Huntress vs. Palo Alto Networks Cortex XDR vs. Rapid7 InsightIDR

Huntress is great for a managed service provider to provide a better cybersecurity stack to their endpoints/customers. Some smaller clients cannot afford high-priced SOC services but require SOC-level protection. Along with a couple of other layers of security, Huntress provides peace of mind for the MSP that if a threat were to arise, they would be notified with specific instructions for dealing with that threat.

Incentivized

Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.

Incentivized

It has been brilliant for us in terms of understanding the behaviour affecting our endpoints and assets. We have full visibility of our alerts, which menas we can act on them immediately. We use a single pain of glass with dashboards that can be easily drilled down into to get further information. It has laso helped us eo create bespoke reports for senios Managmeent, while at the same time supports other teams like Network Mnagement and Operations.

Incentivized

• Using the latest industry knowledge of threats that have been ongoing, but not previously known and projecting it back in time against their installed endpoints to identify machines that are vulnerable or breached and when it these events occurred
• Very quiet. If they alert, it is a thing.
• Very good at remediation.
• They communicate extremely well when it matters.
• While there are the most extensive products more often than not they are the first to alert us to a threat.

Incentivized

• Direct Access to devices via Live Terminal which provides operations with scripting, triage, and preservation of artifacts.
• Behavioral Indicators of Compromise which provides alerts on events regarding groups of hosts and their signatures.
• Querying complex data sets involving a variety of devices for network connections, hashes, DNS, etc.

Incentivized

• Rapid7 InsightIDR does a very good job at keeping virus definitions up to date so that our threat intelligence is very up to date when knowing what to protect against.
• It helps us by scanning all of our infrastructure components and highlights where improvements need to be made in security so we can be proactive with our security initiatives.
• It has automated response mechanisms to triage and resolve any potentials risks allowing us to save time in the long run.

Incentivized

• Now that they have EDR capability, they need to fully participate in MITRE testing for direct comparison against other EDR products.
• Now that they are going into Managed Antivirus and EDR with isolation capabilities they need to update their SLA comparative to other vendors
• Support for non-Windows OSes for consistency in a network
• It would be nice to seed canary files in custom shares on servers.

Incentivized

• Traps doesn't seem to function as a traditional A/V very well, so it's better as another layer to your endpoint protection
• Traps can cause issues with some legacy or custom programs, so exceptions may have to be made
• Traps falsely identifies things as malicious at times, this is not often though

Incentivized

• Sometimes Rapid7 InsightIDR will be too locked down and without knowing will block applications and processes needed for day to day operation.
• System scans with Rapid7 InsightIDR can be very bandwidth-heavy on the network and system resources.
• From a recent incident, we have seen more and more false positives from Rapid7 InsightIDR on areas that we know are secure.

Incentivized

We dropped SentinelOne in favor of Huntress because the UI was much more simplistic for the tier 1 techs to maintain. It beats the old web design model of three clicks to where you want to go. It is very intuitive. No one needs training to figure out how to navigate its console.

Incentivized

As every attacks get started because of user mistake or employee mistake. they click on any link they open any software without knowing its behavioural. But after Palo Alto Networks Cortex XDR we able to identify what user is doing We can put sudden type of restriction as per our organization policy. If some malicious file is found it can be quarantined. easy remote terminal access for investogation rather going one by one user for endpoint if they are busy then we have to wait but now from console only we can do this all.

Incentivized

The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.

Incentivized

Firstly from a business model, [VMware] Carbon Black [Cloud Managed Detection] was not outfitted for the MSP where Huntress is very MSP-friendly from an affordably easy point to entry to value for money licensing. Carbon Black TS is not bad in anyway, well, that we found, but Huntress is a new layer of security that fits between the OS and AV layers to provide additional information, monitoring, and detection. With Huntress backing the MSP, [it] sure does help as well.

Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps. McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.

Incentivized

The biggest advantage it has the lightweight agent and smooth and less traffic chaos in network during log collection. Cloud Security always require extra efforts but InsightIDR reduce that burden as it has highly anticipated agents to which knows what they need to do when they captured malicious traffic.log collection and threat intelligence is major part in and xdr and here it stand out along others in the market, I started my career as qualys administration but I like InsightIDR much now.

Incentivized

• We have been able to lower operational costs by shifting to Huntress.
• We've been able to cut costs to our clients by utilizing Huntress over competing products.
• In spite of inflation, we've been able to keep our managed service prices at a steady, below market rate, because of Huntress.

Incentivized

• After putting Palo Alto Networks Cortex XDR on a user's system, users came back with a positive response that there are no performance issues now.
• We are able to track and control granular suspicious and malicious activities.
• Web controls are missing, which if they would have been there would have been very helpful.

Incentivized

• Rapid7 InsightIDR has allowed us to be proactive in securing our systems as the vulnerability scans give us a lens at what we need to fortify when it comes to security.
• In recent incidents its allowed us to save time and money as it mostly detects issues accurately and we are able to bring systems back quickly without too much downtime for the business.
• With recent updates, we are confident that Rapid7 InsightIDR is a good solution for the long run as they are always making adjustments to their platform and improving it with every release.

Incentivized