CIO at a financial services firm with 201-500 employees
Real User
Top 10
2023-08-23T15:52:00Z
Aug 23, 2023
There is one area that needs improvement and that is with the agents and the server that's on-site. The system requirements are very, very high. So I need a pretty powerful server to run. If they could lighten that load so that the on-premise part of their product didn't impact my systems as much that would be ideal. My understanding is that's something they already know and are working on. If they could do that, I'd be even happier with them.
Head of IT at a venture capital & private equity firm with 11-50 employees
Real User
Top 20
2023-08-22T16:55:00Z
Aug 22, 2023
I appreciate the recordings that Netsurion provides on Power BI for our monthly meetings. I would also like to have a dashboard that I can access anytime to review the real-time data from their website.
Network Administrator at a construction company with 501-1,000 employees
Real User
2022-01-04T18:26:00Z
Jan 4, 2022
I would like faster responses when things are found. For example, when they inform me, it is usually when they begin to respond. The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later. Their SOC team can't understand our network because they haven't worked in the actual company. This does negatively affect security posture, e.g., if you don't have knowledge about the network, then you will miss things. Personally, I would have deployed it on its own independent server. It uses a lot of IOPS and resources. Now, we have contention between our other servers on the same cluster.
VP of IT Systems at Carteret-Craven Electric Cooperative
Real User
2021-11-16T23:29:00Z
Nov 16, 2021
I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events.
Cyber Security Specialist at a financial services firm with 11-50 employees
Real User
2021-11-16T14:16:00Z
Nov 16, 2021
The product is based on an agent initially intended to talk internally, and they've simply tweaked it to talk externally. It's inside of a network versus talking on the internet. If they redeveloped the product to use internet options that are part of the operating system, it would add more security. Netsurion would keep pace with the computer as it updates and the technologies change. If it were to talk using the internet options inherent in the operating system, the communication would be better and more frequent. It would be part of the operating system. It would work like opening a browser and hitting the internet rather than being a standalone solution. I've suggested redeveloping the application to work more fluidly with current technology instead of working as an old solution in a new application.
Lead Security Analyst at a leisure / travel company with 1,001-5,000 employees
Real User
2021-09-09T19:27:00Z
Sep 9, 2021
The weekly reporting could use some improvement. For example, when we handed them our landscape document, it took longer than I would have liked for those details to become noticeable within the reports.
Netsurion offers a comprehensive solution for centralized log management, SIEM, and managed services, ensuring continuous monitoring and security event analysis for diverse organizations, enhancing IT security and compliance.Netsurion centralizes event management through SIEM and managed services. Organizations leverage it for vulnerability assessment and intrusion detection, integrating logs from Windows, Linux, and network devices. Its SOC provides 24/7 monitoring, ensuring compliance with...
There is one area that needs improvement and that is with the agents and the server that's on-site. The system requirements are very, very high. So I need a pretty powerful server to run. If they could lighten that load so that the on-premise part of their product didn't impact my systems as much that would be ideal. My understanding is that's something they already know and are working on. If they could do that, I'd be even happier with them.
I appreciate the recordings that Netsurion provides on Power BI for our monthly meetings. I would also like to have a dashboard that I can access anytime to review the real-time data from their website.
I would like faster responses when things are found. For example, when they inform me, it is usually when they begin to respond. The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later. Their SOC team can't understand our network because they haven't worked in the actual company. This does negatively affect security posture, e.g., if you don't have knowledge about the network, then you will miss things. Personally, I would have deployed it on its own independent server. It uses a lot of IOPS and resources. Now, we have contention between our other servers on the same cluster.
I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events.
The product is based on an agent initially intended to talk internally, and they've simply tweaked it to talk externally. It's inside of a network versus talking on the internet. If they redeveloped the product to use internet options that are part of the operating system, it would add more security. Netsurion would keep pace with the computer as it updates and the technologies change. If it were to talk using the internet options inherent in the operating system, the communication would be better and more frequent. It would be part of the operating system. It would work like opening a browser and hitting the internet rather than being a standalone solution. I've suggested redeveloping the application to work more fluidly with current technology instead of working as an old solution in a new application.
The weekly reporting could use some improvement. For example, when we handed them our landscape document, it took longer than I would have liked for those details to become noticeable within the reports.