We performed a comparison between Alert Logic and Netsurion based on real PeerSpot user reviews.
Find out in this report how the two SOC as a Service solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."
"Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."
"Binary Defense has a human service department that provides live monitoring for our systems."
"With Binary Defense, we don't just get an alert, but also a detailed rundown of why they're alerting us on it. They tell us what was executed, or the username, script, or IP. That way, we're not wasting time investigating."
"The best part about Binary Defense MDR is that it runs on everything, and they keep an eye on things 24/7."
"The customization has been the most valuable aspect and was really the reason we ended up selecting Binary Defense. They worked with us to provide exactly the level of support, features, response, and collaboration we needed."
"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."
"One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."
"The initial setup is pretty straightforward."
"It has the ability to install agents. It is pretty straightforward. You can automate the process pretty easily."
"Everything is in one dashboard; I'm notified when there's an incident and advised on what steps to take."
"We receive infrastructure security warnings from it. So, we know what is going on and what needs to be addressed."
"The quicker implementation of changes to our infrastructure from Alert Logic tell us if there are any problems."
"The most valuable aspect of Alert Logic is its technology platform. They have SOCs in the US and Europe, giving them global visibility of the threat landscape. They detect and respond to threats in minutes. Their biggest value is human expertise. You're being attacked by a human, and you cannot respond to it unless you have a human on the other side. They have the human and technological resources to respond."
"While I still have on-premises appliances, I can remotely monitor everything from the cloud, and Alert Logic's ease-of-access features have helped me streamline my workflow and reduce implementation time."
"The installation and configuration were slick."
"The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're monitoring."
"The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats."
"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."
"I think Netsurion scales well. We've gone from a small number of agents up to thousands. So I would imagine that it would continue to scale. I don't see any issue with that."
"They have what they call Elasticsearch which is very quick, although that's only available for the last seven days' worth of data. It used to be that, if I wanted to do a search from three days ago, it might take me 10 to 15 minutes because it had to actually unzip some archive files. So I really like that feature. It's almost instantaneous for anything within the last seven days."
"I like EventTracker's dashboard. I see it every time I log in because it's the first thing you get to. We have our own widgets that we use. For the sake of transparency, there are a few widgets that we look at there and then we move out from there... Among the particularly helpful widgets, the not-reporting widget is a big one. The number-of-logs-processed is also a good one."
"If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically."
"If I were to look at logs manually, there's no way I could do that. As an example, they are 48 million logs processed a day. There is no way I could look at all 48 million of those. So, it gives me a good structure to be able to look at the different incidents which are created and do different searches."
"The current reporting system could benefit from improvement."
"It's sometimes difficult to know when to engage Binary Defense or TrustedSec, their sister company. TrustedSec is more focused on offensive security, as opposed to the defensive security that the MDR solution provides. It would be awesome if there were a better bridge between that relationship for when we need to get more proactive services or when we need to do a penetration test."
"I would like to get more reports from Binary Defense about what they're blocking."
"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."
"I would like to see more frequent check-ins with our security status."
"The only area I see for improvement with Binary Defense is their service portal. It could benefit from some enhancements."
"Binary Defense MDR could be even better with additional features, like automatic scans and file quarantine."
"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."
"I would like more data on the alert payload. It would be good to have the ability to customize the alert payload to add whatever data that we want on there. Right now, it is a bit limited."
"They have ideas and email you whatever they find, but they don't have a dedicated security team who will work on an attack or a specific security instance."
"The setup process was complex."
"Its menu is not very intuitive. I would like to see the user menu expanded a bit. The user menu is very layered, and because of the layers, you have to go down a path that is not very intuitive."
"As a user involved with the user interface, I believe there is a need to continue improving it based on feedback from our customers."
"We'd like to have triggered alerts sent to us so we see errors quicker."
"Alert Logic needs to expand its SOCs to serve more markets, such as the Middle East and Asia. There should be infrastructure that covers more time zones. The company should also develop an EDR that is natively integrated into their solution. Currently, a client must buy another EDR solution like CrowdStrike or Sophos. I think Alert Logic is developing this. Built-in email security could also be developed and integrated."
"I would like to see it do initial scans and start capturing data, which it will truly analyze, not just be a reporting system saying, "Here is an email. Here is an email. Here is an email.""
"There's always room to improve because there would be no competition if they had a perfect solution. The GUI to perform searches within the product may not be intuitive to a new user."
"I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports."
"It would be great if they had a client for phones by which they could push a notification to us, as opposed to via email."
"There are some issues with searches taking a long period of time, but they assured me that they have implemented a new search function that's available in version 9, but which requires a solid-state hard drive... Depending on how many logs you have it could take a long time to return the results if you're looking back prior to the last 30 days."
"Netsurion's threat detection and response aren't quite mature. I would expect a little more."
"Everything that I've wanted has been added in. EDR was added, and MITRE was added. Those were two big ones that we didn't even have to push for."
"Netsurion's SOC can be a bit too aggressive at times."
"The weekly reporting could use some improvement. For example, when we handed them our landscape document, it took longer than I would have liked for those details to become noticeable within the reports."
Alert Logic is ranked 4th in SOC as a Service with 11 reviews while Netsurion is ranked 3rd in SOC as a Service with 24 reviews. Alert Logic is rated 8.0, while Netsurion is rated 8.4. The top reviewer of Alert Logic writes "Great reporting and session logic with an easy initial setup". On the other hand, the top reviewer of Netsurion writes "The SOC center monitors, hunts, and notifies us of threats around the clock". Alert Logic is most compared with Arctic Wolf Managed Detection and Response, CrowdStrike Falcon Complete, Sophos MDR, Rapid7 InsightIDR and SentinelOne Vigilance, whereas Netsurion is most compared with Arctic Wolf Managed Detection and Response and CyberHat CYREBRO. See our Alert Logic vs. Netsurion report.
See our list of best SOC as a Service vendors and best Managed Detection and Response (MDR) vendors.
We monitor all SOC as a Service reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.