Netsurion vs Red Canary comparison

Comparison Buyer's Guide

Executive Summary

We performed a comparison between Netsurion and Red Canary based on real PeerSpot user reviews.

Find out in this report how the two Managed Detection and Response (MDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Netsurion vs. Red Canary Report (Updated: May 2024).

Buyer's Guide

Netsurion vs. Red Canary

May 2024

Download the complete report

Helped 787,779 peers since 2012

Categories and Ranking

Binary Defense MDR

Mindshare comparison

As of June 2024, in the Managed Detection and Response (MDR) category, the mindshare of Binary Defense MDR is 0.3%, down from 0.3% compared to the previous year. The mindshare of Netsurion is 0.3%, down from 0.4% compared to the previous year. The mindshare of Red Canary is 5.5%, up from 4.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Managed Detection and Response (MDR)

Unique Categories:

No other categories found

Security Information and Event Management (SIEM)

0.3%

Featured Reviews

Christopher-Anderson

Director Of Information Technology at a financial services firm with 11-50 employees

May 17, 2024

Enables us to save by not hiring a team or relying on one person for security

We began seeing benefits as soon as MDR was in place, and activity started returning on the endpoints. However, I don't think we realized the full value. We added some other things and refined the configuration to ensure we got all the reports and caught everything. Binary Defense helped reduce the volume of security alerts, which varies significantly. There were about 4,000 to 15,000 attempts to log into 365 accounts. We isolated five user accounts that threat actors were exploiting. If they choose another user to mask, we can mitigate those on the spot without returning to them. We've hardened our security posture. Instead of observing the things that come through our network, we can actually act on them. We have a team behind us to notice what they're doing. We save money by not hiring a team or relying on one person for security. With MDR, we have a team behind us, enabling us to respond more efficiently instead of just watching things happen. While Binary Defense doesn't necessarily reduce the daily workload, it reduces our stress because we had to bootstrap solutions to prevent some things from happening. Now, we have Binary Defense protecting us. Binary Defense helps identify real threats instead of flagging activity that might be construed as negative. Their team takes much of the stress and guesswork out of how we execute our security program.

Read full review

reviewer2273475

CIO at a computer software company with 501-1,000 employees

Sep 8, 2023

We have a unified view and a devoted team to make sure our environment is secure

Integration-wise, there is a pretty vast area of things that they are able to integrate with, but some of the tools they have are not so great. One of my pet peeves right now is the maturity of the agents that you install on Windows and Linux devices. On the Linux side, it has not been a great experience. They support CentOS and Ubuntu, but the client tends to be a little bit cumbersome and not so great. It is just okay. It is not so great because the agent that they use is basically like a SysLog forwarder of the log system of the Linux system. When it gets pushed out, they do not receive the data as a hostname. It just comes back as an IP, so they are not able to detect the hostname. There are little tedious things here and there that I have not been happy about. This is one of them. They have their programs and tools that you have to put into your own environment. We basically ingest all the log data and then push it out to them. I wish it was a little bit different than that where we just push directly towards them. I do not know if that is a function that they thought would be better in terms of security, but I wish that instead of doing that, it should go from the device to them and not from the device to another system and then out to them. There seem to be some drawbacks to doing that. They need to work on the tools they have. The UI of EventTracker, which is a proprietary piece of software that they built, needs improvement. It is not the friendliest thing in the world. Those are the things that they should probably work on. I know that a lot of their tools have been specifically built around their team, and their team is very familiar with it, but that is an area they probably need to work on to get their customers or even get more clients. They need to work on the UI of EventTracker.

Read full review

Solomon Lesko

Account Manager at a computer software company with 51-200 employees

Jun 21, 2023

Provides near real-time alert reviews, allowing for quick response to security events

We use the solution's MDR service to monitor our Microsoft 365 environment, including Defender Endpoint Red Canary MDR has sped up our ability to receive alerts when there is a security event. The first valuable feature for me is the speed of response. It provides near real-time alert reviews.…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The case interface is Binary Defense MDR's most valuable feature."

"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."

"Binary Defense is comprehensive. We see most of the questionable activity. Once you see things a couple of times and are familiar with the processes, you know what those are. The level of activity is definitely favorable."

"Binary Defense has a human service department that provides live monitoring for our systems."

"The most valuable features are the SIEM and the ticketing function; the latter is very smooth and easy to read and understand. We don't have any issues looking at the ticketing information when we're trying to identify what's going on."

"The most valuable feature is reviewing tickets and the notes added by technicians."

"The customization has been the most valuable aspect and was really the reason we ended up selecting Binary Defense. They worked with us to provide exactly the level of support, features, response, and collaboration we needed."

"One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."

More Binary Defense MDR pros

"When it comes to threat detection and response, it does a very good job detecting and blocking on its own. And the SOC is a nice added value because they're doing analysis on things that aren't as obvious, on things that you can't just detect with a signature or behavior. Also, any SIEM will come with a lot of noise, so having them do a lot of the initial analysis to find out what's critical and what issues are false alarms is very good."

"The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls in."

"We have also integrated our endpoint security into the Netsurion SIEM. That's important because we have all the events in one place; we don't have to manage them in multiple places. In addition, the embedded MITRE ATT&CK Framework was paramount in our decision to choose Managed Threat Protection because the MITRE Framework is the industry standard for threats."

"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."

"Netsurion's 24/7 monitoring has enhanced the overall security of the company. They have someone looking at the data 24/7 who will call us as needed. If their team spots a malicious process after hours, they notify the appropriate person by phone. We get a lot of actionable threat intelligence from Netsurion. For example, if a user clicks on a malicious link in a web page and starts an unusual process that isn't on the white-list, Netsurion's team can detect it and prevent it from executing. Afterward, they'll notify us by telephone, so we can respond and clean up whatever damage has occurred."

"The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're monitoring."

"Netsurion was easy to deploy. I have worked with other systems that were a little less complex, but they weren't quite as easy to deploy."

"The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats."

More Netsurion pros

"The solution works well for what we use it for and the support and protection are good."

"The valuable features of this solution are it integrates well with different EDR software, such CrowdStrike, and Carbon Black, and the information it provides is helpful."

"The near real-time review translates into near real-time action. So, in addition to alerting, Red Canary MDR has response playbooks built out."

"The most valuable features of Red Canary MDR are its modeled after the MITRE ATT&CK framework and we can easily automate the containment of the endpoint. Additionally, it is easy to use and we have never had an issue with it."

"The most valuable feature of the solution is its automation part."

Cons

"The only area I see for improvement with Binary Defense is their service portal. It could benefit from some enhancements."

"We should be able to isolate devices faster. They should shorten the time between clicking on a device to contain it and carrying out the action. That would be a welcome improvement."

"We found a couple of bugs in the user interface."

"I would like to see more frequent check-ins with our security status."

"It's sometimes difficult to know when to engage Binary Defense or TrustedSec, their sister company. TrustedSec is more focused on offensive security, as opposed to the defensive security that the MDR solution provides. It would be awesome if there were a better bridge between that relationship for when we need to get more proactive services or when we need to do a penetration test."

"It's hard to think of anything that they need to improve on, but just to point out something, I would like to see them provide advanced XDR."

"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."

"The current reporting system could benefit from improvement."

More Binary Defense MDR cons

"Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging."

"Netsurion's SOC can be a bit too aggressive at times."

"I would also like to have a dashboard that I can access anytime to review the real-time data from their website."

"They have their programs and tools that you have to put into your own environment. We basically ingest all the log data and then push it out to them. I wish it was a little bit different than that where we just push directly towards them. I do not know if that is a function that they thought would be better in terms of security, but I wish that instead of doing that, it should go from the device to them and not from the device to another system and then out to them. There seem to be some drawbacks to doing that."

"I would like to see the dashboard come up more quickly."

"I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events."

"We get a report generated on a particular day of the week and we go through it, trying to mitigate problems and make sure we're seeing everything that's happening. It would be helpful if the SOC spent a little more time with us going through some of those reports."

"The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later."

More Netsurion cons

"The price could always be better."

"In general, the solution currently fails to provide a summary to its users."

"There should be an easier way to update agents to new levels in Red Canary MDR. However, it is not a huge issue but it would help."

"The most valuable feature of Red Canary MDR is the overall threat protection it provides."

"I would like there to be an on-premise version of this solution for our data centers because of the proliferation of online threats."

Pricing and Cost Advice

"Binary Defense has changed its pricing model from being primarily based on the volume of data to one based on escalations and incidents they handle."

"After we acquired this platform, we met with a number of different vendors. Binary Defense came in with a proposal that was surprisingly affordable. In fact, we were able to recoup the cost of their services within a short period of time. This is because Binary Defense is able to provide the same level of security as a team of two or three in-house analysts but at a fraction of the cost. As a result, Binary Defense is saving us an estimated $250,000 to $300,000 per year."

"It's valued at the right price. Even with the number of endpoints we have, we don't feel that it's a lot more than any competitor. In fact, it might be less expensive when you look at the fact that you're getting a full flex SOC out of it along with the tools."

"The pricing is very good. They are definitely competitive and they were lower at the time that we went with them."

"Binary Defense MDR is priced competitively and may be slightly lower than CrowdStrike."

"The pricing isn't that bad, it's very competitive. I don't feel that it's over-priced and I don't feel that it's under-priced."

"The pricing is on target. Working with their sales team on pricing negotiations was a pleasant process. They were very respectful of the constraints we had and I feel that we're paying a fair price."

"From the initial cost that Binary Defense came in with, we pared it down quite a bit over the course of 30 or 60 days. My leadership would say that their cost was high, but realistically, they were in line with the market."

More Binary Defense MDR pricing and cost advice

"Our pricing for Netsurion last year was US $52,000 per year."

"Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good."

"The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value."

"In the security space, it's hard to quantify your return on investment. So, I don't. We spend about $40,000 a year and so. It's hard to say if the SIEM saved that much money."

"EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."

"I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."

"Netsurion's pricing is competitive. At the same time, they're the only ones who do what we want to do the way we want it. I can't say we would've paid more, but we would've had to have come up with our own solution if they weren't providing that."

"It is a bit expensive as compared to some of the other products that have come out in recent years. Expense-wise, the only downside is that it is not cheap."

More Netsurion pricing and cost advice

"Red Canary MDR I use is an open-source tool."

"The price of Red Canary MDR is inlined with competitors. The price is reasonable."

"I have not compared Red Canary to other solutions to know if the price is high or low. However, I have found the price of this solution fair and reasonable, it cost approximately $100 per year, per device. If they could provide the solution for $50 per year, per device, it would be better."

"The solution could vary in price depending on how many endpoints a company has."

See which vendors are best for you

Use our free recommendation engine to learn which Managed Detection and Response (MDR) solutions are best for your needs.

See recommendations

787,779 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

18%

Healthcare Company

Manufacturing Company

Financial Services Firm

Computer Software Company

30%

Manufacturing Company

12%

Government

Financial Services Firm

Educational Organization

18%

Computer Software Company

13%

Manufacturing Company

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Binary Defense MDR?

The most valuable feature is reviewing tickets and the notes added by technicians.

See all answers

What is your experience regarding pricing and costs for Binary Defense MDR?

Binary Defense is fairly priced. I would say that Binary Defense is flexible in negotiating and tailoring a solution ...

See all answers

What needs improvement with Binary Defense MDR?

The only area I see for improvement with Binary Defense is their service portal. It could benefit from some enhanceme...

See all answers

What do you like most about Netsurion Managed Threat Protection?

Expediting incident response is really great.

See all answers

What is your experience regarding pricing and costs for Netsurion Managed Threat Protection?

Their pricing is high. I don't know if it's a barrier. The quality speaks to the price. The price is the price. They ...

See all answers

What needs improvement with Netsurion Managed Threat Protection?

There is one area that needs improvement and that is with the agents and the server that's on-site. The system requir...

See all answers

What do you like most about Red Canary MDR?

The most valuable feature of the solution is its automation part.

See all answers

What is your experience regarding pricing and costs for Red Canary MDR?

Red Canary MDR I use is an open-source tool.

See all answers

What needs improvement with Red Canary MDR?

Red Canary MDR generates a lot of output, so it would be good if, in the end, it generates a summary of all the previ...

See all answers

Comparisons

Darktrace vs Binary Defense MDR

Compared 38% of the time

SentinelOne Singularity Complete vs Binary Defense MDR

Compared 21% of the time

Cortex XDR by Palo Alto Networks vs Binary Defense MDR

Compared 15% of the time

CrowdStrike Falcon vs Binary Defense MDR

Compared 13% of the time

Arctic Wolf Managed Detection and Response vs Binary Defense MDR

Compared 12% of the time

More Binary Defense MDR Competitors

Arctic Wolf Managed Detection and Response vs Netsurion

Compared 54% of the time

CyberHat CYREBRO vs Netsurion

Compared 26% of the time

Sumo Logic Security vs Netsurion

Compared 19% of the time

More Netsurion Competitors

CrowdStrike Falcon Complete vs Red Canary

Compared 32% of the time

Arctic Wolf Managed Detection and Response vs Red Canary

Compared 22% of the time

Expel vs Red Canary

Compared 11% of the time

Rapid7 MDR vs Red Canary

Compared 7% of the time

ReliaQuest GreyMatter vs Red Canary

Compared 7% of the time

More Red Canary Competitors

Product Reports

Buyer's Guide

Binary Defense MDR

June 2024

Download Binary Defense MDR product report

Buyer's Guide

Netsurion

June 2024

Download Netsurion product report

Buyer's Guide

Managed Detection and Response (MDR)

June 2024

Download Red Canary product report

Also Known As

Binary Defense Vision, Binary Defense Managed Detection and Response, Binary Defense Managed Detection & Response

Netsurion Managed Threat Protection, Netsurion EventTracker

Red Canary Managed Detection and Response (MDR)

Learn More

Binary Defense

Video not available

Netsurion

Red Canary

Overview

Binary Defense provides a Managed Detection and Response service using an Open XDR strategy that detects and isolates threats early in the attack lifecycle. Expert security analysts in the Binary Defense Security Operations Center leverage an attacker’s mindset, monitoring your environments for security events 24x7x365 and acting as an extension of your security teams. When a security event occurs, Binary Defense analysts triage, disposition, and prioritize the event. Analysts conduct full kill chain analysis and supply tactical and strategic mitigation recommendations to your security team with the goal of increasing your organization’s security posture against the latest adversary threats.

Visit us online at https://www.binarydefense.com

Our open XDR platform unifies your existing security telemetry to deliver wider attack surface coverage and deeper threat analytics resulting in greater security visibility. Our SOC does the heavy lifting for you of proactive threat hunting, event correlation and analysis, and provides you with guided remediation. The result is a force multiplier that allows your IT team to be confident and in control again while also maximizing all of your cybersecurity investments.

Red Canary Managed Detection and Response (MDR) offers robust threat detection, rapid response capabilities, continuous security monitoring, and seamless integration with existing tools. Valued for its actionable reporting and proactive threat intelligence, it streamlines operations and enhances organizational efficiency and security.

Sample Customers

Securitas USA, Black Hills Energy, Lincoln Electric,The J.M. Smuckers Company, New York Community Bank, State of Connecticut, NCR

The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores

DuPont, Quanta Services, Microchip Technology, Hopkins Public Schools, Henny Penny, Schumacher Homes

Buyer's Guide

Netsurion vs. Red Canary

May 2024

Free Report: Netsurion vs. Red Canary

Find out what your peers are saying about Netsurion vs. Red Canary and other solutions. Updated: May 2024.

DOWNLOAD NOW

787,779 professionals have used our research since 2012.

See our Netsurion vs. Red Canary report.

See our list of best Managed Detection and Response (MDR) vendors.

We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.