Some areas for improvement on Netsurion are:
1. Lack of feedback on options for taking action in response to threats. Users would like to know if it is possible to take specific actions through the SIEM service or agent.
2. Slow response time in notifying users about identified threats. Users would prefer to be informed promptly rather than hours later.
3. Insufficient understanding of users' networks by the SOC team, which negatively impacts security posture. Users suggest having a dedicated server for Netsurion to avoid resource contention with other servers.
4. Improved communication with the SOC team. Users would like more interaction and assistance in going through generated reports.
5. Need for a web portal instead of receiving data in an Excel spreadsheet. Users would prefer a portal that aggregates data and highlights hotspots, similar to Arctic Wolf.
6. Development of the product to utilize internet options inherent in the operating system for better communication and security. Users suggest redeveloping the application to be more compatible with current technology.
7. Faster response time for operational events, such as lockouts, to enable timely action. Users want quicker updates on non-high security events to optimize network traffic.
8. Improvement in weekly reporting, including timely incorporation of landscape document details.