No more typing reviews! Try our Samantha, our new voice AI agent.

Comodo MDR vs Netsurion comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Comodo MDR
Ranking in Managed Detection and Response (MDR)
38th
Average Rating
10.0
Reviews Sentiment
6.8
Number of Reviews
3
Ranking in other categories
No ranking in other categories
Netsurion
Ranking in Managed Detection and Response (MDR)
36th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
24
Ranking in other categories
Managed Security Services Providers (MSSP) (27th), Security Information and Event Management (SIEM) (49th), SOC as a Service (13th), Extended Detection and Response (XDR) (43rd)
 

Mindshare comparison

As of June 2026, in the Managed Detection and Response (MDR) category, the mindshare of Comodo MDR is 0.9%, up from 0.3% compared to the previous year. The mindshare of Netsurion is 1.0%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Managed Detection and Response (MDR) Mindshare Distribution
ProductMindshare (%)
Netsurion1.0%
Comodo MDR0.9%
Other98.1%
Managed Detection and Response (MDR)
 

Featured Reviews

Navin Mohinani - PeerSpot reviewer
CEO at Forte IT Solutions
Have faced integration challenges but continue to benefit from strong security and proactive response features
The biggest advantage of the product, as I see it as a reseller, is its security and reporting. The automated incident response feature in Comodo MDR works fantastic. When customers install custom tailor-made software which is not recognized by Comodo MDR endpoint detection response tool, it runs in an isolated environment, virtual environment, sandbox environment. If it determines that this software is not secure, not verified, or not approved by system admin, it blocks the software immediately. The software will not run, and it sends a report to the admin email instantly. If there is any issue with the software or if any incident such as a malware attack or ransomware attack is happening, or something is trying to make changes to the system files, it immediately blocks the software tool and reports back to the admin. As a reseller partner and secondary admin for the customers, my team and I directly receive a mail, and we take control of that machine. It even blocks complete network access to that machine. On the hardware side, if there is a hard disk full or RAM 90% usage or CPU 90% usage or any of these incidents, we set up an alert notification option for it. The moment these incidents occur, it sends an alert so we can recommend customers upgrade their hardware or check if there is any malfunctioning software consuming too much RAM and CPU. This incident response use case helps us keep customer machines' performance to the maximum. The 24/7 monitoring capability supports a lot in contributing to our cybersecurity strategy. It is very much compatible with our goal.
John-Berry - PeerSpot reviewer
Information Technology Manager at ProfitSolv
The SOC center monitors, hunts, and notifies us of threats around the clock
I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"However, it offers sophisticated features, especially in scanning and analyzing activities on workstations or servers."
"The automated incident response feature in Comodo MDR works fantastic; when customers install custom tailor-made software which is not recognized by Comodo MDR, it runs in an isolated environment, and if it determines the software is not secure, it blocks it immediately and sends a report to the admin."
"The product is fairly new compared to others like Trend Micro or Symantec. However, it offers sophisticated features, especially in scanning and analyzing activities on workstations or servers. It can prevent malicious operations from spreading to other applications or the network. This feature is particularly effective because it operates at the IO level, unlike behavior or signature analysis used by other products. It contains threats and alerts administrators about whether they are false positives or real threats that need immediate action or support recommendations."
"One of the most valuable features is its around-the-clock, 365-day-a-year online technical support."
"There are a host of things that are most valuable. Obviously monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our switches, all that stuff. They aggregate and correlate that quarterly. They'll tell us if we're getting a lot of login failures and something is going on or if something's weird."
"The managed service is great value which saves you a full-time employee on your staff by being able to outsource it to EventTracker to review all the logs and cull through the data to make recommendations and identify threats, then how to remediate them."
"Of all the products and vendors that we've used, I've never had a more positive experience with a support team than with EventTracker's support team."
"We have also integrated our endpoint security into the Netsurion SIEM. That's important because we have all the events in one place; we don't have to manage them in multiple places. In addition, the embedded MITRE ATT&CK Framework was paramount in our decision to choose Managed Threat Protection because the MITRE Framework is the industry standard for threats."
"We use those standard reports every day and monitor them, and it probably saves us three hours a day because the solution is doing the consolidation of the log files for us."
"The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're monitoring."
"I really appreciate the fact that the dashboard breaks everything down into a pretty easy view for me... It shows what changes are happening to privileged user accounts, access and identity, what's cropping up. It shows application activity and whether we've got system resources that aren't online and being found anymore. It's a pretty simple, easy, quick hit and there are the supporting logs behind it. If I need to drill down further, I can do that quickly. It's very effective."
"When it comes to threat detection and response, it does a very good job detecting and blocking on its own. And the SOC is a nice added value because they're doing analysis on things that aren't as obvious, on things that you can't just detect with a signature or behavior. Also, any SIEM will come with a lot of noise, so having them do a lot of the initial analysis to find out what's critical and what issues are false alarms is very good."
 

Cons

"Users pay $60 per user per year, and in case there is an issue, support tickets take nearly three days or sometimes even more for a clear resolution or an answer."
"I think having a higher level of MDR would be beneficial, although it's quite expensive. This would involve not just monitoring the network but also taking actions to stop and detect threats. We haven't implemented this yet, but we're considering it for our organization's plans."
"They should consider adopting the desktop version as a solution."
"I think having a higher level of MDR would be beneficial, although it's quite expensive."
"It would be great if they had a client for phones by which they could push a notification to us, as opposed to via email."
"We get a report generated on a particular day of the week and we go through it, trying to mitigate problems and make sure we're seeing everything that's happening. It would be helpful if the SOC spent a little more time with us going through some of those reports."
"The hosted on-premise hardware that we were using was having issues. The performance of it was horrendous, but we weren't using it."
"The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated."
"The weekly reporting could use some improvement. For example, when we handed them our landscape document, it took longer than I would have liked for those details to become noticeable within the reports."
"Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging."
"I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events."
"Everything that I've wanted has been added in. EDR was added, and MITRE was added. Those were two big ones that we didn't even have to push for."
 

Pricing and Cost Advice

"The tool's pricing is high compared to other products. If you want to target a certain quantity, it should provide discounts to enterprises."
"The pricing falls within the moderate range."
"Netsurion's pricing is competitive. At the same time, they're the only ones who do what we want to do the way we want it. I can't say we would've paid more, but we would've had to have come up with our own solution if they weren't providing that."
"It is a bit expensive as compared to some of the other products that have come out in recent years. Expense-wise, the only downside is that it is not cheap."
"EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."
"I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."
"We put together the package of what we needed. It was based pretty much on the number of agents that we were deploying. If we needed to manage logging from certain specific applications, like Active Directory and SQL Server, there has been no additional cost for that. We had agents deployed for those specific servers and the applications were included, then there was just an additional installation that they had to do for us."
"Netsurion's pricing is extremely fair and flexible. The price of their SIEM product is reasonable, and you can pay for those services you want on top of that. It wasn't cheap, but it's competitive, and we intend to renew our contract."
"The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high."
"The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value."
report
Use our free recommendation engine to learn which Managed Detection and Response (MDR) solutions are best for your needs.
900,644 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Construction Company
11%
Outsourcing Company
10%
Performing Arts
10%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise7
Large Enterprise7
 

Questions from the Community

What is your experience regarding pricing and costs for Comodo MDR?
The tool's pricing is high compared to other products. If you want to target a certain quantity, it should provide discounts to enterprises.
What needs improvement with Comodo MDR?
Areas for improvement are mainly on the software side. They are trying to integrate some functionalities, but their API integration with some CRM and invoicing tools is not appropriate or 100% comp...
What is your primary use case for Comodo MDR?
The major use case for the product is mainly for endpoint security and endpoint management.
Ask a question
Earn 20 points
 

Also Known As

Comodo Managed Detection and Response
Netsurion Managed Threat Protection, Netsurion EventTracker
 

Overview

 

Sample Customers

Information Not Available
The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores
Find out what your peers are saying about Comodo MDR vs. Netsurion and other solutions. Updated: June 2026.
900,644 professionals have used our research since 2012.