Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightIDR vs VMware Carbon Black Cloud comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Rapid7 InsightIDR
Ranking in Endpoint Detection and Response (EDR)
18th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
Security Information and Event Management (SIEM) (9th), User Entity Behavior Analytics (UEBA) (2nd), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (14th)
VMware Carbon Black Cloud
Ranking in Endpoint Detection and Response (EDR)
46th
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
18
Ranking in other categories
Security Incident Response (6th)
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Rapid7 InsightIDR is 1.1%, up from 0.7% compared to the previous year. The mindshare of VMware Carbon Black Cloud is 0.2%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.
Tom Kar - PeerSpot reviewer
Shows promise for endpoint detection and response, with room for improvement in complexity and pricing
VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network. When a machine is quarantined, it cannot communicate with any other machines on the network except for the Carbon Black Cloud server. This allows you to investigate the machine without the risk of malware escaping to the network. Carbon Black Cloud's server can communicate with the quarantined machine through DNS and VSCP. This allows you to collect data from the machine, such as system logs, process activity, and registry changes. This data can be used to investigate the infection and determine the next steps. CrowdStrike and Cybereason are also popular EDR solutions. They offer similar features to VMware Carbon Black Cloud but may have different strengths and weaknesses. It is important to evaluate all of your options before choosing an EDR solution. Additionally, it is complex to use, and the pricing should be improved.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"Simple configuration and automatically syncs to the cloud platform."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"It is a very stable solution."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"I rate Rapid7 nine out of 10 for affordability"
"Integration and scalability are the most valuable."
"The solution does very well as a baseline EDR and provides good process-level management."
"The most valuable feature of VMware Carbon Black Cloud is the possibility of securing any PC worldwide."
"They're highly stable in comparison with other solutions I have."
"The detection response and quarantining are very good features."
"It is nice when you're in a situation where you think someone's device is compromised and that there's some malware getting into your fleet."
"​The ability to isolate an endpoint with only the host name and a click of a button is a major time saver."
"Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption."
 

Cons

"The dashboard is an area that could be simplified."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"They should add more configuration and security features to it."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"The solution can only handle about 500 bans or blocks."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."
"The dashboard should be more user-friendly."
"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."
"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"
"Additionally, it is complex to use, and the pricing should be improved."
"The solution's support could be improved."
 

Pricing and Cost Advice

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"The solution has a mid-range price point in the market"
"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"VMware Carbon Black Cloud is an expensive solution."
"We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break the bank, though adding on the matching antivirus and anti-malware components of the Protect product was more than we could afford, even with some discounting. Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag."
"You need to pay for the licensing of the product. The pricing is costly."
"Pricing for this solution could be made lower."
"Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth."
"The solution is very inexpensive so there is great cost savings to using it."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
845,589 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
Computer Software Company
17%
Financial Services Firm
12%
Real Estate/Law Firm
10%
Healthcare Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
What do you like most about Carbon Black CB Response?
Threat hunting is the most valuable feature of VMware Carbon Black Cloud.
 

Also Known As

InsightIDR
Carbon Black CB Response
 

Overview

 

Sample Customers

Liberty Wines, Pioneer Telephone, Visier
ALLETE belk
Find out what your peers are saying about Rapid7 InsightIDR vs. VMware Carbon Black Cloud and other solutions. Updated: March 2025.
845,589 professionals have used our research since 2012.