Endpoint Detection & Response
Top Rapid7 InsightIDR Alternatives and Competitors

ThreatDown EDR (endpoint detection and response) is enriched by Malwarebytes global threat intelligence and its patented remediation engine that removes every trace of malware to prevent reinfection. Seven-day ransomware rollback ensures organizations can turn the clock back on attacks and restore systems.

The CrowdStrike Falcon platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities. Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.

Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats. Defender for Endpoint customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications are always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.

To stay ahead of fast-moving threats, you need AI-powered endpoint security that continuously learns new attack techniques. Cortex XDR™ offers protection that blocks all malware, exploits and fileless attacks to keep your endpoints safe

The Huntress Managed Security Platform quickly deploy and manage real-time protection for endpoints, email, and employees - all from a single dashboard. Protecting endpoints and Microsoft 365 identities doesn’t happen magically. See the features and services that act as our platform’s foundation.

SentinelOne Singularity platform is an industry-first data lake that seamlessly fuses together the data, access, control, and integration planes of its endpoint protection (EPP), endpoint detection and response (EDR), IoT security, and cloud workload protection (CWPP) into a centralized platform. With Singularity, organizations gain access to back-end data across the organization through a single solution, providing a cohesive view of their network and assets by adding a real time, autonomous security layer across all enterprise assets.

Sophos Endpoint powered by Intercept X delivers unparalleled protection, stopping advanced attacks before they impact your systems. Powerful endpoint and extended detection and response (EDR/XDR) tools let your organization hunt for, investigate, and respond to suspicious activity and indicators of an attack.

Secure Endpoint offers cloud-delivered, advanced endpoint detection and response across multidomain control points to rapidly detect, contain, and remediate advanced threats. Stop threats with built-in or completely managed endpoint detection and response (EDR), threat hunting, and integrated risk-based vulnerability management from Kenna Security The built-in SecureX platform delivers a unified view, simplified incident management, and automated playbooks. Our proactive, human-driven hunts for threats map to the MITRE ATT&CK framework to help you thwart attacks before they cause damage.

Protect and empower your workforce with an integrated security framework that protects every endpoint. Trellix (formerly McAfee Mvision) endpoint security solutions apply proactive threat intelligence and defenses across the entire attack lifecycle to keep your organization safer and more resilient.

Trend Vision One is a purpose-built threat defense platform that provides added value and new benefits beyond XDR solutions, allowing you to see more and respond faster. Providing deep and broad extended detection and response (XDR) capabilities that collect and automatically correlate data across multiple security layers—email, endpoints, servers, cloud workloads, and networks—Trend Micro Vision One prevents the majority of attacks with automated protection.

The Cynet security platform correlates and analyzes indicators across all fronts of the organization – networks, files, users and endpoints – to establish risk-ranking and hone in on previously unidentified threats. It is a complete, natively built, fully integrated and automated suite of cybersecurity capabilities in one, unified solution that is easy to deploy, operate and manage.

Check Point SandBlast Network provides zero-day protection, through a combination of evasion-resistant threat emulation, revolutionary AI engines and threat extraction that pre-emptively sanitizes email and web downloads. Empowering organizations to take a prevention-first strategy to cyberattacks, SandBlast Network defends against the most devastating attacks, including unknown ransomware, Trojans, phishing and social engineering. SandBlast Network deploys with your current infrastructure, offering fully automated policy configuration, without compromising business productivity and agility.

Carbon Black EDR is an incident response and threat hunting solution designed for Security Operations Center teams with offline environments or on-premises requirements. Carbon Black EDR continuously records and stores endpoint activity data so security professionals can hunt threats in real time and visualize the complete attack kill chain, using the Carbon Black Cloud’s aggregated threat intelligence.