We performed a comparison between Netsurion and Rapid7 InsightOps based on real PeerSpot user reviews.
Find out what your peers are saying about Secureworks, Check Point Software Technologies, Ace Cloud Hosting and others in Managed Security Services."When it comes to threat detection and response, it does a very good job detecting and blocking on its own. And the SOC is a nice added value because they're doing analysis on things that aren't as obvious, on things that you can't just detect with a signature or behavior. Also, any SIEM will come with a lot of noise, so having them do a lot of the initial analysis to find out what's critical and what issues are false alarms is very good."
"The most valuable feature is that we get the events: the alerts about disk space and the security reports that we get once a day, including user lockouts and the like."
"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."
"They have what they call Elasticsearch which is very quick, although that's only available for the last seven days' worth of data. It used to be that, if I wanted to do a search from three days ago, it might take me 10 to 15 minutes because it had to actually unzip some archive files. So I really like that feature. It's almost instantaneous for anything within the last seven days."
"The most valuable feature is definitely real-time alerting, especially in situations where someone might attempt to exploit or hack into our network."
"They have a number of integrations with different products. Google Workspace is one of them, and Microsoft Azure is another one. They integrate with a number of other things, such as Duo for multi-factor authentication. They can pull the logs from Duo to see if users are coming from bad repeatable IPs or if there are malicious known IPs that may be popping up in the logs. They are able to see that, and they can identify that. Some of the other integrations they do are from inside your network. For firewalls, they can integrate with SonicWall, Cisco, Fortinet, etc. They have a pretty wide variety of things to integrate with and be able to pull the logins from those devices."
"The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats."
"The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls in."
"It has the ability to alert and track logs from different sources."
"The ability to browse logs from multiple sources at the same time really speeds up root cause analysis."
"We can save logs as plain text."
"The most valuable feature of Rapid7 InsightOps is the search functionality."
"Integration of InsightOps with other tools, especially SIEM solutions, has generally improved operational efficiency."
"We get a report generated on a particular day of the week and we go through it, trying to mitigate problems and make sure we're seeing everything that's happening. It would be helpful if the SOC spent a little more time with us going through some of those reports."
"I would like to see the dashboard come up more quickly."
"The system requirements are very, very high. So I need a pretty powerful server to run. If they could lighten that load so that the on-premise part of their product didn't impact my systems as much that would be ideal."
"The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later."
"Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging."
"The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated."
"With version 8, there are quite a few things. The query tool was one of the big ones, and the query speed was one of the big ones, but they've made some great strides between versions 8 and 9. There were also issues in version 8 around the ability to get the data back out. It's one thing to collect data, but it's a whole other thing to be able to present it or run it in a timely manner. The old tool, depending on how far back I was looking, might even time out and I would have to run it again."
"The biggest problem is that we have too many domain controllers. So, we have to keep all the clients and main system updated with the latest versions along with making sure all the firewalls are open."
"Rapid7 InsightOps could improve by making the search query better. There are times when the search query is broken and it does not find anything."
"Since I used the beta, improvements are to be expected. The dashboard options could have been clearer, but I believe it is more a problem with the limited documentation available at the time."
"The solution takes a little bit of time when we load the website for the first time."
"Improvement is needed in the dashboard of InsightOps, especially for less technical users."
"There are a few things I would like to do with a few more complex queries which I am not able to do right now, because it is a SaaS solution."
Netsurion is ranked 5th in Managed Security Services with 24 reviews while Rapid7 InsightOps is ranked 36th in Log Management with 9 reviews. Netsurion is rated 8.4, while Rapid7 InsightOps is rated 8.8. The top reviewer of Netsurion writes "The SOC center monitors, hunts, and notifies us of threats around the clock". On the other hand, the top reviewer of Rapid7 InsightOps writes "Useful search functionality, easy to use, and reliable". Netsurion is most compared with Arctic Wolf Managed Detection and Response and CyberHat CYREBRO, whereas Rapid7 InsightOps is most compared with Wazuh, Datadog, New Relic, Splunk Enterprise Security and Dynatrace.
We monitor all Managed Security Services reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.