Netsurion vs Rapid7 InsightIDR comparison

Netsurion and Rapid7 are both solutions in the Security Information and Event Management (SIEM) category. Netsurion is ranked #54, while Rapid7 is ranked #14 with an average rating of 7.8. Netsurion holds a 0.7% mindshare in SIEM, compared to Rapid7’s 2.1% mindshare. Additionally, 92% of Netsurion users are willing to recommend the solution, compared to 96% of Rapid7 users who would recommend it.

Netsurion

Read 24 Netsurion reviews

2,006 Views
1,063 Comparison Views

92% willing to recommend

Rapid7 InsightIDR

Read 32 Rapid7 InsightIDR reviews

6,954 Views
3,407 Comparison Views

96% willing to recommend

Netsurion

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

Rapid7 InsightIDR and Netsurion are both major players in the cybersecurity market. Rapid7 InsightIDR seems to have the upper hand for its ease of deployment and an intuitive interface, while Netsurion stands out for its feature-rich capabilities and robust customer service.

Features: Rapid7 InsightIDR includes comprehensive incident detection, automated response features, and an intuitive interface. Netsurion offers extensive threat intelligence, real-time log monitoring, and detailed analytics.

Room for Improvement: Rapid7 InsightIDR could improve its customizability, reporting functionality, and integration with other tools. Netsurion could refine its integration process with other tools, improve user customization options, and enhance its reporting features.

Ease of Deployment and Customer Service: Rapid7 InsightIDR is commended for smooth deployment models and responsive customer service. Netsurion benefits from positive feedback on its deployment process and exceptional customer service.

Pricing and ROI: Rapid7 InsightIDR's pricing is considered reasonable given its ROI, but some users find initial setup costs high. Netsurion receives favorable reviews for pricing, with users highlighting strong ROI.

To learn more, read our detailed Netsurion vs. Rapid7 InsightIDR Report (Updated: January 2026).

Buyer's Guide

Netsurion vs. Rapid7 InsightIDR

January 2026

Download the complete report

Helped 881,565 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Netsurion

Ranking in Security Information and Event Management (SIEM)

54th

Ranking in Extended Detection and Response (XDR)

47th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Managed Security Services Providers (MSSP) (33rd), SOC as a Service (14th), Managed Detection and Response (MDR) (39th)

Rapid7 InsightIDR

Ranking in Security Information and Event Management (SIEM)

14th

Ranking in Extended Detection and Response (XDR)

18th

Average Rating

8.4

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (8th), Endpoint Detection and Response (EDR) (23rd), Threat Deception Platforms (4th)

Mindshare comparison

As of February 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Netsurion is 0.7%, up from 0.3% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.1%, down from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Market Share Distribution
Product	Market Share (%)
Rapid7 InsightIDR	2.1%
Netsurion	0.7%
Other	97.2%

Security Information and Event Management (SIEM)

Featured Reviews

John-Berry

Information Technology Manager at ProfitSolv

The SOC center monitors, hunts, and notifies us of threats around the clock

I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.

Read full review

SohailHyder

Head Of Cyber Security at Super Secure

Has supported compliance needs for mid-sized organizations but lacks customization and advanced integration

If we pitch Rapid7 InsightIDR against solutions such as SIEMs from Splunk or LogRhythm, it is not as customizable as a SIEM solution is. This is where it can improve if we keep in front the feature sets of a complete SIEM solution. Most common in the market is QRadar, but it is depleting now. It has been taken over by some other products such as Splunk and LogRhythm. If we compare these things with Rapid7 InsightIDR, then there are definitely some gaps that need to be filled. Data retention is also one concern because Rapid7 InsightIDR is cloud-based and operates on a subscription model. Whatever data you want to retain, it has to be paid for separately or it has a cost. Other solutions that are on-premises can have their own infrastructure or they provide some data retention for a month or in some capacity-wise, they provide that solution to them which makes them more attractive.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"There are a host of things that are most valuable. Obviously monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our switches, all that stuff. They aggregate and correlate that quarterly. They'll tell us if we're getting a lot of login failures and something is going on or if something's weird."

"We don't have the eyeballs available to stare and watch for things, or even have the capability of building internal alert systems. So, the managed SOC has been huge for freeing up staff to work on other responsibilities. We are saving on at least one full-time employee."

"What I like most about Netsurion is the level of visibility and reporting."

"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."

"The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls in."

"Netsurion was easy to deploy. I have worked with other systems that were a little less complex, but they weren't quite as easy to deploy."

"The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're monitoring."

"If I were to look at logs manually, there's no way I could do that. As an example, they are 48 million logs processed a day. There is no way I could look at all 48 million of those. So, it gives me a good structure to be able to look at the different incidents which are created and do different searches."

More Netsurion pros

"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."

"I like the tool's user analysis feature."

"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."

"Integration with threat modeling from the Metasploit and InsightIDR repositories."

"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."

"Rapid7 InsightIDR is budget-friendly and has a good market position because not everybody can afford to go for LogRhythm or Splunk or QRadar."

"The solution is very stable and works very well for what I need it to do."

"I definitely recommend Rapid7 InsightIDR."

More Rapid7 InsightIDR pros

Cons

"The biggest problem is that we have too many domain controllers. So, we have to keep all the clients and main system updated with the latest versions along with making sure all the firewalls are open."

"The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated."

"Everything that I've wanted has been added in. EDR was added, and MITRE was added. Those were two big ones that we didn't even have to push for."

"I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports."

"I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events."

"The agents on the endpoints seem to fail quite a bit, requiring manual involvement from the local administrators. I would like to see their product be much more ad hoc and update automatically."

"Probably the biggest thing is just: Can I search for this and what's the best way to do it? If I'm looking for two events versus a singular event, I just throw it back at them. They're the experts on it."

"The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later."

More Netsurion cons

"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."

"The main problem lies in the processes within the client's operating systems."

"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."

"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."

"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."

"The searching feature in Rapid7 InsightIDR needs to evolve"

"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."

"The APIs can be further improved in Rapid7."

More Rapid7 InsightIDR cons

Pricing and Cost Advice

"Our budget follows the calendar year. We just started a new budget year at the beginning of the month. We did budget for an increase in our threat management system selection. Therefore, we have the budget to implement and accommodate a threat management system change, including an increase for the quoted actions that we received to improve EventTracker. We are just waiting on our council to approve that budget, which might not be for a little while. Hopefully, when they do, we will be able to jump on doing something."

"You are paying for different levels, especially as far as the monitoring goes and how often you review it with the team. The other factor that figures in is how many nodes are on your network, such as clients, network equipment, servers, etc. There are some additional pieces on top of that, but it's laid out pretty simply, as far as how much you're going to pay for a node."

"I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."

"We have seen time and cost savings. It prevents us from having to hire specialized people for this type of work. We would need to hire six staff members to accommodate the same service."

"Our pricing for Netsurion last year was US $52,000 per year."

"In the security space, it's hard to quantify your return on investment. So, I don't. We spend about $40,000 a year and so. It's hard to say if the SIEM saved that much money."

"Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good."

"EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."

More Netsurion pricing and cost advice

"Rapid7 InsightIDR's pricing is reasonable but we have challenges with the Minimum Order Quantity. It is not reasonable for customers who have less than one hundred devices. If they can reduce Minimum Order Quantity, it is good. You have to pay around 5000-6000 dollars per year for the product. The pricing includes maintenance and support costs."

"The pricing of the solution depends on the user. But there is a yearly licensing cost."

"The solution has a mid-range price point in the market"

"It is a reasonably priced solution."

"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."

"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."

"The pricing and licensing are competitive."

"Rapid7 InsightIDR is priced very well and is cost-effective."

More Rapid7 InsightIDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

881,565 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Performing Arts

16%

Manufacturing Company

Outsourcing Company

Retailer

Computer Software Company

11%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	7
Large Enterprise	7

By reviewers
Company Size	Count
Small Business	20
Midsize Enterprise	5
Large Enterprise	6

Questions from the Community

Ask a question

Earn 20 points

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

The product pricing is very cheap.

See all answers

Comparisons

Legato Security vs Netsurion

Compared 8% of the time

IBM Security QRadar vs Netsurion

Compared 7% of the time

GoSecure Titan Platform vs Netsurion

Compared 6% of the time

Devo vs Netsurion

Compared 6% of the time

Fortinet FortiSIEM vs Netsurion

Compared 6% of the time

More Netsurion Competitors

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 5% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 5% of the time

Splunk Enterprise Security vs Rapid7 InsightIDR

Compared 5% of the time

CrowdStrike Falcon vs Rapid7 InsightIDR

Compared 4% of the time

Darktrace vs Rapid7 InsightIDR

Compared 3% of the time

More Rapid7 InsightIDR Competitors

Product Reports

Buyer's Guide

Netsurion

January 2026

Download Netsurion product report

Buyer's Guide

Rapid7 InsightIDR

January 2026

Download Rapid7 InsightIDR product report

Also Known As

Netsurion Managed Threat Protection, Netsurion EventTracker

InsightIDR

Overview

Netsurion offers robust SIEM capabilities enhanced by managed services, facilitating efficient threat identification and response with real-time alerts and comprehensive reporting.

Netsurion stands out for its integration of SIEM, IDS, and vulnerability management. Its real-time threat alerts and dashboards enhance user response capabilities. With centralized logging from Windows, Linux, Cisco devices, firewalls, and Active Directory, Netsurion enables effective compliance support for HIPAA and PCI standards. Managed Threat Protection with the embedded MITRE ATT&CK Framework enhances threat intelligence, while its evolving interface aims to improve user interactions. However, some users find deployment and searching challenging, pointing to areas for improvement.

What are Netsurion's key features?

SIEM Capabilities: Efficient threat identification using real-time alerts and dashboards.
Managed Services: Provides remote monitoring and advisory support.
Comprehensive Reporting: Assists in compliance and actionable insights.
MITRE ATT&CK Framework: Enhances threat intelligence and management.
Seamless Integration: Works with existing systems for streamlined operations.

What benefits should users consider in reviews?

Threat Response Tool: Rapid identification and response to security incidents.
Usability: Efforts to evolve and simplify user interactions.
Operational Efficiency: Streamlined processes through integration and managed services.
Compliance Support: Assistance with industry standards like HIPAA and PCI.

Netsurion is frequently implemented in industries requiring comprehensive security monitoring and compliance, such as healthcare and finance. It aids businesses in consolidating security efforts, offering insights into user activities and system changes, an asset for companies lacking substantial internal resources.

Netsurion

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Rapid7

Sample Customers

The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores

Liberty Wines, Pioneer Telephone, Visier

Buyer's Guide

Netsurion vs. Rapid7 InsightIDR

January 2026

Free Report: Netsurion vs. Rapid7 InsightIDR

Find out what your peers are saying about Netsurion vs. Rapid7 InsightIDR and other solutions. Updated: January 2026.

DOWNLOAD NOW

881,565 professionals have used our research since 2012.

See our Netsurion vs. Rapid7 InsightIDR report.

See our list of best Security Information and Event Management (SIEM) vendors and best Extended Detection and Response (XDR) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.