Netsurion vs Rapid7 InsightIDR comparison

Netsurion and Rapid7 are both solutions in the Security Information and Event Management (SIEM) category. Netsurion is ranked #54, while Rapid7 is ranked #14 with an average rating of 7.8. Netsurion holds a 0.7% mindshare in SIEM, compared to Rapid7’s 2.1% mindshare. Additionally, 92% of Netsurion users are willing to recommend the solution, compared to 96% of Rapid7 users who would recommend it.

Netsurion

Read 24 Netsurion reviews

2,006 Views
1,063 Comparison Views

92% willing to recommend

Rapid7 InsightIDR

Read 32 Rapid7 InsightIDR reviews

6,954 Views
3,407 Comparison Views

96% willing to recommend

Netsurion

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

Rapid7 InsightIDR and Netsurion are both major players in the cybersecurity market. Rapid7 InsightIDR seems to have the upper hand for its ease of deployment and an intuitive interface, while Netsurion stands out for its feature-rich capabilities and robust customer service.

Features: Rapid7 InsightIDR includes comprehensive incident detection, automated response features, and an intuitive interface. Netsurion offers extensive threat intelligence, real-time log monitoring, and detailed analytics.

Room for Improvement: Rapid7 InsightIDR could improve its customizability, reporting functionality, and integration with other tools. Netsurion could refine its integration process with other tools, improve user customization options, and enhance its reporting features.

Ease of Deployment and Customer Service: Rapid7 InsightIDR is commended for smooth deployment models and responsive customer service. Netsurion benefits from positive feedback on its deployment process and exceptional customer service.

Pricing and ROI: Rapid7 InsightIDR's pricing is considered reasonable given its ROI, but some users find initial setup costs high. Netsurion receives favorable reviews for pricing, with users highlighting strong ROI.

To learn more, read our detailed Netsurion vs. Rapid7 InsightIDR Report (Updated: January 2026).

Buyer's Guide

Netsurion vs. Rapid7 InsightIDR

January 2026

Download the complete report

Helped 881,515 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Netsurion

Ranking in Security Information and Event Management (SIEM)

54th

Ranking in Extended Detection and Response (XDR)

47th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Managed Security Services Providers (MSSP) (33rd), SOC as a Service (14th), Managed Detection and Response (MDR) (39th)

Rapid7 InsightIDR

Ranking in Security Information and Event Management (SIEM)

14th

Ranking in Extended Detection and Response (XDR)

18th

Average Rating

8.4

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (8th), Endpoint Detection and Response (EDR) (23rd), Threat Deception Platforms (4th)

Mindshare comparison

As of February 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Netsurion is 0.7%, up from 0.3% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.1%, down from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Market Share Distribution
Product	Market Share (%)
Rapid7 InsightIDR	2.1%
Netsurion	0.7%
Other	97.2%

Security Information and Event Management (SIEM)

Featured Reviews

John-Berry

Information Technology Manager at ProfitSolv

The SOC center monitors, hunts, and notifies us of threats around the clock

I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.

Read full review

SohailHyder

Head Of Cyber Security at Super Secure

Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration

If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I think Netsurion scales well. We've gone from a small number of agents up to thousands. So I would imagine that it would continue to scale. I don't see any issue with that."

"We have also integrated our endpoint security into the Netsurion SIEM. That's important because we have all the events in one place; we don't have to manage them in multiple places. In addition, the embedded MITRE ATT&CK Framework was paramount in our decision to choose Managed Threat Protection because the MITRE Framework is the industry standard for threats."

"If I were to look at logs manually, there's no way I could do that. As an example, they are 48 million logs processed a day. There is no way I could look at all 48 million of those. So, it gives me a good structure to be able to look at the different incidents which are created and do different searches."

"I like the UI, overall. I like the main page and there are aspects of the search page that I like. When you bring it up on the left-hand side of the page, as you look at the events, the ability to simply hit and click the plus/minus to pull events in and out of the overall view is well done and is very effective from a threat-hunting and an analysis perspective. I like the detail it shows."

"The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats."

"What I like most about Netsurion is the level of visibility and reporting."

"When it comes to threat detection and response, it does a very good job detecting and blocking on its own. And the SOC is a nice added value because they're doing analysis on things that aren't as obvious, on things that you can't just detect with a signature or behavior. Also, any SIEM will come with a lot of noise, so having them do a lot of the initial analysis to find out what's critical and what issues are false alarms is very good."

"If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically."

More Netsurion pros

"We were able to identify criminals attempting to login from China and put a stop on their IP locations."

"If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities."

"Integration with threat modeling from the Metasploit and InsightIDR repositories."

"I like the tool's user analysis feature."

"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."

"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."

"Log search allows us to dive deep into aggregated logs and query all event types at once."

"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."

More Rapid7 InsightIDR pros

Cons

"It would be great if they had a client for phones by which they could push a notification to us, as opposed to via email."

"Netsurion's SOC can be a bit too aggressive at times."

"Communication is always something that can be improved, but I feel that any time we've had a communication issue, it's quickly addressed when we bring those up at the monthly meetings. Usually, it's an individual that wasn't clear in the communication, it's not the process per se. You always have to be able to segregate if the process didn't work or an individual either didn't say the right thing or my people didn't understand what they were being told."

"I would also like to have a dashboard that I can access anytime to review the real-time data from their website."

"The agents on the endpoints seem to fail quite a bit, requiring manual involvement from the local administrators. I would like to see their product be much more ad hoc and update automatically."

"Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging."

"The biggest problem is that we have too many domain controllers. So, we have to keep all the clients and main system updated with the latest versions along with making sure all the firewalls are open."

"I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports."

More Netsurion cons

"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."

"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."

"There are certain limitations with Rapid7 that I am working on."

"Needs a better ability to customize the check within the console."

"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."

"Cloud risk assessment is one area where I think they need a lot of improvement."

"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."

"Inability to get access to compliance reports within the solution."

More Rapid7 InsightIDR cons

Pricing and Cost Advice

"Our pricing for Netsurion last year was US $52,000 per year."

"We put together the package of what we needed. It was based pretty much on the number of agents that we were deploying. If we needed to manage logging from certain specific applications, like Active Directory and SQL Server, there has been no additional cost for that. We had agents deployed for those specific servers and the applications were included, then there was just an additional installation that they had to do for us."

"Netsurion's pricing is extremely fair and flexible. The price of their SIEM product is reasonable, and you can pay for those services you want on top of that. It wasn't cheap, but it's competitive, and we intend to renew our contract."

"EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."

"When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."

"The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value."

"It is a bit expensive as compared to some of the other products that have come out in recent years. Expense-wise, the only downside is that it is not cheap."

"I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."

More Netsurion pricing and cost advice

"I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability."

"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."

"Rapid7 InsightIDR charges us based on the endpoints we connect to."

"The pricing and licensing are competitive."

"It is more reasonably priced than other vendors."

"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help."

"The pricing is good, and it is not very expensive."

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

More Rapid7 InsightIDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

881,515 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Performing Arts

16%

Manufacturing Company

Outsourcing Company

Retailer

Computer Software Company

11%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	7
Large Enterprise	7

By reviewers
Company Size	Count
Small Business	20
Midsize Enterprise	5
Large Enterprise	6

Questions from the Community

Ask a question

Earn 20 points

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

Comparisons

Legato Security vs Netsurion

Compared 8% of the time

IBM Security QRadar vs Netsurion

Compared 7% of the time

Devo vs Netsurion

Compared 6% of the time

GoSecure Titan Platform vs Netsurion

Compared 6% of the time

Fortinet FortiSIEM vs Netsurion

Compared 6% of the time

More Netsurion Competitors

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 5% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 5% of the time

Splunk Enterprise Security vs Rapid7 InsightIDR

Compared 5% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 4% of the time

Darktrace vs Rapid7 InsightIDR

Compared 3% of the time

More Rapid7 InsightIDR Competitors

Product Reports

Buyer's Guide

Netsurion

January 2026

Download Netsurion product report

Buyer's Guide

Rapid7 InsightIDR

January 2026

Download Rapid7 InsightIDR product report

Also Known As

Netsurion Managed Threat Protection, Netsurion EventTracker

InsightIDR

Overview

Netsurion offers robust SIEM capabilities enhanced by managed services, facilitating efficient threat identification and response with real-time alerts and comprehensive reporting.

Netsurion stands out for its integration of SIEM, IDS, and vulnerability management. Its real-time threat alerts and dashboards enhance user response capabilities. With centralized logging from Windows, Linux, Cisco devices, firewalls, and Active Directory, Netsurion enables effective compliance support for HIPAA and PCI standards. Managed Threat Protection with the embedded MITRE ATT&CK Framework enhances threat intelligence, while its evolving interface aims to improve user interactions. However, some users find deployment and searching challenging, pointing to areas for improvement.

What are Netsurion's key features?

SIEM Capabilities: Efficient threat identification using real-time alerts and dashboards.
Managed Services: Provides remote monitoring and advisory support.
Comprehensive Reporting: Assists in compliance and actionable insights.
MITRE ATT&CK Framework: Enhances threat intelligence and management.
Seamless Integration: Works with existing systems for streamlined operations.

What benefits should users consider in reviews?

Threat Response Tool: Rapid identification and response to security incidents.
Usability: Efforts to evolve and simplify user interactions.
Operational Efficiency: Streamlined processes through integration and managed services.
Compliance Support: Assistance with industry standards like HIPAA and PCI.

Netsurion is frequently implemented in industries requiring comprehensive security monitoring and compliance, such as healthcare and finance. It aids businesses in consolidating security efforts, offering insights into user activities and system changes, an asset for companies lacking substantial internal resources.

Netsurion

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

Sample Customers

The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores

Liberty Wines, Pioneer Telephone, Visier

Buyer's Guide

Netsurion vs. Rapid7 InsightIDR

January 2026

Free Report: Netsurion vs. Rapid7 InsightIDR

Find out what your peers are saying about Netsurion vs. Rapid7 InsightIDR and other solutions. Updated: January 2026.

DOWNLOAD NOW

881,515 professionals have used our research since 2012.

See our Netsurion vs. Rapid7 InsightIDR report.

See our list of best Security Information and Event Management (SIEM) vendors and best Extended Detection and Response (XDR) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.