Netsurion vs Rapid7 InsightIDR comparison

You must select at least 2 products to compare!
Microsoft Logo
5,482 views|4,069 comparisons
Netsurion Logo
310 views|115 comparisons
Rapid7 Logo
1,016 views|567 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Netsurion and Rapid7 InsightIDR based on real PeerSpot user reviews.

Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Netsurion vs. Rapid7 InsightIDR Report (Updated: January 2024).
757,198 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment.""We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us.""The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts.""The common and advanced security policies for threat hunting and blocking attacks are valuable.""The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update.""The visibility into threats that 365 Defender provides is really good. You get a full review of your security system and what can be improved. In the Microsoft 365 Defender portal the first page gives you a really big summary of which security policies you are following and what can be improved.""I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications.""The solution is well integrated with applications. It is easy to maintain and administer."

More Microsoft Defender XDR Pros →

"I like EventTracker's dashboard. I see it every time I log in because it's the first thing you get to. We have our own widgets that we use. For the sake of transparency, there are a few widgets that we look at there and then we move out from there... Among the particularly helpful widgets, the not-reporting widget is a big one. The number-of-logs-processed is also a good one.""Netsurion was easy to deploy. I have worked with other systems that were a little less complex, but they weren't quite as easy to deploy.""If I were to look at logs manually, there's no way I could do that. As an example, they are 48 million logs processed a day. There is no way I could look at all 48 million of those. So, it gives me a good structure to be able to look at the different incidents which are created and do different searches.""The most valuable feature is definitely real-time alerting, especially in situations where someone might attempt to exploit or hack into our network.""What I like most about Netsurion is the level of visibility and reporting.""There are a host of things that are most valuable. Obviously monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our switches, all that stuff. They aggregate and correlate that quarterly. They'll tell us if we're getting a lot of login failures and something is going on or if something's weird.""The product satisfies our compliance, and thus, all of our auditors. All of the data that we use and store for all security events is required by our auditors to be kept in a central storage location.""Netsurion's 24/7 monitoring has enhanced the overall security of the company. They have someone looking at the data 24/7 who will call us as needed. If their team spots a malicious process after hours, they notify the appropriate person by phone. We get a lot of actionable threat intelligence from Netsurion. For example, if a user clicks on a malicious link in a web page and starts an unusual process that isn't on the white-list, Netsurion's team can detect it and prevent it from executing. Afterward, they'll notify us by telephone, so we can respond and clean up whatever damage has occurred."

More Netsurion Pros →

"Very intuitive and easy to set up.""Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log.""The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily.""The alerting to drive investigations and remediation has been its most valuable feature.​""If you were on other solutions, you would notice that they use agents from third-party, from open-source, from a native OS, or from other tools. Here, however, it is an agent from Rapid7 itself. This adds to the solution's overall capabilities.""Simple configuration and automatically syncs to the cloud platform.""Features for user behavior analytics and the rules for attack review are good.""InsightIDR helps us investigate an environment to discover information about incidents."

More Rapid7 InsightIDR Pros →

"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging.""Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation.""Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR.""The licensing is a nightmare and has room for improvement.""The console is missing some features that would be helpful for a managed services provider, like device and user management.""Intrusion detection and prevention would be great to have with 365 Defender.""The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform.""The capability to not only thwart attacks but also to adapt to evolving threats is crucial."

More Microsoft Defender XDR Cons →

"The system requirements are very, very high. So I need a pretty powerful server to run. If they could lighten that load so that the on-premise part of their product didn't impact my systems as much that would be ideal.""I would like to see the dashboard come up more quickly.""I would also like to have a dashboard that I can access anytime to review the real-time data from their website.""There are some issues with searches taking a long period of time, but they assured me that they have implemented a new search function that's available in version 9, but which requires a solid-state hard drive... Depending on how many logs you have it could take a long time to return the results if you're looking back prior to the last 30 days.""Netsurion's threat detection and response aren't quite mature. I would expect a little more.""They have their programs and tools that you have to put into your own environment. We basically ingest all the log data and then push it out to them. I wish it was a little bit different than that where we just push directly towards them. I do not know if that is a function that they thought would be better in terms of security, but I wish that instead of doing that, it should go from the device to them and not from the device to another system and then out to them. There seem to be some drawbacks to doing that.""I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events.""Everything that I've wanted has been added in. EDR was added, and MITRE was added. Those were two big ones that we didn't even have to push for."

More Netsurion Cons →

"The ability to tune the collector for custom logs would greatly help.""The main problem lies in the processes within the client's operating systems.""One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level.""The dashboard is an area that could be simplified.""One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not.""Needs a better ability to customize the check within the console.""The APIs can be further improved in Rapid7.""Cloud risk assessment is one area where I think they need a lot of improvement."

More Rapid7 InsightIDR Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."
  • More Microsoft Defender XDR Pricing and Cost Advice →

  • "The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value."
  • "Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good."
  • "The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same."
  • "The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high."
  • "I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."
  • "When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."
  • "EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."
  • "In the security space, it's hard to quantify your return on investment. So, I don't. We spend about $40,000 a year and so. It's hard to say if the SIEM saved that much money."
  • More Netsurion Pricing and Cost Advice →

  • "​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
  • "The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
  • "Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
  • "​Accurately predict your licensing counts as this is a subscription based product.​"
  • "The pricing and licensing are competitive."
  • "Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
  • "It is a reasonably priced solution."
  • "It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
  • More Rapid7 InsightIDR Pricing and Cost Advice →

    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    757,198 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The integration with other Microsoft solutions is the most valuable feature.
    Top Answer:The mobile app support for Android and iOS is difficult and needs improvement.
    Top Answer:Their pricing is high. I don't know if it's a barrier. The quality speaks to the price. The price is the price. They… more »
    Top Answer:There is one area that needs improvement and that is with the agents and the server that's on-site. The system… more »
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is… more »
    Top Answer:The solution is very stable and works very well for what I need it to do.
    Top Answer:Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very… more »
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    Netsurion Managed Threat Protection, Netsurion EventTracker
    Learn More
    Video Not Available
    Video Not Available
    Video Not Available
    Interactive Demo
    Demo Not Available
    Demo Not Available

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Our open XDR platform unifies your existing security telemetry to deliver wider attack surface coverage and deeper threat analytics resulting in greater security visibility. Our SOC does the heavy lifting for you of proactive threat hunting, event correlation and analysis, and provides you with guided remediation. The result is a force multiplier that allows your IT team to be confident and in control again while also maximizing all of your cybersecurity investments.

    Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores
    Liberty Wines, Pioneer Telephone, Visier
    Top Industries
    Manufacturing Company15%
    Computer Software Company12%
    Financial Services Firm12%
    Computer Software Company18%
    Financial Services Firm10%
    Manufacturing Company8%
    Financial Services Firm18%
    Healthcare Company9%
    Energy/Utilities Company9%
    Computer Software Company28%
    Manufacturing Company11%
    Financial Services Firm5%
    Comms Service Provider23%
    Computer Software Company23%
    Security Firm15%
    Transportation Company8%
    Computer Software Company15%
    Manufacturing Company8%
    Financial Services Firm8%
    Company Size
    Small Business43%
    Midsize Enterprise24%
    Large Enterprise33%
    Small Business25%
    Midsize Enterprise17%
    Large Enterprise57%
    Small Business38%
    Midsize Enterprise33%
    Large Enterprise29%
    Small Business37%
    Midsize Enterprise17%
    Large Enterprise46%
    Small Business59%
    Midsize Enterprise22%
    Large Enterprise19%
    Small Business26%
    Midsize Enterprise20%
    Large Enterprise54%
    Buyer's Guide
    Netsurion vs. Rapid7 InsightIDR
    January 2024
    Find out what your peers are saying about Netsurion vs. Rapid7 InsightIDR and other solutions. Updated: January 2024.
    757,198 professionals have used our research since 2012.

    Netsurion is ranked 13th in Extended Detection and Response (XDR) with 5 reviews while Rapid7 InsightIDR is ranked 15th in Extended Detection and Response (XDR) with 15 reviews. Netsurion is rated 8.4, while Rapid7 InsightIDR is rated 8.6. The top reviewer of Netsurion writes "Provides real-time alerting, a dedicated team, and around-the-clock monitoring". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Quick to deploy and helpful in detecting and responding to security incidents before there is a big outage". Netsurion is most compared with Arctic Wolf Managed Detection and Response, CyberHat CYREBRO and Wazuh, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and Microsoft Defender for Identity. See our Netsurion vs. Rapid7 InsightIDR report.

    See our list of best Extended Detection and Response (XDR) vendors and best Security Information and Event Management (SIEM) vendors.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.