We performed a comparison between Netsurion and SentinelOne Vigilance based on real PeerSpot user reviews.
Find out in this report how the two Managed Detection and Response (MDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The case interface is Binary Defense MDR's most valuable feature."
"Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."
"One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."
"The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."
"The most valuable features are the SIEM and the ticketing function; the latter is very smooth and easy to read and understand. We don't have any issues looking at the ticketing information when we're trying to identify what's going on."
"The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."
"The most valuable feature is reviewing tickets and the notes added by technicians."
"Binary Defense has a human service department that provides live monitoring for our systems."
"Their SOC team manages vulnerability management and IOC reviews. They stop bad processes when they happen. The best thing is their weekly reviews of what has been going on in the infrastructure as well as the things that they see and what we should look out for."
"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."
"They have what they call Elasticsearch which is very quick, although that's only available for the last seven days' worth of data. It used to be that, if I wanted to do a search from three days ago, it might take me 10 to 15 minutes because it had to actually unzip some archive files. So I really like that feature. It's almost instantaneous for anything within the last seven days."
"Netsurion has its own security operations center, where it tracks information that comes across our telemetry."
"The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls in."
"The most valuable feature is definitely real-time alerting, especially in situations where someone might attempt to exploit or hack into our network."
"I like the UI, overall. I like the main page and there are aspects of the search page that I like. When you bring it up on the left-hand side of the page, as you look at the events, the ability to simply hit and click the plus/minus to pull events in and out of the overall view is well done and is very effective from a threat-hunting and an analysis perspective. I like the detail it shows."
"I like EventTracker's dashboard. I see it every time I log in because it's the first thing you get to. We have our own widgets that we use. For the sake of transparency, there are a few widgets that we look at there and then we move out from there... Among the particularly helpful widgets, the not-reporting widget is a big one. The number-of-logs-processed is also a good one."
"The most valuable feature of the solution is its performance, which is very important for us in our company."
"I would rate SentinelOne's customer service and support a five out of five."
"SentinelOne is a comprehensive solution for protecting SOAP-based web services and AWS-based cloud infrastructure."
"SentinelOne Vigilance is an endpoint security tool with quarantining, dashboards showing us information, and many capabilities like manual and automatic quarantine of environmental issues."
"The most valuable feature is that it works and isn't compromised. Other solutions I have used have all been compromised and SentinelOne is the only one that hasn't been compromised as far as I understand."
"The most valuable feature is protection against ransomware and malware."
"The SentinelOne Active EDR is the most valuable feature."
"Stable solution for protecting, deploying, and managing endpoints, and comes with valuable features such as behavioral analytics and machine learning."
"I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine."
"The current reporting system could benefit from improvement."
"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."
"Binary Defense MDR could be even better with additional features, like automatic scans and file quarantine."
"We found a couple of bugs in the user interface."
"I would like to see more frequent check-ins with our security status."
"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."
"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."
"The biggest problem is that we have too many domain controllers. So, we have to keep all the clients and main system updated with the latest versions along with making sure all the firewalls are open."
"The agents on the endpoints seem to fail quite a bit, requiring manual involvement from the local administrators. I would like to see their product be much more ad hoc and update automatically."
"We get a report generated on a particular day of the week and we go through it, trying to mitigate problems and make sure we're seeing everything that's happening. It would be helpful if the SOC spent a little more time with us going through some of those reports."
"Netsurion's SOC can be a bit too aggressive at times."
"With version 8, there are quite a few things. The query tool was one of the big ones, and the query speed was one of the big ones, but they've made some great strides between versions 8 and 9. There were also issues in version 8 around the ability to get the data back out. It's one thing to collect data, but it's a whole other thing to be able to present it or run it in a timely manner. The old tool, depending on how far back I was looking, might even time out and I would have to run it again."
"They have their programs and tools that you have to put into your own environment. We basically ingest all the log data and then push it out to them. I wish it was a little bit different than that where we just push directly towards them. I do not know if that is a function that they thought would be better in terms of security, but I wish that instead of doing that, it should go from the device to them and not from the device to another system and then out to them. There seem to be some drawbacks to doing that."
"Everything that I've wanted has been added in. EDR was added, and MITRE was added. Those were two big ones that we didn't even have to push for."
"The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated."
"It is not easy to remove the customer without the dashboard."
"My only complaint is that the knowledge base is not accessible to the customer."
"SentinelOne Vigilance could improve if it provided us with more control over the dashboard."
"My customers who use the tool mostly want a summary of the monitoring activities of the product in a report form...t can be useful for our customers to identify the threats and incidents encountered by the product."
"When upgrades are required on the server, you need to almost remove SentinelOne Vigilance completely off the system. We put SentinelOne Vigilance on silence for the monitor mode, but we were having trouble upgrading the server. I had to remove SentinelOne Vigilance completely from the server, but that meant that all the previous logs of attacks I wanted to look at on the server were gone. This is one thing they need to improve, they need better compatibility with the Microsoft Windows service. I should not have to remove the agent completely to upgrade the service."
"The process to replicate exclusions is not user-friendly."
"The tool needs improvement in clear communication and detection."
"It's too early to say what needs improvement."
Netsurion is ranked 13th in Managed Detection and Response (MDR) with 24 reviews while SentinelOne Vigilance is ranked 4th in Managed Detection and Response (MDR) with 18 reviews. Netsurion is rated 8.4, while SentinelOne Vigilance is rated 8.4. The top reviewer of Netsurion writes "The SOC center monitors, hunts, and notifies us of threats around the clock". On the other hand, the top reviewer of SentinelOne Vigilance writes "Very easy to use with multiple options for licensing and scaling". Netsurion is most compared with Arctic Wolf Managed Detection and Response, CyberHat CYREBRO and Wazuh, whereas SentinelOne Vigilance is most compared with Huntress, Blackpoint Cyber MDR, CrowdStrike Falcon Complete, Secureworks Taegis ManagedXDR and Sophos MDR. See our Netsurion vs. SentinelOne Vigilance report.
See our list of best Managed Detection and Response (MDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
