We performed a comparison between Trend Micro XDR and Netsurion based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trend Micro XDR is commended for its holistic approach to threat prevention, real-time visualization, and ability to prioritize network-based detection and response. Netsurion delivers thorough and informative notifications and effectively identifies threats. Users praise its seamless incorporation of endpoint security measures. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships. Netsurion should focus on enhancing weekly reporting, utilizing internet options for enhanced security, and strengthening threat detection and response.
Service and Support: Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations. Netsurion's customer service has received mixed reviews, with some users expressing concerns about technical planning and the installation process.
Ease of Deployment: The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals. Netsurion's initial setup was described as easy, with clear instructions and packages provided. Reviewers appreciated the support and assistance from Netsurion. Netsurion guided the setup discussion based on business needs, making it easier to understand and implement.
Pricing: Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable. Netsurion is considered a good value for the money and competitive. Users say the solution’s pricing is transparent.
ROI: Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention. Netsurion offers actionable intelligence and eliminates the requirement for specialized staff, saving time and costs. Its managed SOC component also delivered substantial benefits to organizations.
Comparison Results: Our users prefer Trend Micro XDR over Netsurion. Trend Micro XDR is considered a reliable and feature-rich security solution. Users value the comprehensive view of attacks that Trend Micro XDR provides as well as its network-focused detection and response capabilities. Users say Netsurion's threat detection and response capabilities aren't yet mature enough, and it could improve its SOC functions.
"Advanced hunting is good. I like that. We can drill down to lots of details."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"The product is very easy to use."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"The integration between all the Defender products is the most valuable feature."
"Their SOC team manages vulnerability management and IOC reviews. They stop bad processes when they happen. The best thing is their weekly reviews of what has been going on in the infrastructure as well as the things that they see and what we should look out for."
"If I were to look at logs manually, there's no way I could do that. As an example, they are 48 million logs processed a day. There is no way I could look at all 48 million of those. So, it gives me a good structure to be able to look at the different incidents which are created and do different searches."
"We have also integrated our endpoint security into the Netsurion SIEM. That's important because we have all the events in one place; we don't have to manage them in multiple places. In addition, the embedded MITRE ATT&CK Framework was paramount in our decision to choose Managed Threat Protection because the MITRE Framework is the industry standard for threats."
"What I like most about Netsurion is the level of visibility and reporting."
"Expediting incident response is really great."
"They have a number of integrations with different products. Google Workspace is one of them, and Microsoft Azure is another one. They integrate with a number of other things, such as Duo for multi-factor authentication. They can pull the logs from Duo to see if users are coming from bad repeatable IPs or if there are malicious known IPs that may be popping up in the logs. They are able to see that, and they can identify that. Some of the other integrations they do are from inside your network. For firewalls, they can integrate with SonicWall, Cisco, Fortinet, etc. They have a pretty wide variety of things to integrate with and be able to pull the logins from those devices."
"I like EventTracker's dashboard. I see it every time I log in because it's the first thing you get to. We have our own widgets that we use. For the sake of transparency, there are a few widgets that we look at there and then we move out from there... Among the particularly helpful widgets, the not-reporting widget is a big one. The number-of-logs-processed is also a good one."
"The most valuable feature is definitely real-time alerting, especially in situations where someone might attempt to exploit or hack into our network."
"What I like the most about Trend Micro XDR is that the detection and response domain extends to the network. It goes beyond the endpoint and includes data about the network which lets you pinpoint patient zero as well as the root cause of the attack."
"I can prevent my environment from different types of attacks based on what I see in the Vision One console."
"I like the workbench. It is a view of all the alerts or problems in your estate. The visibility that it provides to engineers is very useful. It is one thing having lots of alerts. It is another thing to have something to correlate all your alerts into a workbench for you so that you can see what is going on."
"The setup is fairly simple."
"It is a stable product. It works very well."
"The centralized visibility is good."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"VisionOne offers a clear window into the security posture of our endpoints."
"The support team is not competent or responsive."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"We should be able to use the product on devices like Apple, Linux, etc."
"The licensing is a nightmare and has room for improvement."
"The weekly reporting could use some improvement. For example, when we handed them our landscape document, it took longer than I would have liked for those details to become noticeable within the reports."
"The deployment of the agents could be a bit easier. We always seem to have a bit of a challenge with that. A lot of times the agents either don't deploy or they quit responding, then we have to go and redeploy them."
"The agents on the endpoints seem to fail quite a bit, requiring manual involvement from the local administrators. I would like to see their product be much more ad hoc and update automatically."
"The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later."
"Everything that I've wanted has been added in. EDR was added, and MITRE was added. Those were two big ones that we didn't even have to push for."
"Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging."
"The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated."
"I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events."
"I'd like to see alert time reduction so that they show up on the dashboard faster."
"They should increase their potential for third-party integrations."
"A room for improvement in Trend Micro XDR is more visibility into the alerts. We do get alerts from the solution, but when we are away, we need to have more visibility."
"They have a DLP module in Tredn Moicros and they need to enhance its capabilities."
"The support documentation could be more comprehensive."
"Results were delayed."
"It is very expensive."
"The area for improvement is mobile security. We have just finished a proof of concept for Zero Trust Secure Access. We withdrew from this PoC because it does not have that many points for proxy across Europe. Our organization is across Europe... At this time, they are only located in Germany and the UK."
Netsurion is ranked 15th in Extended Detection and Response (XDR) with 24 reviews while Trend Vision One is ranked 5th in Extended Detection and Response (XDR) with 42 reviews. Netsurion is rated 8.4, while Trend Vision One is rated 8.6. The top reviewer of Netsurion writes "The SOC center monitors, hunts, and notifies us of threats around the clock". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Netsurion is most compared with Arctic Wolf Managed Detection and Response, CyberHat CYREBRO and Wazuh, whereas Trend Vision One is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Trend Micro Apex One and Fortinet FortiEDR. See our Netsurion vs. Trend Vision One report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
