• Home
  • Logsign Next-Gen SIEM vs. Netsurion

Logsign Next-Gen SIEM vs Netsurion comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Sentinel

Read 85 Microsoft Sentinel reviews
31,886 views|17,713 comparisons
92% willing to recommend
Logsign Logo

Logsign Next-Gen SIEM

Read 2 Logsign Next-Gen SIEM reviews
628 views|516 comparisons
100% willing to recommend
Netsurion Logo

Netsurion

Read 24 Netsurion reviews
869 views|312 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Security Information and Event Management (SIEM)
April 2024
Executive Summary

We performed a comparison between Logsign Next-Gen SIEM and Netsurion based on real PeerSpot user reviews.

Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM).
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: April 2024).
Download the complete report
769,334 professionals have used our research since 2012.
Featured Review
Nagendra Nekkala
Provides a unified set of tools to detect, investigate, and respond to incidents and enables proactive threat hunting
We use the tool because we want a solution that can quickly analyze large volumes of data across the enterprise. Microsoft Sentinel is a one-stop... Read more →
Anonymous User
Easy to use and find the features that you need
The solution secures attacks and monitors too. If there's a real attack running and we need to apply a solution first, we opt for Logsign. A couple... Read more →
John-Berry
The SOC center monitors, hunts, and notifies us of threats around the clock
Netsurion's additional data source integration provides a unified view of our security posture. This makes it easy to track and see what's... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found.""Sentinel pricing is good""Free ingestion for Azure logs (with E5 licence)""I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box.""The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high.""Log aggregation and data connectors are the most valuable features.""The main benefit is the ease of integration.""The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."

More Microsoft Sentinel Pros →

"Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats."

More Logsign Next-Gen SIEM Pros →

"We have also integrated our endpoint security into the Netsurion SIEM. That's important because we have all the events in one place; we don't have to manage them in multiple places. In addition, the embedded MITRE ATT&CK Framework was paramount in our decision to choose Managed Threat Protection because the MITRE Framework is the industry standard for threats.""What I like most about Netsurion is the level of visibility and reporting.""I really appreciate the fact that the dashboard breaks everything down into a pretty easy view for me... It shows what changes are happening to privileged user accounts, access and identity, what's cropping up. It shows application activity and whether we've got system resources that aren't online and being found anymore. It's a pretty simple, easy, quick hit and there are the supporting logs behind it. If I need to drill down further, I can do that quickly. It's very effective.""The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats.""The most valuable feature is definitely real-time alerting, especially in situations where someone might attempt to exploit or hack into our network.""There are a host of things that are most valuable. Obviously monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our switches, all that stuff. They aggregate and correlate that quarterly. They'll tell us if we're getting a lot of login failures and something is going on or if something's weird.""Their SOC team manages vulnerability management and IOC reviews. They stop bad processes when they happen. The best thing is their weekly reviews of what has been going on in the infrastructure as well as the things that they see and what we should look out for.""I like EventTracker's dashboard. I see it every time I log in because it's the first thing you get to. We have our own widgets that we use. For the sake of transparency, there are a few widgets that we look at there and then we move out from there... Among the particularly helpful widgets, the not-reporting widget is a big one. The number-of-logs-processed is also a good one."

More Netsurion Pros →

Cons
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome.""The playbook is a bit difficult and could be improved.""We are invoiced according to the amount of data generated within each log.""Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect.""The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything...""It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more.""There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework.""At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."

More Microsoft Sentinel Cons →

"I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts."

More Logsign Next-Gen SIEM Cons →

"Probably the biggest thing is just: Can I search for this and what's the best way to do it? If I'm looking for two events versus a singular event, I just throw it back at them. They're the experts on it.""We get a report generated on a particular day of the week and we go through it, trying to mitigate problems and make sure we're seeing everything that's happening. It would be helpful if the SOC spent a little more time with us going through some of those reports.""The weekly reporting could use some improvement. For example, when we handed them our landscape document, it took longer than I would have liked for those details to become noticeable within the reports.""Netsurion's SOC can be a bit too aggressive at times.""There are some issues with searches taking a long period of time, but they assured me that they have implemented a new search function that's available in version 9, but which requires a solid-state hard drive... Depending on how many logs you have it could take a long time to return the results if you're looking back prior to the last 30 days.""Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging.""The agents on the endpoints seem to fail quite a bit, requiring manual involvement from the local administrators. I would like to see their product be much more ad hoc and update automatically.""I would also like to have a dashboard that I can access anytime to review the real-time data from their website."

More Netsurion Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

    Information Not Available
  • "The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value."
  • "Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good."
  • "The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same."
  • "The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high."
  • "I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."
  • "When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."
  • "EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."
  • "In the security space, it's hard to quantify your return on investment. So, I don't. We spend about $40,000 a year and so. It's hard to say if the SIEM saved that much money."

    • More Netsurion Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    769,334 professionals have used our research since 2012.
    Questions from the Community
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Read all 2 answers   →
    What needs improvement with Logsign Next-Gen SIEM?
    Top Answer:I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing… more »
    Read all 2 answers   →
    What is your primary use case for Logsign Next-Gen SIEM?
    Top Answer:The solution is used as a security monitoring solution. We are collecting logs from different security products in the… more »
    What advice do you have for others considering Logsign Next-Gen SIEM?
    Top Answer:I prefer Logsign for our company's deployment in Saudi Arabia because the pricing is reasonable, and integration is… more »
    Read all 2 answers   →
    What do you like most about Netsurion Managed Threat Protection?
    Top Answer:Expediting incident response is really great.
    Read all 6 answers   →
    What is your experience regarding pricing and costs for Netsurion Managed...
    Top Answer:Their pricing is high. I don't know if it's a barrier. The quality speaks to the price. The price is the price. They… more »
    Read all 5 answers   →
    What needs improvement with Netsurion Managed Threat Protection?
    Top Answer:There is one area that needs improvement and that is with the agents and the server that's on-site. The system… more »
    Read all 6 answers   →
    Comparisons
    Also Known As
    Azure Sentinel
    Netsurion Managed Threat Protection, Netsurion EventTracker
    Learn More
    Microsoft
    Logsign
    Netsurion
    Video Not Available
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Logsign delivers automation-driven cyber security solutions and are committed to providing the smartest, easiest-to-use and most affordable cybersecurity detection and response solutions and value-added services. Logsign Next-Gen SIEM is an enterprise-grade SIEM, inline with our promise, it's easy-to-deploy, easy-to-use and affordable unlike the other enterprise-grade SIEM softwares. 

    • Easy-to-deploy, easy-to-use and affordable SIEM for all.
    • Unlimited scalability, high availability - cluster SIEM, big data infrastructure. 
    • Deploy on every environment, on-premise solution.
    • 400+ predefined integrations and free plugin service.
    • Collects & stores unlimited data.
    • Threat hunting, fast search & investigation, advanced behavior analysis, IOC detection.
    • Real-time detection & prevention, wide correlation library based on Mitre Att&ck framework. 
    • Real-time monitoring, predefined dashboards & reports, meeting compliance requirements (PCI DSS, ISO 27001, HIPAA, SOX and more).
    • Automated notifications, automated actions.
    • Flexible pricing options, and more information and for more automated response features, please look for our SOAR platform.

    Our open XDR platform unifies your existing security telemetry to deliver wider attack surface coverage and deeper threat analytics resulting in greater security visibility. Our SOC does the heavy lifting for you of proactive threat hunting, event correlation and analysis, and provides you with guided remediation. The result is a force multiplier that allows your IT team to be confident and in control again while also maximizing all of your cybersecurity investments.

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Turkish Petroleum, Tırsan, DP World, SAC American Colleges, Robert College, Unlu&Co, UniCo Insurance Company, ETSTur, CK Energy, UEDAS Energy, Wilo, Eurocross Assistance, Deloitte Turkey, Incı GS Yuasa, Pappara, Bilgi University, Anadolu University, İstanbul University, The Ministry of Energy and Natural Resources, TRT, Anadolu Media Agency, Ministry of Family, Labour and Social Services, Ispark, Spor AS and wide range of enterprises in different industries. 
    The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Government14%
    Comms Service Provider13%
    Computer Software Company12%
    Media Company9%
    REVIEWERS
    Financial Services Firm18%
    Non Profit9%
    Healthcare Company9%
    University9%
    VISITORS READING REVIEWS
    Computer Software Company30%
    Manufacturing Company13%
    Government7%
    Financial Services Firm5%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business31%
    Midsize Enterprise16%
    Large Enterprise53%
    REVIEWERS
    Small Business38%
    Midsize Enterprise33%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business38%
    Midsize Enterprise17%
    Large Enterprise45%
    Buyer's Guide
    Security Information and Event Management (SIEM)
    April 2024
    Download Free Report
    Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM). Updated: April 2024.
    DOWNLOAD NOW
    769,334 professionals have used our research since 2012.

    Logsign Next-Gen SIEM is ranked 39th in Security Information and Event Management (SIEM) with 2 reviews while Netsurion is ranked 16th in Security Information and Event Management (SIEM) with 24 reviews. Logsign Next-Gen SIEM is rated 7.6, while Netsurion is rated 8.4. The top reviewer of Logsign Next-Gen SIEM writes "Easy to use and find the features that you need". On the other hand, the top reviewer of Netsurion writes "The SOC center monitors, hunts, and notifies us of threats around the clock". Logsign Next-Gen SIEM is most compared with Grafana Loki, Wazuh, IBM Security QRadar, ManageEngine EventLog Analyzer and Sematext Logs, whereas Netsurion is most compared with Arctic Wolf Managed Detection and Response and CyberHat CYREBRO.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.