Netsurion vs Rapid7 InsightIDR comparison

Netsurion and Rapid7 are both solutions in the Security Information and Event Management (SIEM) category. Netsurion is ranked #17 with an average rating of 8.6, while Rapid7 is ranked #14 with an average rating of 8.1. Netsurion holds a 0.5% mindshare in SIEM, compared to Rapid7’s 2.5% mindshare. Additionally, 92% of Netsurion users are willing to recommend the solution, compared to 95% of Rapid7 users who would recommend it.

Netsurion

Read 24 Netsurion reviews

1,256 Views
678 Comparison Views

92% willing to recommend

Rapid7 InsightIDR

Read 32 Rapid7 InsightIDR reviews

7,366 Views
3,609 Comparison Views

95% willing to recommend

Netsurion

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

Rapid7 InsightIDR and Netsurion are both major players in the cybersecurity market. Rapid7 InsightIDR seems to have the upper hand for its ease of deployment and an intuitive interface, while Netsurion stands out for its feature-rich capabilities and robust customer service.

Features: Rapid7 InsightIDR includes comprehensive incident detection, automated response features, and an intuitive interface. Netsurion offers extensive threat intelligence, real-time log monitoring, and detailed analytics.

Room for Improvement: Rapid7 InsightIDR could improve its customizability, reporting functionality, and integration with other tools. Netsurion could refine its integration process with other tools, improve user customization options, and enhance its reporting features.

Ease of Deployment and Customer Service: Rapid7 InsightIDR is commended for smooth deployment models and responsive customer service. Netsurion benefits from positive feedback on its deployment process and exceptional customer service.

Pricing and ROI: Rapid7 InsightIDR's pricing is considered reasonable given its ROI, but some users find initial setup costs high. Netsurion receives favorable reviews for pricing, with users highlighting strong ROI.

To learn more, read our detailed Netsurion vs. Rapid7 InsightIDR Report (Updated: July 2025).

Buyer's Guide

Netsurion vs. Rapid7 InsightIDR

July 2025

Download the complete report

Helped 865,295 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Netsurion

Ranking in Security Information and Event Management (SIEM)

17th

Ranking in Extended Detection and Response (XDR)

20th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Managed Security Services Providers (MSSP) (4th), SOC as a Service (3rd), Managed Detection and Response (MDR) (15th)

Rapid7 InsightIDR

Ranking in Security Information and Event Management (SIEM)

14th

Ranking in Extended Detection and Response (XDR)

17th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (5th), Endpoint Detection and Response (EDR) (26th), Threat Deception Platforms (5th)

Mindshare comparison

As of August 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Netsurion is 0.5%, up from 0.3% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.5%, down from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

John-Berry

Information Technology Manager at ProfitSolv

The SOC center monitors, hunts, and notifies us of threats around the clock

I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.

Read full review

Asim Naeem

Principal IT Security & Compliance at IBEX Holdings Ltd

Providing comprehensive insight into alerts while working towards AI enhancement

I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"When it comes to threat detection and response, it does a very good job detecting and blocking on its own. And the SOC is a nice added value because they're doing analysis on things that aren't as obvious, on things that you can't just detect with a signature or behavior. Also, any SIEM will come with a lot of noise, so having them do a lot of the initial analysis to find out what's critical and what issues are false alarms is very good."

"What I like most about Netsurion is the level of visibility and reporting."

"If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically."

"When I looked last week, we probably averaged about 20 million log entries a day. So, we certainly can't individually manage that. Just looking at the reports, then trying to go back and find anything that was questionable, was a challenge. Therefore, the managed service has been invaluable to us in terms of being able to narrow the scope of what really needs to be looked at and bringing those things to our attention to be dealt with."

"Netsurion was easy to deploy. I have worked with other systems that were a little less complex, but they weren't quite as easy to deploy."

"Netsurion has its own security operations center, where it tracks information that comes across our telemetry."

"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."

"We have also integrated our endpoint security into the Netsurion SIEM. That's important because we have all the events in one place; we don't have to manage them in multiple places. In addition, the embedded MITRE ATT&CK Framework was paramount in our decision to choose Managed Threat Protection because the MITRE Framework is the industry standard for threats."

More Netsurion pros

"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."

"The solution's initial setup is easy."

"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."

"The platform offers unlimited storage and agent-based solutions."

"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."

"Dashboards, including the main screen, provide much-needed information at a glance, without hours of coding and sifting through logs to find it. In case of an actual security incident, I have faith that insightIDR has retained all logs in a secure manner that prevents log tampering as well."

"I like that it's a cloud-based solution."

"The solution is very scalable in terms of the licensing model."

More Rapid7 InsightIDR pros

Cons

"I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports."

"Netsurion's threat detection and response aren't quite mature. I would expect a little more."

"There are some issues with searches taking a long period of time, but they assured me that they have implemented a new search function that's available in version 9, but which requires a solid-state hard drive... Depending on how many logs you have it could take a long time to return the results if you're looking back prior to the last 30 days."

"Everything that I've wanted has been added in. EDR was added, and MITRE was added. Those were two big ones that we didn't even have to push for."

"There's always room to improve because there would be no competition if they had a perfect solution. The GUI to perform searches within the product may not be intuitive to a new user."

"Probably the biggest thing is just: Can I search for this and what's the best way to do it? If I'm looking for two events versus a singular event, I just throw it back at them. They're the experts on it."

"The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later."

"I would also like to have a dashboard that I can access anytime to review the real-time data from their website."

More Netsurion cons

"Cloud risk assessment is one area where I think they need a lot of improvement."

"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."

"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."

"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."

"Inability to get access to compliance reports within the solution."

"The main problem lies in the processes within the client's operating systems."

"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."

"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."

More Rapid7 InsightIDR cons

Pricing and Cost Advice

"Our budget follows the calendar year. We just started a new budget year at the beginning of the month. We did budget for an increase in our threat management system selection. Therefore, we have the budget to implement and accommodate a threat management system change, including an increase for the quoted actions that we received to improve EventTracker. We are just waiting on our council to approve that budget, which might not be for a little while. Hopefully, when they do, we will be able to jump on doing something."

"Netsurion's pricing is extremely fair and flexible. The price of their SIEM product is reasonable, and you can pay for those services you want on top of that. It wasn't cheap, but it's competitive, and we intend to renew our contract."

"EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."

"When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."

"I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."

"Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good."

"You are paying for different levels, especially as far as the monitoring goes and how often you review it with the team. The other factor that figures in is how many nodes are on your network, such as clients, network equipment, servers, etc. There are some additional pieces on top of that, but it's laid out pretty simply, as far as how much you're going to pay for a node."

"We have seen time and cost savings. It prevents us from having to hire specialized people for this type of work. We would need to hire six staff members to accommodate the same service."

More Netsurion pricing and cost advice

"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."

"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."

"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."

"The pricing is good, and it is not very expensive."

"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help."

"The pricing of the solution depends on the user. But there is a yearly licensing cost."

"The solution has a mid-range price point in the market"

"It is a reasonably priced solution."

More Rapid7 InsightIDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

865,295 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

25%

Performing Arts

Government

Manufacturing Company

Computer Software Company

15%

Manufacturing Company

Financial Services Firm

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Netsurion Managed Threat Protection?

Expediting incident response is really great.

See all answers

What is your experience regarding pricing and costs for Netsurion Managed Threat Protection?

Their pricing is high. I don't know if it's a barrier. The quality speaks to the price. The price is the price. They provide what they promise. From a purchasing perspective, I just have to come ba...

See all answers

What needs improvement with Netsurion Managed Threat Protection?

There is one area that needs improvement and that is with the agents and the server that's on-site. The system requirements are very, very high. So I need a pretty powerful server to run. If they c...

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

Comparisons

Arctic Wolf Managed Detection and Response vs Netsurion

Compared 24% of the time

Sumo Logic Security vs Netsurion

Compared 22% of the time

Devo vs Netsurion

Compared 21% of the time

Fortinet FortiSIEM vs Netsurion

Compared 18% of the time

IBM Security QRadar vs Netsurion

Compared 15% of the time

More Netsurion Competitors

Darktrace vs Rapid7 InsightIDR

Compared 9% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 8% of the time

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 7% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 5% of the time

Splunk Enterprise Security vs Rapid7 InsightIDR

Compared 5% of the time

More Rapid7 InsightIDR Competitors

Product Reports

Buyer's Guide

Netsurion

August 2025

Download Netsurion product report

Buyer's Guide

Rapid7 InsightIDR

August 2025

Download Rapid7 InsightIDR product report

Also Known As

Netsurion Managed Threat Protection, Netsurion EventTracker

InsightIDR

Overview

Netsurion offers a comprehensive solution for centralized log management, SIEM, and managed services, ensuring continuous monitoring and security event analysis for diverse organizations, enhancing IT security and compliance.

Netsurion centralizes event management through SIEM and managed services. Organizations leverage it for vulnerability assessment and intrusion detection, integrating logs from Windows, Linux, and network devices. Its SOC provides 24/7 monitoring, ensuring compliance with PCI and audit standards. Real-time alerts and efficient log data aggregation enhance threat identification and response. Weekly reports and insights into user lockouts contribute to robust security management, beneficial for firms with constrained resources.

What are some key features of Netsurion?

SIEM Integration: Centralizes security event data for easier management.
Managed Services: Provides 24/7 SOC monitoring and support.
Real-TIme Alerts: Notifies of unusual security events promptly.
Threat Intelligence: Delivers actionable insights for proactive defense.
Seamless Platform Integration: Compatible with Office 365, firewalls, and other platforms.

How can companies benefit from using Netsurion?

Enhanced Security Management: Real-time monitoring and alerts streamline threat response.
PCI Compliance: Supports meeting audit and regulatory requirements efficiently.
Resource Optimization: Weekly reports and detailed insights aid decision-making for limited-resource organizations.
Improved Threat Detection: Consolidating logs and real-time intelligence helps in identifying threats swiftly.

Netsurion is implemented across industries like finance, healthcare, and retail, where security is crucial. These sectors require robust monitoring and compliance solutions, utilizing Netsurion's seamless integration with their existing infrastructure to manage security operations effectively, addressing both regulatory needs and threat management.

Netsurion

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

Sample Customers

The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores

Liberty Wines, Pioneer Telephone, Visier

Buyer's Guide

Netsurion vs. Rapid7 InsightIDR

July 2025

Free Report: Netsurion vs. Rapid7 InsightIDR

Find out what your peers are saying about Netsurion vs. Rapid7 InsightIDR and other solutions. Updated: July 2025.

DOWNLOAD NOW

865,295 professionals have used our research since 2012.

See our Netsurion vs. Rapid7 InsightIDR report.

See our list of best Security Information and Event Management (SIEM) vendors and best Extended Detection and Response (XDR) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.