We performed a comparison between IBM Watson for Cyber Security and Netsurion based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The UI of Sentinel is very good and easy to use, even for beginners."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"The most valuable features of IBM Watson for Cyber Security are ease of use and out-of-the-box reports and compliance policies. Additionally, if there are aspects that are missing IBM add them in the next release."
"IBM Watson for Cyber Security is very stable."
"The most valuable feature of this product is innovation, where the research and upgrading of technology never ends."
"The customer support is very good."
"The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're monitoring."
"The most valuable feature is definitely real-time alerting, especially in situations where someone might attempt to exploit or hack into our network."
"Netsurion has its own security operations center, where it tracks information that comes across our telemetry."
"The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls in."
"There are a host of things that are most valuable. Obviously monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our switches, all that stuff. They aggregate and correlate that quarterly. They'll tell us if we're getting a lot of login failures and something is going on or if something's weird."
"Netsurion was easy to deploy. I have worked with other systems that were a little less complex, but they weren't quite as easy to deploy."
"They have what they call Elasticsearch which is very quick, although that's only available for the last seven days' worth of data. It used to be that, if I wanted to do a search from three days ago, it might take me 10 to 15 minutes because it had to actually unzip some archive files. So I really like that feature. It's almost instantaneous for anything within the last seven days."
"When I looked last week, we probably averaged about 20 million log entries a day. So, we certainly can't individually manage that. Just looking at the reports, then trying to go back and find anything that was questionable, was a challenge. Therefore, the managed service has been invaluable to us in terms of being able to narrow the scope of what really needs to be looked at and bringing those things to our attention to be dealt with."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"The product can be improved by reducing the cost to use AI machine learning."
"The on-prem log sources still require a lot of development."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"This is an expensive product, so making it more cost-effective would be an improvement."
"The dashboard could improve in IBM Watson for Cyber Security."
"They need to continue to build the AI capabilities."
"In the future, I would like to see threat intelligence included."
"The deployment of the agents could be a bit easier. We always seem to have a bit of a challenge with that. A lot of times the agents either don't deploy or they quit responding, then we have to go and redeploy them."
"Netsurion's SOC can be a bit too aggressive at times."
"There's always room to improve because there would be no competition if they had a perfect solution. The GUI to perform searches within the product may not be intuitive to a new user."
"Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging."
"I would like to see the dashboard come up more quickly."
"Communication is always something that can be improved, but I feel that any time we've had a communication issue, it's quickly addressed when we bring those up at the monthly meetings. Usually, it's an individual that wasn't clear in the communication, it's not the process per se. You always have to be able to segregate if the process didn't work or an individual either didn't say the right thing or my people didn't understand what they were being told."
"Netsurion's threat detection and response aren't quite mature. I would expect a little more."
"The weekly reporting could use some improvement. For example, when we handed them our landscape document, it took longer than I would have liked for those details to become noticeable within the reports."
More IBM Watson for Cyber Security Pricing and Cost Advice →
IBM Watson for Cyber Security is ranked 45th in Security Information and Event Management (SIEM) with 4 reviews while Netsurion is ranked 15th in Security Information and Event Management (SIEM) with 24 reviews. IBM Watson for Cyber Security is rated 8.0, while Netsurion is rated 8.4. The top reviewer of IBM Watson for Cyber Security writes "An innovative and stable product that is well maintained and always up-to-date". On the other hand, the top reviewer of Netsurion writes "The SOC center monitors, hunts, and notifies us of threats around the clock". IBM Watson for Cyber Security is most compared with IBM Security QRadar, Splunk Enterprise Security and i-SIEM, whereas Netsurion is most compared with Arctic Wolf Managed Detection and Response, CyberHat CYREBRO and Wazuh.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
