No more typing reviews! Try our Samantha, our new voice AI agent.

ESET EDR/XDR vs Netsurion comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
ESET EDR/XDR
Ranking in Extended Detection and Response (XDR)
22nd
Average Rating
9.0
Reviews Sentiment
4.7
Number of Reviews
4
Ranking in other categories
Authentication Systems (20th), Endpoint Detection and Response (EDR) (28th)
Netsurion
Ranking in Extended Detection and Response (XDR)
44th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
24
Ranking in other categories
Managed Security Services Providers (MSSP) (22nd), Security Information and Event Management (SIEM) (49th), SOC as a Service (11th), Managed Detection and Response (MDR) (32nd)
 

Mindshare comparison

As of July 2026, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.6%, down from 5.1% compared to the previous year. The mindshare of ESET EDR/XDR is 1.4%, up from 1.1% compared to the previous year. The mindshare of Netsurion is 0.9%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks4.6%
ESET EDR/XDR1.4%
Netsurion0.9%
Other93.1%
Extended Detection and Response (XDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
GirdharMishra - PeerSpot reviewer
Program Manager at iONE IT Solutions
Centralized monitoring has improved threat visibility and reduced incident response time
In terms of valuable features in ESET EDR/XDR, we focus on endpoint device management as well as for the firewall team, including our log analysis and monitoring the firewall, which are three significant functions for us. ESET EDR/XDR has automated threat detection that gives us real-time incident alerts, and it helps us proactively receive and work on incidents that could have an impact. Regarding the usefulness of ESET EDR/XDR's behavior-based analysis in detecting potential breaches, we have identified some files or configuration files that should remain static, and if any changes occur without proper change management, we are able to identify those changes, including detecting zero-day attacks. The integration of threat intelligence feeds has helped our response strategies, as we are using Oracle OCA-based data analysis, and we have integrated it so that logs are forwarded to our SIEM, allowing us to analyze the data effectively. I evaluate the impact of centralized management on our security operations as very useful because it eliminates the need to log into individual systems to find sources, allowing us to identify all types of risks and vulnerabilities from a single desk.
John-Berry - PeerSpot reviewer
Information Technology Manager at ProfitSolv
The SOC center monitors, hunts, and notifies us of threats around the clock
I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"It is an easy-to-use tool."
"I like that the product has behavior-based detection which offers many benefits over signature-based detection."
"The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions."
"Cortex XDR by Palo Alto Networks has helped lighten the load of our security analysts because it was the major tool that we were using and the one we utilized most."
"I recommend this solution to others because it is easy to manage, reliable, and overall good to use."
"I've found the solution to be highly scalable for enterprises."
"Threat identification and detection are the most valuable features of this solution."
"ESET EDR/XDR has automated threat detection that gives us real-time incident alerts, and it helps us proactively receive and work on incidents that could have an impact."
"The solution is easy to use."
"The initial setup of ESET EDR_XDR is very simple, easy to deploy, and manage."
"It is pretty easy to install without any hassles, and ESET EDR_XDR has its own cloud portal where everything is available."
"EventTracker has increased productivity and saved us time, absolutely."
"Overall, we're really thrilled with them."
"We don't have the eyeballs available to stare and watch for things, or even have the capability of building internal alert systems. So, the managed SOC has been huge for freeing up staff to work on other responsibilities. We are saving on at least one full-time employee."
"They have a number of integrations with different products. Google Workspace is one of them, and Microsoft Azure is another one. They integrate with a number of other things, such as Duo for multi-factor authentication. They can pull the logs from Duo to see if users are coming from bad repeatable IPs or if there are malicious known IPs that may be popping up in the logs. They are able to see that, and they can identify that. Some of the other integrations they do are from inside your network. For firewalls, they can integrate with SonicWall, Cisco, Fortinet, etc. They have a pretty wide variety of things to integrate with and be able to pull the logins from those devices."
"The solution provides actionable threat intelligence, it is not a passive service, they go in and perform mitigations on whatever they find, it is timely, and they provide context so it is understood by anyone who receives these reports."
"Expediting incident response is really great."
"It's a deny-all policy, so there's an access list on each machine, and it was effortless to tune it for our software because we have four pieces of intellectual property used in-house, and that was super easy to get up and running compared to some of the other solutions I've seen."
"Netsurion's security operations center is critical for us because they provide 24/7 monitoring, we've never had another company meet the same need in the past, and it's a valuable tool to have."
 

Cons

"A little bit more automation would be nice."
"Managing the product should be easier."
"They've been having some issues with updating their endpoint agents, and it has been quite frustrating."
"The deployment is pretty hard."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"The dashboard could use some significant improvement, just making it more useful with more information. It has a limited amount of information right now. It is customizable, but I'd love to see a better out-of-box dashboard."
"Cortex XDR by Palo Alto Networks could improve its user interface, which is more complicated compared to competitors such as SentinelOne."
"The solution eats memory of the computer, unlike anything I've ever seen."
"The memory and CPU footprint can affect performance. It sometimes slows down the CPU performance."
"ESET EDR_XDR needs to conduct more research and development and innovations in early detection of attacks."
"The solution could improve how it scours each website."
"There are some issues with searches taking a long period of time, but they assured me that they have implemented a new search function that's available in version 9, but which requires a solid-state hard drive... Depending on how many logs you have it could take a long time to return the results if you're looking back prior to the last 30 days."
"Communication is always something that can be improved, but I feel that any time we've had a communication issue, it's quickly addressed when we bring those up at the monthly meetings. Usually, it's an individual that wasn't clear in the communication, it's not the process per se. You always have to be able to segregate if the process didn't work or an individual either didn't say the right thing or my people didn't understand what they were being told."
"There's always room to improve because there would be no competition if they had a perfect solution. The GUI to perform searches within the product may not be intuitive to a new user."
"The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated."
"Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging."
"I would also like to have a dashboard that I can access anytime to review the real-time data from their website."
"I would like to see the dashboard come up more quickly."
"Where there is an opportunity for improvement is in the interface used for performing the searches."
 

Pricing and Cost Advice

"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"The price of the solution is high for the license and in general."
"The price was fine."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"The price is on the higher side, but it's okay."
"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."
"I rate the solution’s pricing a six or seven out of ten.."
"You are paying for different levels, especially as far as the monitoring goes and how often you review it with the team. The other factor that figures in is how many nodes are on your network, such as clients, network equipment, servers, etc. There are some additional pieces on top of that, but it's laid out pretty simply, as far as how much you're going to pay for a node."
"Netsurion's pricing is extremely fair and flexible. The price of their SIEM product is reasonable, and you can pay for those services you want on top of that. It wasn't cheap, but it's competitive, and we intend to renew our contract."
"We put together the package of what we needed. It was based pretty much on the number of agents that we were deploying. If we needed to manage logging from certain specific applications, like Active Directory and SQL Server, there has been no additional cost for that. We had agents deployed for those specific servers and the applications were included, then there was just an additional installation that they had to do for us."
"The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same."
"We have seen time and cost savings. It prevents us from having to hire specialized people for this type of work. We would need to hire six staff members to accommodate the same service."
"The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high."
"When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."
"Netsurion's pricing is competitive. At the same time, they're the only ones who do what we want to do the way we want it. I can't say we would've paid more, but we would've had to have come up with our own solution if they weren't providing that."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
15%
Comms Service Provider
13%
Manufacturing Company
8%
Construction Company
8%
Construction Company
11%
Outsourcing Company
10%
Performing Arts
10%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise7
Large Enterprise7
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for ESET EDR/XDR?
I find the price of ESET EDR/XDR to be competitive to the market, which is a reasonable aspect for us.
What needs improvement with ESET EDR/XDR?
I just deploy and forget it, so I don't get into much detail about improvements. The major setback we face with ESET ...
What advice do you have for others considering ESET EDR/XDR?
We might get good pricing one year, and then the next year there could be significant pricing issues. Integration wit...
Ask a question
Earn 20 points
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
ESET Secure Authentication
Netsurion Managed Threat Protection, Netsurion EventTracker
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Mitsubishi Motors, Canon
The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores
Find out what your peers are saying about ESET EDR/XDR vs. Netsurion and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.