against advanced threats.

Trellix

Sample Customers

Liberty Wines, Pioneer Telephone, Visier

inHouseIT, Seagate Technology

Buyer's Guide

Rapid7 InsightIDR vs. Trellix Endpoint Security Platform

December 2025

Free Report: Rapid7 InsightIDR vs. Trellix Endpoint Security Platform

Find out what your peers are saying about Rapid7 InsightIDR vs. Trellix Endpoint Security Platform and other solutions. Updated: December 2025.

DOWNLOAD NOW

881,114 professionals have used our research since 2012.

See our Rapid7 InsightIDR vs. Trellix Endpoint Security Platform report.

See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.