• Home
  • Netsurion vs. Rapid7 InsightIDR

Netsurion vs Rapid7 InsightIDR comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Defender XDR
Read 79 Microsoft Defender XDR reviews
6,000 views|4,488 comparisons
97% willing to recommend
Netsurion Logo
Netsurion
Read 24 Netsurion reviews
290 views|106 comparisons
92% willing to recommend
Rapid7 Logo
Rapid7 InsightIDR
Read 29 Rapid7 InsightIDR reviews
1,476 views|759 comparisons
95% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Netsurion vs. Rapid7 InsightIDR
May 2024
Executive Summary

We performed a comparison between Netsurion and Rapid7 InsightIDR based on real PeerSpot user reviews.

Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Netsurion vs. Rapid7 InsightIDR Report (Updated: May 2024).
Download the complete report
770,394 professionals have used our research since 2012.
Featured Review
Sear Mahmood
It lets us prioritize threats and automate responses, but the threat intelligence could be better
Defender XDR enables us to prioritize threats according to the algorithm or our custom rules. We can prioritize threats and have the option to... Read more →
Kevin Lohan
Provides real-time alerting, a dedicated team, and around-the-clock monitoring
One of the primary benefits of using Netsurion for our organization is that, due to a mandate from our regulator, we are required to have robust... Read more →
Anonymous User
Quick to deploy and helpful in detecting and responding to security incidents before there is a big outage
Previously, when something happened, such as when a hacker was attacking one of our customers, we were always behind, or we didn't know that we... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I have found the ability to delete unwanted threats beneficial.""Scanning, vulnerability reporting, and the dashboard are the most valuable features.""Microsoft 365 Defender is a stable solution.""Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit.""All of the security components are valuable including, antiphishing, antispam, and stage three antivirus.""Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features.""There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply...""Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."

More Microsoft Defender XDR Pros →

"Netsurion's 24/7 monitoring has enhanced the overall security of the company. They have someone looking at the data 24/7 who will call us as needed. If their team spots a malicious process after hours, they notify the appropriate person by phone. We get a lot of actionable threat intelligence from Netsurion. For example, if a user clicks on a malicious link in a web page and starts an unusual process that isn't on the white-list, Netsurion's team can detect it and prevent it from executing. Afterward, they'll notify us by telephone, so we can respond and clean up whatever damage has occurred.""If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically.""Expediting incident response is really great.""Their SOC team manages vulnerability management and IOC reviews. They stop bad processes when they happen. The best thing is their weekly reviews of what has been going on in the infrastructure as well as the things that they see and what we should look out for.""When it comes to threat detection and response, it does a very good job detecting and blocking on its own. And the SOC is a nice added value because they're doing analysis on things that aren't as obvious, on things that you can't just detect with a signature or behavior. Also, any SIEM will come with a lot of noise, so having them do a lot of the initial analysis to find out what's critical and what issues are false alarms is very good.""I think Netsurion scales well. We've gone from a small number of agents up to thousands. So I would imagine that it would continue to scale. I don't see any issue with that.""The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats.""The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're monitoring."

More Netsurion Pros →

"The solution is very stable and works very well for what I need it to do.""Integration with threat modeling from the Metasploit and InsightIDR repositories.""The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue.""Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling.""The web interface is great — very useful and user-friendly.""It is a very stable solution.""Very intuitive and easy to set up.""Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."

More Rapid7 InsightIDR Pros →

Cons
"Sometimes, configurations take much longer than expected.""The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things.""The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform.""Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed.""Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation.""In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things.""At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times.""Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."

More Microsoft Defender XDR Cons →

"The system requirements are very, very high. So I need a pretty powerful server to run. If they could lighten that load so that the on-premise part of their product didn't impact my systems as much that would be ideal.""I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports.""The deployment of the agents could be a bit easier. We always seem to have a bit of a challenge with that. A lot of times the agents either don't deploy or they quit responding, then we have to go and redeploy them.""Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging.""The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated.""With version 8, there are quite a few things. The query tool was one of the big ones, and the query speed was one of the big ones, but they've made some great strides between versions 8 and 9. There were also issues in version 8 around the ability to get the data back out. It's one thing to collect data, but it's a whole other thing to be able to present it or run it in a timely manner. The old tool, depending on how far back I was looking, might even time out and I would have to run it again.""Netsurion's threat detection and response aren't quite mature. I would expect a little more.""I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events."

More Netsurion Cons →

"The main problem lies in the processes within the client's operating systems.""The integration capabilities of the solution have certain shortcomings where improvements are required.""The dashboard is an area that could be simplified.""Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already.""The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in.""Lacks a mobile application.""The ability to tune the collector for custom logs would greatly help.""InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."

More Rapid7 InsightIDR Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value."
  • "Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good."
  • "The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same."
  • "The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high."
  • "I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."
  • "When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."
  • "EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."
  • "In the security space, it's hard to quantify your return on investment. So, I don't. We spend about $40,000 a year and so. It's hard to say if the SIEM saved that much money."

    • More Netsurion Pricing and Cost Advice →

  • "​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
  • "The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
  • "Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
  • "​Accurately predict your licensing counts as this is a subscription based product.​"
  • "The pricing and licensing are competitive."
  • "Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
  • "It is a reasonably priced solution."
  • "It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."

    • More Rapid7 InsightIDR Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    See Recommendations
    770,394 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:The integration, visibility, vulnerability management, and device identification are valuable.
    Read all 39 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:There is the cost of the license, and there is the cost of implementation services. Only by enabling a license for your… more »
    Read all 30 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:The web filtering solution needs to be improved because currently, it is very simple. It is very important. Integrations… more »
    Read all 38 answers   →
    What do you like most about Netsurion Managed Threat Protection?
    Top Answer:Expediting incident response is really great.
    Read all 6 answers   →
    What is your experience regarding pricing and costs for Netsurion Managed...
    Top Answer:Their pricing is high. I don't know if it's a barrier. The quality speaks to the price. The price is the price. They… more »
    Read all 5 answers   →
    What needs improvement with Netsurion Managed Threat Protection?
    Top Answer:There is one area that needs improvement and that is with the agents and the server that's on-site. The system… more »
    Read all 6 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is… more »
    Read all 12 answers   →
    What do you like most about Rapid7 InsightIDR?
    Top Answer:During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its… more »
    Read all 20 answers   →
    What is your experience regarding pricing and costs for Rapid7 InsightIDR?
    Top Answer:We chose Rapid7 because of its price. IBM QRadar charges us based on data storage. Rapid7 InsightIDR charges us based on… more »
    Read all 17 answers   →
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    Netsurion Managed Threat Protection, Netsurion EventTracker
    InsightIDR
    Learn More
    Microsoft
    Netsurion
    Video Not Available
    Rapid7
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Our open XDR platform unifies your existing security telemetry to deliver wider attack surface coverage and deeper threat analytics resulting in greater security visibility. Our SOC does the heavy lifting for you of proactive threat hunting, event correlation and analysis, and provides you with guided remediation. The result is a force multiplier that allows your IT team to be confident and in control again while also maximizing all of your cybersecurity investments.

    Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores
    Liberty Wines, Pioneer Telephone, Visier
    Top Industries
    REVIEWERS
    Manufacturing Company18%
    Computer Software Company13%
    Financial Services Firm13%
    Government11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    REVIEWERS
    Financial Services Firm18%
    University9%
    Healthcare Company9%
    Energy/Utilities Company9%
    VISITORS READING REVIEWS
    Computer Software Company30%
    Manufacturing Company13%
    Government7%
    Financial Services Firm5%
    REVIEWERS
    Comms Service Provider21%
    Computer Software Company21%
    Security Firm14%
    Non Tech Company14%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Manufacturing Company8%
    Financial Services Firm8%
    Government6%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise23%
    Large Enterprise34%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    REVIEWERS
    Small Business38%
    Midsize Enterprise33%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business39%
    Midsize Enterprise17%
    Large Enterprise44%
    REVIEWERS
    Small Business61%
    Midsize Enterprise21%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise20%
    Large Enterprise54%
    Buyer's Guide
    Netsurion vs. Rapid7 InsightIDR
    May 2024
    Free Report: Netsurion vs. Rapid7 InsightIDR
    Find out what your peers are saying about Netsurion vs. Rapid7 InsightIDR and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    770,394 professionals have used our research since 2012.

    Netsurion is ranked 15th in Extended Detection and Response (XDR) with 24 reviews while Rapid7 InsightIDR is ranked 13th in Extended Detection and Response (XDR) with 29 reviews. Netsurion is rated 8.4, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Netsurion writes "The SOC center monitors, hunts, and notifies us of threats around the clock". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Netsurion is most compared with Arctic Wolf Managed Detection and Response and CyberHat CYREBRO, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar. See our Netsurion vs. Rapid7 InsightIDR report.

    See our list of best Extended Detection and Response (XDR) vendors and best Security Information and Event Management (SIEM) vendors.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.