Elastic Security vs Netsurion comparison

Read 24 Netsurion reviews

764 Views
327 Comparison Views

92% willing to recommend

Elastic Security

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

Elastic Security and Netsurion are two prominent products in the cybersecurity space. While Elastic Security offers advanced analytics, Netsurion holds the upper hand in managed security services.

Features: Elastic Security is known for its powerful analytics, comprehensive threat detection, and response features. Netsurion shines with managed security services, seamless integration capabilities, and hands-on customer support.

Room for Improvement: Elastic Security could have a more intuitive learning curve, enhanced documentation, and better initial setup support. Netsurion needs to improve its incident response times, user role customization, and expand its service offerings.

Ease of Deployment and Customer Service: Elastic Security offers flexible deployment but can be challenging to set up without expertise. Users require better customer support during deployment. Netsurion provides a straightforward deployment process with hands-on customer support, which is favored by users who prefer guided setup.

Pricing and ROI: Elastic Security has a higher setup cost but delivers significant ROI through its extensive features and robust capabilities. Netsurion offers competitive pricing and good ROI, especially with its managed services model, offsetting costs for companies without an in-house security team.

To learn more, read our detailed Elastic Security vs. Netsurion Report (Updated: October 2024).

Elastic Security vs. Netsurion

October 2024

Download the complete report

Helped 814,649 peers since 2012

Categories and Ranking

Elastic Security

Ranking in Security Information and Event Management (SIEM)

5th

Ranking in Extended Detection and Response (XDR)

8th

Average Rating

7.6

Number of Reviews

Ranking in other categories

Log Management (5th), Endpoint Detection and Response (EDR) (16th), Security Orchestration Automation and Response (SOAR) (6th)

Netsurion

Ranking in Security Information and Event Management (SIEM)

16th

Ranking in Extended Detection and Response (XDR)

18th

Average Rating

8.4

Number of Reviews

Ranking in other categories

Managed Security Services Providers (MSSP) (5th), SOC as a Service (3rd), Managed Detection and Response (MDR) (13th)

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Elastic Security is 7.3%, down from 9.1% compared to the previous year. The mindshare of Netsurion is 0.3%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Gajewski Marek

Chief Technology Officer & Co-founder at CS2

Aug 13, 2024

Provides good anomaly detection and connectivity reporting

I use Elastic Security to aggregate all logs from different devices in one place. It works pretty well and provides one overview of everything The solution's most valuable features are anomaly detection and connectivity reporting. Elastic Security also has many automation capabilities, which can…

Read full review

John-Berry

Information Technology Manager at ProfitSolv

Sep 11, 2023

The SOC center monitors, hunts, and notifies us of threats around the clock

I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."

"It is the best open-source product for people working in SO, managing and analyzing logs."

"It is scalable."

"It's open-source and free to use."

"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."

"The feature that we have found the most valuable is scalability."

"It can handle millions of loads at a time, and you can always use the filters to find exactly what you are looking for and detect errors in every log message you are searching for, basically."

"What customers found most valuable in Elastic Security feature-wise is the search capability, in particular, the way of writing the search query and the speed of searching for results."

More Elastic Security pros

"If I were to look at logs manually, there's no way I could do that. As an example, they are 48 million logs processed a day. There is no way I could look at all 48 million of those. So, it gives me a good structure to be able to look at the different incidents which are created and do different searches."

"Netsurion has its own security operations center, where it tracks information that comes across our telemetry."

"The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats."

"We don't have the eyeballs available to stare and watch for things, or even have the capability of building internal alert systems. So, the managed SOC has been huge for freeing up staff to work on other responsibilities. We are saving on at least one full-time employee."

"There are a host of things that are most valuable. Obviously monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our switches, all that stuff. They aggregate and correlate that quarterly. They'll tell us if we're getting a lot of login failures and something is going on or if something's weird."

"They have what they call Elasticsearch which is very quick, although that's only available for the last seven days' worth of data. It used to be that, if I wanted to do a search from three days ago, it might take me 10 to 15 minutes because it had to actually unzip some archive files. So I really like that feature. It's almost instantaneous for anything within the last seven days."

"When I looked last week, we probably averaged about 20 million log entries a day. So, we certainly can't individually manage that. Just looking at the reports, then trying to go back and find anything that was questionable, was a challenge. Therefore, the managed service has been invaluable to us in terms of being able to narrow the scope of what really needs to be looked at and bringing those things to our attention to be dealt with."

"The product satisfies our compliance, and thus, all of our auditors. All of the data that we use and store for all security events is required by our auditors to be kept in a central storage location."

More Netsurion pros

Cons

"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."

"The solution's query building is not that intuitive compared to other solutions."

"I would like more ways to manage permissions and restrict access to certain users."

"The solution's basic setup takes time, and a lot of effort is required from the beginning to make it actually work."

"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."

"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."

"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."

"The tool should improve its scalability."

More Elastic Security cons

"The deployment of the agents could be a bit easier. We always seem to have a bit of a challenge with that. A lot of times the agents either don't deploy or they quit responding, then we have to go and redeploy them."

"I would also like to have a dashboard that I can access anytime to review the real-time data from their website."

"The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later."

"The threat detection and response is passive. We have asked if there were options for taking action, and we have not gotten any feedback on that, which would be useful to know. Depending on the situation and threat, some actions may not be possible, but we haven't gotten any feedback on what options could be directed and actionable with the understanding that it may have an extra cost. It would be nice to know or find out if it is actually possible to take actions by a SIEM service or a SIEM agent."

"I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events."

"The weekly reporting could use some improvement. For example, when we handed them our landscape document, it took longer than I would have liked for those details to become noticeable within the reports."

"The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated."

"They have their programs and tools that you have to put into your own environment. We basically ingest all the log data and then push it out to them. I wish it was a little bit different than that where we just push directly towards them. I do not know if that is a function that they thought would be better in terms of security, but I wish that instead of doing that, it should go from the device to them and not from the device to another system and then out to them. There seem to be some drawbacks to doing that."

More Netsurion cons

Pricing and Cost Advice

"I can say that the product is cheaply priced."

"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."

"Elastic Security is free to use."

"This is an open-source product, so there are no costs."

"We use the open-source version, so there is no charge for this solution."

"There is no charge for using the open-source version."

"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."

"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."

More Elastic Security pricing and cost advice

"When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."

"Netsurion's pricing is extremely fair and flexible. The price of their SIEM product is reasonable, and you can pay for those services you want on top of that. It wasn't cheap, but it's competitive, and we intend to renew our contract."

"The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same."

"You are paying for different levels, especially as far as the monitoring goes and how often you review it with the team. The other factor that figures in is how many nodes are on your network, such as clients, network equipment, servers, etc. There are some additional pieces on top of that, but it's laid out pretty simply, as far as how much you're going to pay for a node."

"Netsurion's pricing is competitive. At the same time, they're the only ones who do what we want to do the way we want it. I can't say we would've paid more, but we would've had to have come up with our own solution if they weren't providing that."

"I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."

"In the security space, it's hard to quantify your return on investment. So, I don't. We spend about $40,000 a year and so. It's hard to say if the SIEM saved that much money."

"Our budget follows the calendar year. We just started a new budget year at the beginning of the month. We did budget for an increase in our threat management system selection. Therefore, we have the budget to implement and accommodate a threat management system change, including an increase for the quoted actions that we received to improve EventTracker. We are just waiting on our council to approve that budget, which might not be for a little while. Hopefully, when they do, we will be able to jump on doing something."

More Netsurion pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

814,649 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

10%

Government

10%

University

Computer Software Company

28%

Government

Manufacturing Company

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...

What do you like most about Elastic Security?

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...

What is your experience regarding pricing and costs for Elastic Security?

Compared to other tools, Elastic Security is a cheaper solution.

What do you like most about Netsurion Managed Threat Protection?

Expediting incident response is really great.

What is your experience regarding pricing and costs for Netsurion Managed Threat Protection?

Their pricing is high. I don't know if it's a barrier. The quality speaks to the price. The price is the price. They provide what they promise. From a purchasing perspective, I just have to come ba...

What needs improvement with Netsurion Managed Threat Protection?

There is one area that needs improvement and that is with the agents and the server that's on-site. The system requirements are very, very high. So I need a pretty powerful server to run. If they c...

Wazuh vs Elastic Security

Comparisons

Compared 33% of the time

CrowdStrike Falcon vs Elastic Security

Compared 8% of the time

IBM Security QRadar vs Elastic Security

Compared 7% of the time

Microsoft Sentinel vs Elastic Security

Compared 7% of the time

Splunk Enterprise Security vs Elastic Security

Compared 6% of the time

More Elastic Security Competitors

Arctic Wolf Managed Detection and Response vs Netsurion

Compared 43% of the time

Sumo Logic Security vs Netsurion

Compared 31% of the time

Devo vs Netsurion

Compared 26% of the time

More Netsurion Competitors

Product Reports

Download Elastic Security product report

Elastic Security

November 2024

Download Netsurion product report

October 2024

Also Known As

Elastic SIEM, ELK Logstash

Netsurion Managed Threat Protection, Netsurion EventTracker

Learn More

Elastic

Video not available

Overview

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Netsurion offers a comprehensive solution for centralized log management, SIEM, and managed services, ensuring continuous monitoring and security event analysis for diverse organizations, enhancing IT security and compliance.

Netsurion centralizes event management through SIEM and managed services. Organizations leverage it for vulnerability assessment and intrusion detection, integrating logs from Windows, Linux, and network devices. Its SOC provides 24/7 monitoring, ensuring compliance with PCI and audit standards. Real-time alerts and efficient log data aggregation enhance threat identification and response. Weekly reports and insights into user lockouts contribute to robust security management, beneficial for firms with constrained resources.

What are some key features of Netsurion?

SIEM Integration: Centralizes security event data for easier management.
Managed Services: Provides 24/7 SOC monitoring and support.
Real-TIme Alerts: Notifies of unusual security events promptly.
Threat Intelligence: Delivers actionable insights for proactive defense.
Seamless Platform Integration: Compatible with Office 365, firewalls, and other platforms.

How can companies benefit from using Netsurion?

Enhanced Security Management: Real-time monitoring and alerts streamline threat response.
PCI Compliance: Supports meeting audit and regulatory requirements efficiently.
Resource Optimization: Weekly reports and detailed insights aid decision-making for limited-resource organizations.
Improved Threat Detection: Consolidating logs and real-time intelligence helps in identifying threats swiftly.

Netsurion is implemented across industries like finance, healthcare, and retail, where security is crucial. These sectors require robust monitoring and compliance solutions, utilizing Netsurion's seamless integration with their existing infrastructure to manage security operations effectively, addressing both regulatory needs and threat management.

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care

The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores