Netsurion Reviews

Name: Netsurion
Brand: Netsurion
Rating: 4 (24 reviews)

4.2 out of 5

24 reviews
92% willing to recommend

273 followers

What is Netsurion?

Netsurion offers a comprehensive solution for centralized log management, SIEM, and managed services, ensuring continuous monitoring and security event analysis for diverse organizations, enhancing IT security and compliance.

Get the Netsurion Buyer's Guide and find out what your peers are saying about Netsurion, Wazuh, Microsoft Sentinel and more!

Netsurion is the #3 ranked solution in top SOC as a Service providers, #5 ranked solution in top Managed Security Services Providers (MSSP) solutions, #13 ranked solution in top Managed Detection and Response (MDR) solutions, #16 ranked solution in top Security Information and Event Management (SIEM) solutions, and #18 ranked solution in XDR Security products. PeerSpot users give Netsurion an average rating of 8.4 out of 10. Netsurion is most commonly compared to Wazuh: Netsurion vs Wazuh. Netsurion is popular among the large enterprise segment, accounting for 50% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 28% of all views.

Helped 814,649 peers since 2012

Featured reviews

John-Berry

Information Technology Manager at ProfitSolv

I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.

Read full review

Kevin Lohan

Head of IT at a venture capital & private equity firm with 11-50 employees

The most valuable feature is definitely real-time alerting, especially in situations where someone might attempt to exploit or hack into our network. For instance, if there's an unusual activity with user accounts, like a sudden surge in login attempts, the system promptly sends notifications via email, text, and even phone calls if our initial response is lacking. This holds true regardless of the time, even if it's as late as two in the morning. This capability provides me with a sense of security. Apart from this, my colleagues and I lack the time to meticulously sift through extensive logs and data. Having someone else handle the task of comprehensively analyzing the information we generate, not only pinpointing potential risks for us to counteract but also alerting us in real-time, is immensely valuable. It's truly impressive. Our workload prevents us from achieving this level of vigilance, even if we were to hire more staff. Their performance in this regard is unparalleled.

Read full review

JosephSnyder

CIO at a financial services firm with 201-500 employees

A SEIM is an SIEM. They all do the same thing. What's valuable about the Netsurion Managed XDR product is the analysis that it brings to the table. They do a really good job of filtering out; it generates a tremendous amount of data. They filter out what's needed and give me what I need to pay attention to. That's hard to do in a lot of the other products. The product provides us with a flexible solution that helps protect our entire IT environment. I only take advantage of it on the server side. I don't need it for my desktops, however, certainly, they offer that. Overall, it is quite flexible as evidenced by the fact that when it's first tuned, you get a large amount of data, and they're able to fine-tune that over time. To me, that's really important. We operate with their SOC. They are really nice guys. Great to work with. In terms of the SOC when it comes to alert monitoring and threat hunting, they do a great job. The fact that they're able to tune it for me over time and build a relationship is helpful. Some of those guys have been there for ten years. Is really important to us. They know what's valuable to us and what we want to see. We have the SOC provide a regular meeting. It's quarterly. We all get together, and I let my engineers do it over the phone. They'll let us know: "We're seeing this. This isn't important." They voluntarily call things to our attention and so on. It's a real value add working with them. The SOC is helpful for eliminating false positives. It filters out unneeded and unnecessary alerts and calls my attention to what's really important and what I need to pay attention to. Expediting incident response is really great. What's really nice is I haven't had to use it. So I don't have any examples. That said, they're really quick to respond. Again, that comes back to the SOC. They're there all the time. So they are looking at our stuff 24/7. We pay for that, yet it's a really valuable aspect of the service. Using the SOC affected our ability to focus on, for example, any other tasks. They've taken a whole bunch of work off my team and made it easier for them to do other important aspects of what we do every day in our bank. Monitoring helped to boost your SecOps productivity. It's decreasing the tedious SecOps management tasks. The time it's saved us per week is an FTE equivalent or more. That's easily 40 to 60 hours a week. It's saving my team. There's no doubt in my mind. It's probably more than that, however, I could confidently say it's 40 to 60 hours a week. The product has reduced the time to detection in my estimation. I haven't had any, however, it's clear to me that they would help. When we have had something that's been sort of fishy, they definitely chime in, and we get a notification from them almost immediately.

Read full review

Netsurion mindshare

Product category:

As of November 2024, the mindshare of Netsurion in the Managed Security Services Providers (MSSP) category stands at 0.6%, down from 1.4% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Managed Security Services Providers (MSSP)

Key learnings from peers

Last updated Oct 14, 2024

Valuable Features

Netsurion's most valuable features include its SIEM capabilities and managed services offering robust threat detection, response, and visualization. Users benefit from real-time alerts, weekly reports, a user-friendly interface, and effective dashboards. The service integrates with various applications, providing detailed threat intelligence and comprehensive log management. Its security operations center is essential for continuous monitoring, reducing SecOps workload, and improving threat detection efficiency, vital for entities lacking in-house security expertise.

"They have a number of integrations with different products. Google Workspace is one of them, and Microsoft Azure is another one. They integrate with a number of other things, such as Duo for multi-factor authentication. They can pull the logs from Duo to see if users are coming from bad repeatable IPs or if there are malicious known IPs that may be popping up in the logs. They are able to see that, and they can identify that. Some of the other integrations they do are from inside your network. For firewalls, they can integrate with SonicWall, Cisco, Fortinet, etc. They have a pretty wide variety of things to integrate with and be able to pull the logins from those devices."
"Netsurion has its own security operations center, where it tracks information that comes across our telemetry."
"What I like most about Netsurion is the level of visibility and reporting."

Room for Improvement

Netsurion requires improvements in agent deployment and report generation, which users find cumbersome. The search functionality is slow, especially for older events. The interface needs enhancement for ease of use and search efficiency. Users experience issues with system requirements, agent integration, and log retrieval. The communication could be improved alongside quicker threat detection and response times. There's a need for better integration and notifications without dependency on specific hardware.

"They have their programs and tools that you have to put into your own environment. We basically ingest all the log data and then push it out to them. I wish it was a little bit different than that where we just push directly towards them. I do not know if that is a function that they thought would be better in terms of security, but I wish that instead of doing that, it should go from the device to them and not from the device to another system and then out to them. There seem to be some drawbacks to doing that."
"Netsurion's SOC can be a bit too aggressive at times."
"There's always room to improve because there would be no competition if they had a perfect solution. The GUI to perform searches within the product may not be intuitive to a new user."

ROI

Several users report significant time savings with Netsurion, eliminating manual processes and dedicating resources to other tasks. They highlight substantial cost efficiency compared to hiring additional staff. While tracking financial ROI may not be precise, they appreciate the value in enhanced productivity and security monitoring. Many mention annual savings surpassing potential employee costs and express confidence in risk management improvements provided by the system.

Pricing

Netsurion offers competitive and flexible pricing, with a managed service value that many find equivalent to a full-time engineer at a lower cost. Licenses can be based on device count or subscription models, making it adaptable for different needs. While some users consider it expensive compared to newer products, many appreciate the overall value and lack of hidden costs. Netsurion's pricing is largely deemed fair, and its SIEM solution stands out for tailored services.

"It is a bit expensive as compared to some of the other products that have come out in recent years. Expense-wise, the only downside is that it is not cheap."
"Our pricing for Netsurion last year was US $52,000 per year."
"Netsurion's pricing is extremely fair and flexible. The price of their SIEM product is reasonable, and you can pay for those services you want on top of that. It wasn't cheap, but it's competitive, and we intend to renew our contract."

Popular Use Cases

Organizations primarily use Netsurion for comprehensive security incident and event management, compliance requirements, log aggregation, and real-time alerts. It supports risk identification by monitoring logs from systems like Windows, Cisco devices, and Active Directory. Additionally, they leverage Netsurion for delivering daily reports, vulnerability assessments, and managed SOC services, providing visibility, threat detection, and cybersecurity enhancement through centralized log management and analysis, crucial for teams with limited security resources or decentralized operations.

Service and Support

Netsurion's customer service and support are praised for being responsive and effective, offering quick response times and consistent communication. Users appreciate the dedicated teams familiar with their specific needs, although time zone differences occasionally lead to delays. The team excels in technical expertise and proactive management, assisting efficiently with emergencies and providing valuable follow-ups. Some mention room for improvement, particularly in administrative processes, but overall, they recognize strong support and well-coordinated services.

Deployment

Most users found Netsurion's initial setup straightforward, with support provided by Netsurion. Deploying agents and integrating with systems like firewalls and routers was simple for experienced teams. Some users faced complex processes needing significant time for configuration and understanding of data capture and alerts. The onboarding duration ranged from a few days to several months. Users appreciated Netsurion's guidance and support, although a few encountered challenges with communication and integration, particularly with unique or specialized systems.

Scalability

Netsurion exhibits effective scalability, handling diverse environments without significant issues. Users report smooth operation across numerous devices and endpoints, both on-premises and in the cloud. There are positive responses concerning the support for various log sources and event volumes. Some users experienced limitations in data ingestion complexity and storage, yet the solution adapts well to growing organizations. Scaling down is manageable, and transitioning to the cloud may improve scalability further.

Stability

Netsurion exhibits a high level of stability, with rare downtime mostly attributed to server maintenance or specific hardware issues. Users appreciate recent version upgrades, noting significant improvements in performance and troubleshooting efficiency. Some have experienced minor issues with endpoint agents requiring manual intervention, but overall satisfaction remains positive due to reliable performance and responsive support. Development in alert capabilities and improved query speeds are recognized, enhancing user experience and functionality of its services.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Netsurion Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

28%

Government

Manufacturing Company

Financial Services Firm

Retailer

Real Estate/Law Firm

Non Profit

Healthcare Company

Outsourcing Company

Insurance Company

Media Company

Legal Firm

University

Comms Service Provider

Hospitality Company

Construction Company

Wholesaler/Distributor

Energy/Utilities Company

Educational Organization

Logistics Company

Transportation Company

Pharma/Biotech Company

Security Firm

Marketing Services Firm

Recreational Facilities/Services Company

Aerospace/Defense Firm

Performing Arts

Compare Netsurion with alternative products

Learn more about Netsurion

Netsurion centralizes event management through SIEM and managed services. Organizations leverage it for vulnerability assessment and intrusion detection, integrating logs from Windows, Linux, and network devices. Its SOC provides 24/7 monitoring, ensuring compliance with PCI and audit standards. Real-time alerts and efficient log data aggregation enhance threat identification and response. Weekly reports and insights into user lockouts contribute to robust security management, beneficial for firms with constrained resources.

What are some key features of Netsurion?

SIEM Integration: Centralizes security event data for easier management.
Managed Services: Provides 24/7 SOC monitoring and support.
Real-TIme Alerts: Notifies of unusual security events promptly.
Threat Intelligence: Delivers actionable insights for proactive defense.
Seamless Platform Integration: Compatible with Office 365, firewalls, and other platforms.

How can companies benefit from using Netsurion?

Enhanced Security Management: Real-time monitoring and alerts streamline threat response.
PCI Compliance: Supports meeting audit and regulatory requirements efficiently.
Resource Optimization: Weekly reports and detailed insights aid decision-making for limited-resource organizations.
Improved Threat Detection: Consolidating logs and real-time intelligence helps in identifying threats swiftly.

Netsurion is implemented across industries like finance, healthcare, and retail, where security is crucial. These sectors require robust monitoring and compliance solutions, utilizing Netsurion's seamless integration with their existing infrastructure to manage security operations effectively, addressing both regulatory needs and threat management.

Netsurion was previously known as Netsurion Managed Threat Protection, Netsurion EventTracker.