Try our new research platform with insights from 80,000+ expert users

CRITICALSTART vs Netsurion comparison

Critical Start and Netsurion are both solutions in the Managed Detection and Response (MDR) category. Critical Start is ranked #32, while Netsurion is ranked #14 with an average rating of 8.6. Critical Start holds a 0.8% mindshare in MDR, compared to Netsurion’s 0.3% mindshare. Additionally, 100% of Critical Start users are willing to recommend the solution, compared to 92% of Netsurion users who would recommend it.
CRITICALSTART
Read 10 CRITICALSTART reviews
  • 628 Views
  • 333 Comparison Views
100% willing to recommend
Netsurion
Read 24 Netsurion reviews
  • 396 Views
  • 182 Comparison Views
92% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 3, 2024

CRITICALSTART and Netsurion are competitors in the cybersecurity market. CRITICALSTART has an advantage in customer satisfaction due to its lower pricing and effective support, while Netsurion is known for its extensive feature set that provides a strong value proposition.

Features: CRITICALSTART stands out with managed detection and response capabilities, threat visibility, and proactive incident management. Netsurion is prominent for unified threat management, multiple security layers integration, and attack surface reduction.

Room for Improvement: CRITICALSTART could enhance its feature set to compete with more comprehensive solutions. Its detection accuracy and user interface could be more intuitive. Netsurion's deployment process could be simplified, and pricing could be more competitive. Its customer support responsiveness also has room for enhancement.

Ease of Deployment and Customer Service: CRITICALSTART offers an efficient and streamlined deployment process with highly supportive customer service. Netsurion has a more complex deployment due to its extensive features but compensates with detailed guidance and dedicated support teams.

Pricing and ROI: CRITICALSTART is known for a lower initial cost, appealing to those seeking a cost-effective solution without sacrificing quality. Netsurion, though more expensive initially, offers considerable ROI through comprehensive security capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed CRITICALSTART vs. Netsurion Report (Updated: April 2025).
Buyer's Guide
CRITICALSTART vs. Netsurion
April 2025
Download the complete report
Helped 850,028 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CRITICALSTART
Ranking in Managed Detection and Response (MDR)
32nd
Average Rating
9.4
Reviews Sentiment
7.3
Number of Reviews
10
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (31st)
Netsurion
Ranking in Managed Detection and Response (MDR)
14th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
24
Ranking in other categories
Managed Security Services Providers (MSSP) (5th), Security Information and Event Management (SIEM) (18th), SOC as a Service (3rd), Extended Detection and Response (XDR) (18th)
 

Mindshare comparison

As of May 2025, in the Managed Detection and Response (MDR) category, the mindshare of CRITICALSTART is 0.8%, down from 0.9% compared to the previous year. The mindshare of Netsurion is 0.3%, down from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Managed Detection and Response (MDR)
 

Featured Reviews

PB
Saves my team time and alert fatigue, allowing us to concentrate on more important things
The Trusted Behavior Registry helps resolve alerts in the sense that CRITICALSTART is doing a lot of that initial triage for me. Out of a given 500,000 events and alerts, for example, that come through, they're taking out 495,000 of them. That only leaves me with a subset of that to actually have to triage, and that's where it benefits us. They take care of Tier-1 and Tier-2 triage. And the new mobile app is awesome. It is one of the best I've ever seen. It's much better than its predecessor. It's more intuitive, a whole lot easier to navigate and get where you need to go. It's less repetitive and just generally easier to use. It allows me to not have to be sitting at my computer all the time. I can be on my phone or tablet or wherever I'm at. It makes it a lot easier to answer tickets and do that kind of thing. Also, the intuitiveness of the updated user interface for the service is spot-on. It is much easier to navigate, and know where to navigate, in the newer interface. I've never had an issue with responsiveness. It's very quick and doesn't sit there and chug on anything. It's fast, it's efficient. It has enabled our SecOps team to take action faster because if you have multiple ways of connecting to it and actually getting your alerts answered and taking care of things fast, it is extremely helpful. All the information that you need to make a determination is usually in the alert itself that comes through the Zero-Trust Analytics Platform (ZTAP). I don't find myself going back to the app itself very often. That still happens, but not as often. The ability to flow the information forward, from the alert standpoint, helps me because it saves me from running back to get the information. It's improved my efficiency. Finally, there haven't been any data sources that the service wasn't able to integrate with.
Read full review
John-Berry - PeerSpot reviewer
The SOC center monitors, hunts, and notifies us of threats around the clock
I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Customer service and their response are phenomenal. I would give their customer support a nine point five (out of 10). Our easy access to their SOC analyst, sales team, and leadership team instills confidence in me that they are there for us 24/7."
"My impression of the transparency of the data is that it has good detail. It allows you to see how many events have come in, how many of those events have made it down to their analysts to review, and then however many from their analysts to be able to close out, have been able to been escalated to us. It's a good metric that we can share with my management. They see the value of what the SOC is bringing on top of what my team is already doing."
"The new mobile app is awesome. It is one of the best I've ever seen. It's much better than its predecessor. It's more intuitive, a whole lot easier to navigate and get where you need to go. It's less repetitive and just generally easier to use. It allows me to not have to be sitting at my computer all the time. I can be on my phone or tablet or wherever I'm at. It makes it a lot easier to answer tickets and do that kind of thing."
"Their Zero Trust Analytics Platform (ZTAP) engine, which is kind of their correlation engine, is by far and away one of the best in the business. We can filter and utilize different lists to build out different alerts, such as, what to alert on and when not to alert. This engine helps reduce our number of alerts and false positives."
"Outside of using the platform to manage alerts, the feature of the service that we get the most value from is being able to reach out to them and say, "Hey, we might go buy a SIEM," for example. They give us their overview of what's out there, what they've dealt with, what they integrate with, and what that looks like. That's been pretty powerful over the years for us."
"From where we were prior to going into them, the service has increased our analysts’ efficiency to the point that they can focus on other areas of the business. It gives me the ability to allow analysts to do Level 3 and 4 work and stay out of the weeds of the alerts, where you tend to get alert fatigue. The service takes care of much of the Tier 1 and Tier 2 triage. It is more effective than what we had been used to, because it allows the filtering of Level 1 and Level 2 type alerts to be taken care of. This leaves less for us to handle, which is a good thing."
"There is a team of people who monitor our traffic and processes 24/7, so if anything raises a flag or alert, it will escalate back to me right away. That's the most incredible part: Humans working behind the scenes 24/7 to monitor our networks."
"The quick interaction between the agents is the most valuable feature. If we have questions, they're quick to answer. If we make a change to our system, they quickly make the changes that are necessary to filter the logs correctly."
More CRITICALSTART pros
"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."
"I think Netsurion scales well. We've gone from a small number of agents up to thousands. So I would imagine that it would continue to scale. I don't see any issue with that."
"We have also integrated our endpoint security into the Netsurion SIEM. That's important because we have all the events in one place; we don't have to manage them in multiple places. In addition, the embedded MITRE ATT&CK Framework was paramount in our decision to choose Managed Threat Protection because the MITRE Framework is the industry standard for threats."
"When it comes to threat detection and response, it does a very good job detecting and blocking on its own. And the SOC is a nice added value because they're doing analysis on things that aren't as obvious, on things that you can't just detect with a signature or behavior. Also, any SIEM will come with a lot of noise, so having them do a lot of the initial analysis to find out what's critical and what issues are false alarms is very good."
"The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls in."
"I like EventTracker's dashboard. I see it every time I log in because it's the first thing you get to. We have our own widgets that we use. For the sake of transparency, there are a few widgets that we look at there and then we move out from there... Among the particularly helpful widgets, the not-reporting widget is a big one. The number-of-logs-processed is also a good one."
"There are a host of things that are most valuable. Obviously monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our switches, all that stuff. They aggregate and correlate that quarterly. They'll tell us if we're getting a lot of login failures and something is going on or if something's weird."
"I really appreciate the fact that the dashboard breaks everything down into a pretty easy view for me... It shows what changes are happening to privileged user accounts, access and identity, what's cropping up. It shows application activity and whether we've got system resources that aren't online and being found anymore. It's a pretty simple, easy, quick hit and there are the supporting logs behind it. If I need to drill down further, I can do that quickly. It's very effective."
More Netsurion pros
 

Cons

"There is room for improvement with the new UI, and that's about it. I would like to see a more intuitive design."
"In terms of responsiveness, when I open up an alert, sometimes it takes a bit of time to load. However, it only happened once or twice."
"They could dig a little bit deeper into the Splunk alerts when they feel like they need to be escalated to us. For example, if a locked account shows up, they could do a little extra digging to verify that the locked account was due to a bad password on the local system. They could just do a little extra digging within the Splunk environment instead of pushing it onto us to go do that extra little digging."
"They just did a user interface overhaul to the website portal that you use for troubleshooting tickets. The old one was fine. The new one is not intuitive..."
"The updated UI is actually pretty bad. Regarding the intuitiveness, it is fairly easy to use, but the responsiveness, on a scale of one to 10, is a one. It's really poor performance."
"During the six-month integration and rollout, there were some bumpy roads along the way. There were communication breakdowns between the project manager, CRITICALSTART leadership, and us (as the customer). I expressed my displeasure during the integration in their inability to effectively communicate when there were holdups or issues. They were going through some growing pains at that time, but they have been right there for us ever since."
"It has frustrated us that they don't have a native Slack integration, because most things do now. That's something we've asked for, for years, and it just doesn't really seem like it's a priority."
"The biggest room for improvement is not necessarily in their service or offering, but in the products that they support. I would like them to further their knowledge and ability to integrate with those tools. They have base integrations with everything, and we haven't come across anything. They should just continue to build on that API interface between their applications and other third-party consoles."
More CRITICALSTART cons
"Probably the biggest thing is just: Can I search for this and what's the best way to do it? If I'm looking for two events versus a singular event, I just throw it back at them. They're the experts on it."
"I would like to see the dashboard come up more quickly."
"The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated."
"I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports."
"Netsurion's SOC can be a bit too aggressive at times."
"Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging."
"Everything that I've wanted has been added in. EDR was added, and MITRE was added. Those were two big ones that we didn't even have to push for."
"There are some issues with searches taking a long period of time, but they assured me that they have implemented a new search function that's available in version 9, but which requires a solid-state hard drive... Depending on how many logs you have it could take a long time to return the results if you're looking back prior to the last 30 days."
More Netsurion cons
 

Pricing and Cost Advice

"The pricing of other services was so insane that they weren't even an option."
"It costs a lot for what we felt comfortable to spend."
"The pricing has always been competitive. They have always been good to us. They will make it a fight. They don't try to hide anything; it's always been fully transparent and well-worth what we pay for it."
"Overall, for what I'm paying for it, and the benefit I'm getting out of it, it is right where it needs to be, if not a little bit in my favor. For what it costs me to actually have this service, I could afford one internal person to do that job, but now I have a team of 10 or more who are doing that job, and they don't sleep because they work shifts."
"As far as the expense goes, it's very competitive pricing and the services you get are almost like you have a person on your team."
"There are contractual penalties if their SLAs are not met. This commitment was very important in our decision to go with this service, because not having downtime is extremely important to us. The providers has not missed an SLA in the 18 months that I have worked with them."
"I've told CRITICALSTART that I think the managed service they provide is cheaper than it should be. It's a really good deal."
"The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same."
"You are paying for different levels, especially as far as the monitoring goes and how often you review it with the team. The other factor that figures in is how many nodes are on your network, such as clients, network equipment, servers, etc. There are some additional pieces on top of that, but it's laid out pretty simply, as far as how much you're going to pay for a node."
"Our budget follows the calendar year. We just started a new budget year at the beginning of the month. We did budget for an increase in our threat management system selection. Therefore, we have the budget to implement and accommodate a threat management system change, including an increase for the quoted actions that we received to improve EventTracker. We are just waiting on our council to approve that budget, which might not be for a little while. Hopefully, when they do, we will be able to jump on doing something."
"When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."
"The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value."
"We put together the package of what we needed. It was based pretty much on the number of agents that we were deploying. If we needed to manage logging from certain specific applications, like Active Directory and SQL Server, there has been no additional cost for that. We had agents deployed for those specific servers and the applications were included, then there was just an additional installation that they had to do for us."
"It is a bit expensive as compared to some of the other products that have come out in recent years. Expense-wise, the only downside is that it is not cheap."
"EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."
More Netsurion pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Managed Detection and Response (MDR) solutions are best for your needs.
See recommendations
850,028 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Healthcare Company
11%
Real Estate/Law Firm
11%
Financial Services Firm
9%
Computer Software Company
25%
Manufacturing Company
10%
Government
10%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about Netsurion Managed Threat Protection?
Expediting incident response is really great.
See all answers
What is your experience regarding pricing and costs for Netsurion Managed Threat Protection?
Their pricing is high. I don't know if it's a barrier. The quality speaks to the price. The price is the price. They provide what they promise. From a purchasing perspective, I just have to come ba...
See all answers
What needs improvement with Netsurion Managed Threat Protection?
There is one area that needs improvement and that is with the agents and the server that's on-site. The system requirements are very, very high. So I need a pretty powerful server to run. If they c...
See all answers
 

Comparisons

ReliaQuest GreyMatter vs CRITICALSTART Logo
ReliaQuest GreyMatter vs CRITICALSTART
Compared 21% of the time
Red Canary vs CRITICALSTART Logo
Red Canary vs CRITICALSTART
Compared 19% of the time
BlueVoyant CORE vs CRITICALSTART Logo
BlueVoyant CORE vs CRITICALSTART
Compared 18% of the time
CrowdStrike Falcon Complete MDR vs CRITICALSTART Logo
CrowdStrike Falcon Complete MDR vs CRITICALSTART
Compared 16% of the time
Arctic Wolf Managed Detection and Response vs CRITICALSTART Logo
Arctic Wolf Managed Detection and Response vs CRITICALSTART
Compared 15% of the time
More CRITICALSTART Competitors
Sumo Logic Security vs Netsurion Logo
Sumo Logic Security vs Netsurion
Compared 34% of the time
Devo vs Netsurion Logo
Devo vs Netsurion
Compared 34% of the time
Arctic Wolf Managed Detection and Response vs Netsurion Logo
Arctic Wolf Managed Detection and Response vs Netsurion
Compared 32% of the time
More Netsurion Competitors
 

Product Reports

Buyer's Guide
CRITICALSTART
May 2025
CRITICALSTART reportDownload CRITICALSTART product report
Buyer's Guide
Netsurion
April 2025
Netsurion reportDownload Netsurion product report
 

Also Known As

Critical Start, CriticalStart
Netsurion Managed Threat Protection, Netsurion EventTracker
 

Overview

The cybersecurity landscape is growing more complex by the day with the arrival of new threats and new tools supposedly designed for combating them. The problem is it’s all creating more noise and confusion for security professionals to sort through.

CRITICALSTART is the only MDR provider committed to eliminating acceptable risk and leaving nothing to chance. They believe that companies should never have to settle for “good enough.” Their award-winning portfolio includes end-to-end Professional Services and Managed Detection and Response (MDR). CRITICALSTART MDR puts a stop to alert fatigue by leveraging the Zero Trust Analytics Platform (ZTAP) plus the industry-leading Trusted Behavior Registry, which eliminates false positives at scale by resolving known-good behaviors. Driven by 24x7x365 human-led, end-to-end monitoring, investigation and remediation of alerts, their on-the-go threat detection and response capabilities are enabled via a fully interactive MOBILESOC app.

Critical Start

Netsurion offers a comprehensive solution for centralized log management, SIEM, and managed services, ensuring continuous monitoring and security event analysis for diverse organizations, enhancing IT security and compliance.

Netsurion centralizes event management through SIEM and managed services. Organizations leverage it for vulnerability assessment and intrusion detection, integrating logs from Windows, Linux, and network devices. Its SOC provides 24/7 monitoring, ensuring compliance with PCI and audit standards. Real-time alerts and efficient log data aggregation enhance threat identification and response. Weekly reports and insights into user lockouts contribute to robust security management, beneficial for firms with constrained resources.

What are some key features of Netsurion?
  • SIEM Integration: Centralizes security event data for easier management.
  • Managed Services: Provides 24/7 SOC monitoring and support.
  • Real-TIme Alerts: Notifies of unusual security events promptly.
  • Threat Intelligence: Delivers actionable insights for proactive defense.
  • Seamless Platform Integration: Compatible with Office 365, firewalls, and other platforms.
How can companies benefit from using Netsurion?
  • Enhanced Security Management: Real-time monitoring and alerts streamline threat response.
  • PCI Compliance: Supports meeting audit and regulatory requirements efficiently.
  • Resource Optimization: Weekly reports and detailed insights aid decision-making for limited-resource organizations.
  • Improved Threat Detection: Consolidating logs and real-time intelligence helps in identifying threats swiftly.

Netsurion is implemented across industries like finance, healthcare, and retail, where security is crucial. These sectors require robust monitoring and compliance solutions, utilizing Netsurion's seamless integration with their existing infrastructure to manage security operations effectively, addressing both regulatory needs and threat management.

Netsurion
 

Sample Customers

Information Not Available
The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores
Buyer's Guide
CRITICALSTART vs. Netsurion
April 2025
Free Report: CRITICALSTART vs. Netsurion
Find out what your peers are saying about CRITICALSTART vs. Netsurion and other solutions. Updated: April 2025.
DOWNLOAD NOW
850,028 professionals have used our research since 2012.
See our CRITICALSTART vs. Netsurion report.
See our list of best Managed Detection and Response (MDR) vendors.

We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.