Endpoint Detection & Response
Top Rapid7 InsightIDR Alternatives and Competitors

Industry-proven through award-winning protection, ThreatDown powered by Malwarebytes (Formerly Malwarebytes Endpoint Detection and Response) stops attacks against workstations and servers with security that catches what other solutions miss. ThreatDown provides organizations complete, integrated protection through a single, lightweight agent that is incredibly fast to install and easy to manage.

Detect, prevent and respond to attacks with next-generation endpoint protection delivered via the Falcon Platform.

Sophos Intercept X is the world's best endpoint protection, combining ransomware protection, deep learning malware detection, exploit prevention, EDR, and more in a single solution.

SentinelOne Singularity XDR unifies and extends detection, investigation and response capability across the entire enterprise, providing security teams with centralized end-to-end enterprise visibility, powerful analytics, and automatable response across the technology stack. The solution empowers security teams to see data collected by disparate security solutions from all platforms, including endpoints, cloud workloads, network devices, email, identity, and more, within a single dashboard.

Huntress is a provider of advanced threat detection and actionable cybersecurity information that delivers easy to follow remediation steps into your existing ticketing system. Huntress enables you to find and stop hidden threats that sneak past preventive security tools. By focusing on a specific set of attack surfaces, vulnerabilities and exploits, our platform helps IT service providers protect their customers from persistent footholds, ransomware and other attacks.

Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats. Defender for Endpoint customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications are always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.

To stay ahead of fast-moving threats, you need AI-powered endpoint security that continuously learns new attack techniques. Cortex XDR™ offers protection that blocks all malware, exploits and fileless attacks to keep your endpoints safe

Protect and empower your workforce with an integrated security framework that protects every endpoint. Trellix (formerly McAfee Mvision) endpoint security solutions apply proactive threat intelligence and defenses across the entire attack lifecycle to keep your organization safer and more resilient.

Trend Micro Vision One is a purpose-built threat defense platform that provides added value and new benefits beyond XDR solutions, allowing you to see more and respond faster. Providing deep and broad extended detection and response (XDR) capabilities that collect and automatically correlate data across multiple security layers—email, endpoints, servers, cloud workloads, and networks—Trend Micro Vision One prevents the majority of attacks with automated protection.

Kaspersky Endpoint Detection and Response (EDR) Expert provides comprehensive visibility across all endpoints on your corporate network and delivers superior defenses, automating routine EDR tasks and enabling the Analyst to speedily hunt out, prioritize, investigate and neutralize complex threats and APT-like attacks. Kaspersky EDR Expert uses a single agent that can be managed both from a cloud-based single management platform and from an offline console in air-gapped environments, leveraging threat intelligence and incorporating customizable detections.

Kaspersky Endpoint Detection and Response (EDR) Optimum delivers advanced detection, simple investigation and automated response in an easy-to-use package, to protect your business against the latest threats.

Carbon Black EDR is an incident response and threat hunting solution designed for security operations center (SOC) teams with offline environments or on-premises requirements. Carbon Black EDR continuously records and stores comprehensive endpoint activity data, so that security professionals can hunt threats in real time and visualize the complete attack kill chain. It leverages the VMware Carbon Black Cloud’s aggregated threat intelligence, which is applied to the endpoint activity system of record for evidence and detection of these identified threats and patterns of behavior