We performed a comparison between Arctic Wolf Managed Detection and Response and Netsurion based on real PeerSpot user reviews.
Find out in this report how the two SOC as a Service solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Binary Defense's most valuable feature is the 24/7 monitoring and threat hunting. Their team checks the latest breaches and how they're done."
"Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."
"The most valuable feature is reviewing tickets and the notes added by technicians."
"One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."
"The customization has been the most valuable aspect and was really the reason we ended up selecting Binary Defense. They worked with us to provide exactly the level of support, features, response, and collaboration we needed."
"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."
"The most valuable features are the SIEM and the ticketing function; the latter is very smooth and easy to read and understand. We don't have any issues looking at the ticketing information when we're trying to identify what's going on."
"Binary Defense has a human service department that provides live monitoring for our systems."
"Arctic Wolf is our eyes and ears 24/7 because we can't possibly watch all of our alerts. We may see all of these alerts, but our attention is distracted because we're working on other things."
"They have a portal where you can evaluate and mitigate any vulnerabilities that you and your network might have."
"The integration between Cisco AMPs and the Windows servers is most valuable. So, they can also sandbox machines on which they see something suspicious."
"The visibility into our endpoints is huge."
"Having quarterly meetings with the team to review the last 90 days and determine what if any changes need to be made."
"The agents give pretty good visibility into what is happening at the endpoint."
"This service makes answering audits much easier since it covers so many security best practices."
"We can effectively manage the massive amounts of security data that we receive from various sources such as firewalls, switches, endpoints, and other log sources."
"If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically."
"The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls in."
"Expediting incident response is really great."
"The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats."
"When it comes to threat detection and response, it does a very good job detecting and blocking on its own. And the SOC is a nice added value because they're doing analysis on things that aren't as obvious, on things that you can't just detect with a signature or behavior. Also, any SIEM will come with a lot of noise, so having them do a lot of the initial analysis to find out what's critical and what issues are false alarms is very good."
"Netsurion has its own security operations center, where it tracks information that comes across our telemetry."
"They have a number of integrations with different products. Google Workspace is one of them, and Microsoft Azure is another one. They integrate with a number of other things, such as Duo for multi-factor authentication. They can pull the logs from Duo to see if users are coming from bad repeatable IPs or if there are malicious known IPs that may be popping up in the logs. They are able to see that, and they can identify that. Some of the other integrations they do are from inside your network. For firewalls, they can integrate with SonicWall, Cisco, Fortinet, etc. They have a pretty wide variety of things to integrate with and be able to pull the logins from those devices."
"We don't have the eyeballs available to stare and watch for things, or even have the capability of building internal alert systems. So, the managed SOC has been huge for freeing up staff to work on other responsibilities. We are saving on at least one full-time employee."
"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."
"I would like to see more frequent check-ins with our security status."
"It's sometimes difficult to know when to engage Binary Defense or TrustedSec, their sister company. TrustedSec is more focused on offensive security, as opposed to the defensive security that the MDR solution provides. It would be awesome if there were a better bridge between that relationship for when we need to get more proactive services or when we need to do a penetration test."
"The only area I see for improvement with Binary Defense is their service portal. It could benefit from some enhancements."
"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."
"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."
"We found a couple of bugs in the user interface."
"Binary Defense MDR could be even better with additional features, like automatic scans and file quarantine."
"While it isn't a regular occurrence, there have been some gaps in response to some support questions. Questions get answered, yet there are times it takes longer than I'm comfortable with."
"It can sometimes take up to an hour to get notification of a problem and that's a long time."
"More integrations with various security tools to improve data ingestion would be beneficial."
"The implementation process could be a little more streamlined."
"I would like to see them build the ability to co-sell an EDR platform, manage an EDR or manage the actual response, potentially from the issues that are coming up from the security risks."
"It would be great if the whole process of determining vendor risk could be simplified by Arctic Wolf."
"It will be helpful if the dashboard is more granular."
"We get a lot of false alarms, but that's because they don't know our network in detail. I think that could be alleviated if we told them more about our network so they could create rules to skip some of those things."
"Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging."
"The threat detection and response is passive. We have asked if there were options for taking action, and we have not gotten any feedback on that, which would be useful to know. Depending on the situation and threat, some actions may not be possible, but we haven't gotten any feedback on what options could be directed and actionable with the understanding that it may have an extra cost. It would be nice to know or find out if it is actually possible to take actions by a SIEM service or a SIEM agent."
"The biggest problem is that we have too many domain controllers. So, we have to keep all the clients and main system updated with the latest versions along with making sure all the firewalls are open."
"The system requirements are very, very high. So I need a pretty powerful server to run. If they could lighten that load so that the on-premise part of their product didn't impact my systems as much that would be ideal."
"They have their programs and tools that you have to put into your own environment. We basically ingest all the log data and then push it out to them. I wish it was a little bit different than that where we just push directly towards them. I do not know if that is a function that they thought would be better in terms of security, but I wish that instead of doing that, it should go from the device to them and not from the device to another system and then out to them. There seem to be some drawbacks to doing that."
"The weekly reporting could use some improvement. For example, when we handed them our landscape document, it took longer than I would have liked for those details to become noticeable within the reports."
"Netsurion's SOC can be a bit too aggressive at times."
"We get a report generated on a particular day of the week and we go through it, trying to mitigate problems and make sure we're seeing everything that's happening. It would be helpful if the SOC spent a little more time with us going through some of those reports."
More Arctic Wolf Managed Detection and Response Pricing and Cost Advice →
Arctic Wolf Managed Detection and Response is ranked 1st in SOC as a Service with 17 reviews while Netsurion is ranked 3rd in SOC as a Service with 24 reviews. Arctic Wolf Managed Detection and Response is rated 9.2, while Netsurion is rated 8.4. The top reviewer of Arctic Wolf Managed Detection and Response writes "Very good support, excellent visibility, and useful security bulletins". On the other hand, the top reviewer of Netsurion writes "The SOC center monitors, hunts, and notifies us of threats around the clock". Arctic Wolf Managed Detection and Response is most compared with CrowdStrike Falcon Complete, Red Canary, Huntress, Adlumin Security Operations Platform and Expel, whereas Netsurion is most compared with CyberHat CYREBRO. See our Arctic Wolf Managed Detection and Response vs. Netsurion report.
See our list of best SOC as a Service vendors and best Managed Detection and Response (MDR) vendors.
We monitor all SOC as a Service reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
