Fortra's Alert Logic MDR vs Netsurion comparison

Comparison Buyer's Guide

Executive Summary

We performed a comparison between Fortra's Alert Logic MDR and Netsurion based on real PeerSpot user reviews.

Find out in this report how the two SOC as a Service solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Fortra's Alert Logic MDR vs. Netsurion Report (Updated: June 2024).

Buyer's Guide

Fortra's Alert Logic MDR vs. Netsurion

June 2024

Download the complete report

Helped 790,002 peers since 2012

Categories and Ranking

Binary Defense MDR

Featured Reviews

Jay Ketchaver

Senior Manager of Information Technology and Security at a comms service provider with 51-200 employees

Dec 7, 2023

Offers stability, quick response times, and great tech support

I like Binary Defense MDR's customizability. They have been great with technical support, customer service, and our account managers. Always happy with their overall support. Using Binary Defense has brought our organization more peace of mind and excellent security. Fortunately, we haven't faced major cybersecurity issues, but I trust that if we did, Binary Defense would catch them before things got out of hand. It has significantly improved our security posture compared to before we had them and it has greatly reduced my IT team's workload. It also saves me time, at least an hour a day or more. I love our partnership with Binary Defense. Bringing it to the board has made my life much easier and provides me with significant peace of mind. If you don't see your enterprise MDR provider as an extension of your team, you probably have a strong team. However, Binary Defense is so focused on security that they are top-notch in our view. They are a trusted partner for us.

Read full review

George Pate

Facility Manager at a tech services company with 10,001+ employees

Apr 18, 2023

A product that is a highly scalable and provides the functionalities of a SIEM solution to its users

My main issue with them was the constant need for meetings to discuss developing the API model we needed. It felt like we were always in and out of meetings trying to figure it out. It would be great if they could create a more user-friendly experience, like a drag-and-drop interface or a website builder, where clients could build their own API without needing access to the back end. Let me choose the specific tools I want to use and be able to set a price for each of them. Maybe I don't need the entire package in my environment, but I really just want the IDS/IPS. I don't like Splunk or one of the other providers, like Rapid7, who don't work well for me in my environment. So, I suggest having packages for small to medium-sized businesses, even if the primary focus is on larger companies.

Read full review

John-Berry

Information Technology Manager at ProfitSolv

Sep 11, 2023

The SOC center monitors, hunts, and notifies us of threats around the clock

I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Binary Defense is comprehensive. We see most of the questionable activity. Once you see things a couple of times and are familiar with the processes, you know what those are. The level of activity is definitely favorable."

"With Binary Defense, we don't just get an alert, but also a detailed rundown of why they're alerting us on it. They tell us what was executed, or the username, script, or IP. That way, we're not wasting time investigating."

"One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."

"The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."

"The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."

"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."

"Binary Defense has a human service department that provides live monitoring for our systems."

"The customization has been the most valuable aspect and was really the reason we ended up selecting Binary Defense. They worked with us to provide exactly the level of support, features, response, and collaboration we needed."

More Binary Defense MDR pros

"The solution was consistently available, and I cannot recall any instances where it was down."

"While I still have on-premises appliances, I can remotely monitor everything from the cloud, and Alert Logic's ease-of-access features have helped me streamline my workflow and reduce implementation time."

"It improves our security. Before, we didn't have anything scanning our containers. We had software scanning all the physical servers, but we had nothing to scan our containers. With Alert Logic, we can do that."

"Notifications and the detail of notifications are most valuable. It is a user-friendly solution."

"We receive infrastructure security warnings from it. So, we know what is going on and what needs to be addressed."

"It has the ability to install agents. It is pretty straightforward. You can automate the process pretty easily."

"The quicker implementation of changes to our infrastructure from Alert Logic tell us if there are any problems."

"The installation and configuration were slick."

More Fortra's Alert Logic MDR pros

"They have what they call Elasticsearch which is very quick, although that's only available for the last seven days' worth of data. It used to be that, if I wanted to do a search from three days ago, it might take me 10 to 15 minutes because it had to actually unzip some archive files. So I really like that feature. It's almost instantaneous for anything within the last seven days."

"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."

"I like EventTracker's dashboard. I see it every time I log in because it's the first thing you get to. We have our own widgets that we use. For the sake of transparency, there are a few widgets that we look at there and then we move out from there... Among the particularly helpful widgets, the not-reporting widget is a big one. The number-of-logs-processed is also a good one."

"If I were to look at logs manually, there's no way I could do that. As an example, they are 48 million logs processed a day. There is no way I could look at all 48 million of those. So, it gives me a good structure to be able to look at the different incidents which are created and do different searches."

"If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically."

"I really appreciate the fact that the dashboard breaks everything down into a pretty easy view for me... It shows what changes are happening to privileged user accounts, access and identity, what's cropping up. It shows application activity and whether we've got system resources that aren't online and being found anymore. It's a pretty simple, easy, quick hit and there are the supporting logs behind it. If I need to drill down further, I can do that quickly. It's very effective."

"What I like most about Netsurion is the level of visibility and reporting."

"The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats."

More Netsurion pros

Cons

"It's hard to think of anything that they need to improve on, but just to point out something, I would like to see them provide advanced XDR."

"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."

"We found a couple of bugs in the user interface."

"I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine."

"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."

"I would like to see more frequent check-ins with our security status."

"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."

"The current reporting system could benefit from improvement."

More Binary Defense MDR cons

"The setup process was complex."

"As a user involved with the user interface, I believe there is a need to continue improving it based on feedback from our customers."

"Could be more of an endpoint protector."

"I would like more data on the alert payload. It would be good to have the ability to customize the alert payload to add whatever data that we want on there. Right now, it is a bit limited."

"We'd like to have triggered alerts sent to us so we see errors quicker."

"I would like to see it do initial scans and start capturing data, which it will truly analyze, not just be a reporting system saying, "Here is an email. Here is an email. Here is an email.""

"They have ideas and email you whatever they find, but they don't have a dedicated security team who will work on an attack or a specific security instance."

"The documentation, especially with the initial setup, needs improvement."

More Fortra's Alert Logic MDR cons

"The threat detection and response is passive. We have asked if there were options for taking action, and we have not gotten any feedback on that, which would be useful to know. Depending on the situation and threat, some actions may not be possible, but we haven't gotten any feedback on what options could be directed and actionable with the understanding that it may have an extra cost. It would be nice to know or find out if it is actually possible to take actions by a SIEM service or a SIEM agent."

"We get a report generated on a particular day of the week and we go through it, trying to mitigate problems and make sure we're seeing everything that's happening. It would be helpful if the SOC spent a little more time with us going through some of those reports."

"There are some issues with searches taking a long period of time, but they assured me that they have implemented a new search function that's available in version 9, but which requires a solid-state hard drive... Depending on how many logs you have it could take a long time to return the results if you're looking back prior to the last 30 days."

"With version 8, there are quite a few things. The query tool was one of the big ones, and the query speed was one of the big ones, but they've made some great strides between versions 8 and 9. There were also issues in version 8 around the ability to get the data back out. It's one thing to collect data, but it's a whole other thing to be able to present it or run it in a timely manner. The old tool, depending on how far back I was looking, might even time out and I would have to run it again."

"The deployment of the agents could be a bit easier. We always seem to have a bit of a challenge with that. A lot of times the agents either don't deploy or they quit responding, then we have to go and redeploy them."

"I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events."

"Probably the biggest thing is just: Can I search for this and what's the best way to do it? If I'm looking for two events versus a singular event, I just throw it back at them. They're the experts on it."

"They have their programs and tools that you have to put into your own environment. We basically ingest all the log data and then push it out to them. I wish it was a little bit different than that where we just push directly towards them. I do not know if that is a function that they thought would be better in terms of security, but I wish that instead of doing that, it should go from the device to them and not from the device to another system and then out to them. There seem to be some drawbacks to doing that."

More Netsurion cons

Pricing and Cost Advice

"Binary Defense has changed its pricing model from being primarily based on the volume of data to one based on escalations and incidents they handle."

"From the initial cost that Binary Defense came in with, we pared it down quite a bit over the course of 30 or 60 days. My leadership would say that their cost was high, but realistically, they were in line with the market."

"After we acquired this platform, we met with a number of different vendors. Binary Defense came in with a proposal that was surprisingly affordable. In fact, we were able to recoup the cost of their services within a short period of time. This is because Binary Defense is able to provide the same level of security as a team of two or three in-house analysts but at a fraction of the cost. As a result, Binary Defense is saving us an estimated $250,000 to $300,000 per year."

"Binary Defense MDR is priced competitively and may be slightly lower than CrowdStrike."

"It's valued at the right price. Even with the number of endpoints we have, we don't feel that it's a lot more than any competitor. In fact, it might be less expensive when you look at the fact that you're getting a full flex SOC out of it along with the tools."

"The pricing is on target. Working with their sales team on pricing negotiations was a pleasant process. They were very respectful of the constraints we had and I feel that we're paying a fair price."

"The pricing is very good. They are definitely competitive and they were lower at the time that we went with them."

"The pricing isn't that bad, it's very competitive. I don't feel that it's over-priced and I don't feel that it's under-priced."

More Binary Defense MDR pricing and cost advice

"Its pricing is very reasonable considering what you get for what you pay. There is quite a good value there. Its licensing is also very logical. They've got the licensing price points at a reasonable level. It is on a monthly license but a yearly contract. There are no additional costs to the standard licensing fees."

"Price of the solution was very reasonable considering the size of our organization at the time, and so it worked out perfectly."

"Alert Logic has better competitive pricing than some of its competitors."

"Almost any product that is on the AWS Marketplace is super easy to subscribe to."

"Our ROI would probably be zero. We don't even use it. It sits in there. We get emails and just delete them. Around the world, we don't even use it."

"I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."

"The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value."

"Our budget follows the calendar year. We just started a new budget year at the beginning of the month. We did budget for an increase in our threat management system selection. Therefore, we have the budget to implement and accommodate a threat management system change, including an increase for the quoted actions that we received to improve EventTracker. We are just waiting on our council to approve that budget, which might not be for a little while. Hopefully, when they do, we will be able to jump on doing something."

"When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."

"Netsurion's pricing is competitive. At the same time, they're the only ones who do what we want to do the way we want it. I can't say we would've paid more, but we would've had to have come up with our own solution if they weren't providing that."

"In the security space, it's hard to quantify your return on investment. So, I don't. We spend about $40,000 a year and so. It's hard to say if the SIEM saved that much money."

"Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good."

"The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high."

More Netsurion pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which SOC as a Service solutions are best for your needs.

See recommendations

790,002 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

18%

Healthcare Company

Manufacturing Company

Financial Services Firm

Computer Software Company

17%

Financial Services Firm

11%

Manufacturing Company

Healthcare Company

Computer Software Company

28%

Manufacturing Company

12%

Government

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Binary Defense MDR?

The most valuable feature is reviewing tickets and the notes added by technicians.

See all answers

What is your experience regarding pricing and costs for Binary Defense MDR?

Binary Defense is reasonably priced, considering that it saves us from hiring personnel and deters threats that could...

See all answers

What needs improvement with Binary Defense MDR?

The only area I see for improvement with Binary Defense is their service portal. It could benefit from some enhanceme...

See all answers

What do you like most about Alert Logic?

The most valuable aspect of Alert Logic is its technology platform. They have SOCs in the US and Europe, giving them ...

See all answers

What is your experience regarding pricing and costs for Alert Logic?

Alert Logic's license is one of the most competitive. They deliver a high-quality service for a competitive price.

See all answers

What needs improvement with Alert Logic?

Alert Logic should also develop an EDR that is natively integrated into their solution. Currently, a client must buy ...

See all answers

What do you like most about Netsurion Managed Threat Protection?

Expediting incident response is really great.

See all answers

What is your experience regarding pricing and costs for Netsurion Managed Threat Protection?

Their pricing is high. I don't know if it's a barrier. The quality speaks to the price. The price is the price. They ...

See all answers

What needs improvement with Netsurion Managed Threat Protection?

There is one area that needs improvement and that is with the agents and the server that's on-site. The system requir...

See all answers

Comparisons

Darktrace vs Binary Defense MDR

Compared 38% of the time

SentinelOne Singularity Complete vs Binary Defense MDR

Compared 21% of the time

Cortex XDR by Palo Alto Networks vs Binary Defense MDR

Compared 15% of the time

CrowdStrike Falcon vs Binary Defense MDR

Compared 14% of the time

Arctic Wolf Managed Detection and Response vs Binary Defense MDR

Compared 12% of the time

More Binary Defense MDR Competitors

Arctic Wolf Managed Detection and Response vs Fortra's Alert Logic MDR

Compared 21% of the time

CrowdStrike Falcon Complete vs Fortra's Alert Logic MDR

Compared 20% of the time

Sophos MDR vs Fortra's Alert Logic MDR

Compared 13% of the time

Rapid7 InsightIDR vs Fortra's Alert Logic MDR

Compared 12% of the time

SentinelOne Vigilance vs Fortra's Alert Logic MDR

Compared 11% of the time

More Fortra's Alert Logic MDR Competitors

Arctic Wolf Managed Detection and Response vs Netsurion

Compared 54% of the time

CyberHat CYREBRO vs Netsurion

Compared 26% of the time

Sumo Logic Security vs Netsurion

Compared 19% of the time

More Netsurion Competitors

Product Reports

Buyer's Guide

Binary Defense MDR

June 2024

Download Binary Defense MDR product report

Buyer's Guide

Fortra's Alert Logic MDR

June 2024

Download Fortra's Alert Logic MDR product report

Buyer's Guide

Netsurion

June 2024

Download Netsurion product report

Also Known As

Binary Defense Vision, Binary Defense Managed Detection and Response, Binary Defense Managed Detection & Response

Alert Logic MDR, Alert Logic Managed Detection and ResponseAlert Logic Threat Manager, Alert Logic Cloud Defender, Critical Watch FusionVM

Netsurion Managed Threat Protection, Netsurion EventTracker

Learn More

Binary Defense

Fortra

Video not available

Netsurion

Overview

Binary Defense provides a Managed Detection and Response service using an Open XDR strategy that detects and isolates threats early in the attack lifecycle. Expert security analysts in the Binary Defense Security Operations Center leverage an attacker’s mindset, monitoring your environments for security events 24x7x365 and acting as an extension of your security teams. When a security event occurs, Binary Defense analysts triage, disposition, and prioritize the event. Analysts conduct full kill chain analysis and supply tactical and strategic mitigation recommendations to your security team with the goal of increasing your organization’s security posture against the latest adversary threats.

Visit us online at https://www.binarydefense.com

For more than 20 years, Alert Logic has collaborated with customers to improve their security posture for cloud, on-premises, and hybrid environments. Our commitment to continuous, 24/7 threat detection from our highly experienced security operations center (SOC) team members provides peace of mind to every customer. No matter where your organization is in its security journey, Alert Logic’s extensive breadth and depth of coverage and comprehensive visibility will enhance your security posture.

Alert Logic MDR combines an industry-leading platform, comprehensive coverage, superior threat intelligence, and a highlyskilled SOC team to deliver the security outcomes you need. Our tailored MDR service will meet your specific requirements, ensuring you are equipped to protect your critical systems.

Our open XDR platform unifies your existing security telemetry to deliver wider attack surface coverage and deeper threat analytics resulting in greater security visibility. Our SOC does the heavy lifting for you of proactive threat hunting, event correlation and analysis, and provides you with guided remediation. The result is a force multiplier that allows your IT team to be confident and in control again while also maximizing all of your cybersecurity investments.

Sample Customers

Securitas USA, Black Hills Energy, Lincoln Electric,The J.M. Smuckers Company, New York Community Bank, State of Connecticut, NCR

The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores

Buyer's Guide

Fortra's Alert Logic MDR vs. Netsurion

June 2024

Free Report: Fortra's Alert Logic MDR vs. Netsurion

Find out what your peers are saying about Fortra's Alert Logic MDR vs. Netsurion and other solutions. Updated: June 2024.

DOWNLOAD NOW

790,002 professionals have used our research since 2012.

See our Fortra's Alert Logic MDR vs. Netsurion report.

See our list of best SOC as a Service vendors and best Managed Detection and Response (MDR) vendors.

We monitor all SOC as a Service reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.