How does a WAF help to protect against DDoS attacks?

WAF helps to filter and block malicious https traffic at application layer (layer 7) before it reaches application using features like rate limiting, behavior analysis and customizable rules to prevent DDoS attacks. WAF alone is not the best solution for an end to end DDoS protection. However, WAFs are most effective when used as part of a multi-layered defense approach, often in conjunction with DDoS protection services that handle network layer (layer 3/4) attacks. Therefore, WAFs should be combined with DDoS protection services like Azure DDoS Protection or AWS Shield that protects at the network and transport level before reaching the WAF.

What single sign-on platform do you recommend?

Various factors are to be considered before making a strong recommendation. The most important one these days would be the cost of the SSO solution. Apart from cost, one need to understand the use cases, user base and number of concurrent users during peak usage period, etc. Once all these information are recorded, it would be best to evaluate the available tools and rank them against each use case. Some tools can perform well even with a large user base and can be scaled up in no time. If the organization is large and has a great focus in stability, agility, and availability, expect that most of the available features are OTB. Then, you can consider going with Ping Identity or Forgerock products. Okta is a great option, too. Also, EntraID has joined the race but they still have a lot of catching up to do. However, cost may be an added advantage if you want to explore EntraID.

Has anyone moved from Microsoft Project to Smartsheet? How has your experience been with Smartsheet?

I used Smartsheet for two years to manage multiple enterprise projects—often running up to five in parallel. There was no standardized tool policy in place, so a plethora of project planning and management tools were in use across the organization, with no integration or consistency. For example: Trello, Microsoft Teams Planner, JIRA, Excel, MS Project, Miro, Confluence , and others. At the outset, I trialled several modern tools and ultimately chose Smartsheet , primarily because it: A) Was truly collaborative, flexible, and simple enough for anyone in the organization to set up and estimate their deliverables, provide work estimates, and update progress. B) Was well-accepted by both business and technical teams—as well as the tool's vendor—since it allowed users to work in familiar formats and control their own tasks. For example, developers preferred Kanban cards; marketing, sales, and finance teams favored the spreadsheet view; and business/team leads used a mix of spreadsheet, Gantt, or project views depending on their preferences. C) Enabled most team members to update their own tasks using their preferred view. When they couldn’t, the Stream Lead handled updates, added estimates, and tracked progress. For instance, the NZ Sales Stream Lead managed this for his team. D) Gave every team member access and ownership to detail the work required for their deliverables, add effort estimates and resource requirements, update progress, and flag issues and risks for reporting and action. I created a simple filter for each team member so they could quickly view and update their workload. Additionally, we used the JIRA integration feature for certain streams to reduce duplication. E) Allowed each business/technical stream lead to assign resources to tasks and identify where cross-stream collaboration was needed—e.g., Sales assisting during UAT. Again, JIRA integration supported this where applicable. F) Included "smarts" (formulas) I added to automate task RAG (Red-Amber-Green) status indicators, helping visualize delays and automatically flagging urgency. G) Supported custom project status templates and portfolio reports I developed, which were reviewed with stream leads and included in formal management reporting. Unfortunately, I was never able to use the Resource Management module due to additional licensing costs. It's an excellent tool, but suffers from poor marketing—making it virtually invisible to mainstream project folk.

Will you continue to use SAP Cloud Platform features when it becomes a part of SAP Business Technology Platform (BTP)?

The SAP C_LCNC_2406 exam presents a moderate challenge that tests both your theoretical understanding and hands-on proficiency with SAP Build tools, requiring candidates to navigate through 60 questions covering application development, business process automation, SAP Build Work Zone, and citizen development concepts within a tight 120-minute timeframe. Passing this certification significantly elevates your professional standing, opening doors to specialized SAP development roles, increasing your earning potential, and providing job security as organizations increasingly embrace low-code/no-code solutions for digital transformation. The future of this certification looks promising, as demand for SAP Build skills continues to surge across industries, setting it apart from traditional SAP certifications by focusing on the practical application of visual development tools rather than just coding expertise. Many candidates face the challenge of mastering multiple SAP Build components simultaneously while balancing theoretical knowledge with real-world implementation skills, which is where comprehensive preparation resources become invaluable. When it comes to exam readiness, P2Pexams stands out by offering meticulously crafted SAP C_LCNC_2406 Exam Questions that mirror the actual exam format, providing candidates with the realistic practice experience needed to build confidence and identify knowledge gaps before test day. Visit Here: https://www.p2pexams.com/sap/p...

How suitable is Microsoft Power Apps for complex applications?

Power Apps can be quite powerful for building complex applications, but it definitely comes with limitations—many of which seem increasingly driven by Microsoft’s revenue goals rather than product improvement. I built several small yet important flows that were scheduled to run daily. Initially, they worked fine on my local production machine—until one day, they just stopped functioning. After a long wait to get in touch with Microsoft support, I was told the functionality I had used wasn’t supported—even though their own documentation clearly explained how to implement it. I pointed this out, but my request for clarification was simply ignored. Eventually, I found a workaround using Microsoft’s hosted environment to trigger my local machine for processing (which was necessary since I was working with local files and scraping a few web pages). That workaround also worked for about two months—then it, too, was blocked by Microsoft. At that point, I gave up on Power Apps and went back to developing in C#. But the problems didn’t end there. I had subscribed to the full suite of Microsoft’s paid services. While canceling a free subscription was easy, canceling the paid ones turned into a nightmare. I eventually managed to cancel most after several months, but one subscription simply refuses to die. More than a year later, they’re still debiting my account every quarter, despite my repeated attempts to stop it. Honestly, if you're a small business— stay far away from Power Apps . The support is lacking, the limitations are increasing, and canceling subscriptions feels deliberately difficult. Maybe large companies can absorb these issues, but for smaller teams, it’s just not worth the hassle.

What are the differences between Palo Alto Networks Panorama and AlgoSec?

The question should be: What are the differenced between Algosec and PANW AIOPS?

Buying Intelligence
for Enterprise Technology

Reviews, Discussions, and Advice from Real Users

Recent reviews

Real users share their stories. No fake reviews.

XM Cyber

Stephen Owen

Group CISO at a insurance company with 51-200 employees

Has significantly improved risk visibility and optimized remediation efforts across dynamic environments

We tightly integrate with APIs, consuming feeds and open source data. We have integrated with XM Cyber, and we are elevating ourselves with AI and MCP tools as we view this as a forerunner to reducing the workload for our agents and IT staff. We're pushing all our security partners to provide AI and MCP tools. Our vision is for them to offer a chat interface where a junior IT or an experienced infrastructure engineer can ask for what needs to be patched next without using an interface. Their current interface is very usable and professional, ranking in the top tier of applications. Their reporting is good, offering custom reports, and their API integration is a new capability that serves us well. We have high expectations for the next generation, such as a chat interface to ask questions. However, everything has been very good. We push the boundaries with digital twins; I understand XM Cyber uses a similar concept of graph databases to map environments. I would like access to that and querying languages, enabling more informed business decisions. XM Cyber sees much of our estate, which is beneficial for making informed decisions, and we can harness those insights and data for business analytics. For instance, it could help us gain insights into change management—if a particular server impacts another and that server is supported by yet another server, we could glean significant insights for change management meetings.

Read full review

Splunk Enterprise Security

Kyle Vernham

Threat Analyst at a manufacturing company with 10,001+ employees

Built-in searches and unified data access streamline alert investigation and boosts analyst efficiency

The two features I appreciate the most in Splunk Enterprise Security are the built-in searches, which have been very easy for us to get started with right out of the box, and the fact that it accesses all of our other systems. You can access it as a pane of glass rather than having to search individually. We also have the option to compare our analysts from our service to service. Splunk Enterprise Security helps our SOC team prioritize and investigate high-fidelity alerts more effectively by providing a more in-depth look and the ability to access a lot more of our data. Instead of jumping from several segmented systems, it allows us to have everything brought together in one place. For example, you have to move from our purview to our build system and to Splunk Enterprise Security, and it enables us to streamline that process. The built-in features of Splunk Enterprise Security, which we recently procured, have given us a good starting point and demonstrated the value of the product, providing an easy way to sell it to our company. The ease of getting everything into our purview helps us, and it serves as a good start for the investigation part in one location rather than what we usually have, which is jumping from system to system to system. Splunk Enterprise Security plays a role in our company's strategy to combat insider threats and advanced persistent threats by currently being in its technical test phase. We are still rolling it out, and it should help us find any insider threats based on information that our policy states should not be present in our system. Splunk Enterprise Security's risk-based alerting (RBA) has impacted our alert volume and analyst productivity because we've got many different systems feeding into it. However, it has helped to make it easier for our analysts to go through a set of events rather than 100 alerts. RBA allows us to streamline the process and customize it for our analysts. When it comes to leveraging Splunk Enterprise Security's dashboards and visualizations to communicate security posture to executives, it's pretty straightforward for any type of information. The visualization is easy to understand, but I haven't had any direct conversations with our executives.

Read full review

Trend Micro Deep Security

Avnish Kumar

Information Technology Service Desk Manager at a tech services company with 10,001+ employees

Virtual patching has protected critical workloads and reduced downtime across financial environments

The best features Trend Micro Deep Security offers include virtual patching and comprehensive protection from multiple modules such as anti-malware, web reputation, firewall, integrity monitoring, and log inspection. It is very user-friendly, easy to understand, and helps us integrate multiple products with Deep Security. The user-friendly aspect and integration of Trend Micro Deep Security have helped my team significantly. For example, we can integrate our SIEM product, Active Directory, and multiple platforms. If an operations engineer cannot find something or forgets about a suspicious activity, we can identify the suspicious thing with the help of the SIEM. With Active Directory, we maintain our compliance, checking which server has Deep Security and which does not. By integrating these solutions, we effectively maintain compliance in our environment. Trend Micro Deep Security has positively impacted our organization because we have implemented it for multiple purposes, primarily for server security. It is installed on both multiple virtual and physical servers with minimal performance impact. It has been extremely stable throughout our usage, with no major disturbances.

Read full review

Want to share your own feedback on tech products?

Add a review

Compare solutions

Browse over 80,000 comparisons with reviews, buyer's guides, and more.

Popular Comparisons

Cloudflare

77 Reviews

Quad9

2 Reviews

Netgate pfSense

217 Reviews

OPNsense

44 Reviews

Fortinet FortiGate

574 Reviews

Sophos XG

215 Reviews

Amazon API Gateway

45 Reviews

Microsoft Azure API Management

83 Reviews

Checkmarx One

71 Reviews

SonarQube

134 Reviews

GitLab

87 Reviews

Microsoft Azure DevOps

136 Reviews

Hyper-V

144 Reviews

VMware vSphere

457 Reviews

MinIO

24 Reviews

Red Hat Ceph Storage

28 Reviews

Figma

11 Reviews

Miro Business - Enterprise

9 Reviews

AWS Secrets Manager

15 Reviews

Azure Key Vault

51 Reviews

See all comparisons

Trusted by Enterprise Tech Decision Makers

Principal DevOps Engineer

Brian H.

Principal DevOps Engineer at a large healthcare company

PeerSpot is a goldmine. Sometimes reviews on sites have lots of vendor content, yours don't. The depth is amazing as well.

CISO Office

H.K.

CISO Office at ING

Thank you for the information I was able to use when our company was in a PoC track with different vendors.

Azure Consultant

Aroosh K.

Azure Consultant at Deloitte

PeerSpot is a good platform to compare products.

Join 873,000 enterprise tech professionals sharing advice with peers

Real, Relevant Reviews

Every reviewer is verified as a real user of the product within the last 12 months. If we aren’t sure it’s real, we won’t publish it.

The Full Picture

At an average of 600 words per review, our reviews are in-depth and will always include both pros and cons so that buyers can make an informed decision.

A Community of Experts

PeerSpot is about more than reviews - users can ask for and share advice with peers throughout their buying process.

We also bridge the gap between vendors and buyers

PeerSpot helps vendors reach buyers through the voice of their customers. We help vendors capture and leverage the authentic product feedback that users want to see when they’re conducting product research and due diligence.

Find out more

Buying Intelligencefor Enterprise Technology

Recent reviews

Want to share your own feedback on tech products?

Compare solutions

Trusted by Enterprise Tech Decision Makers

Join 873,000 enterprise tech professionals sharing advice with peers

Real, Relevant Reviews

The Full Picture

A Community of Experts

We also bridge the gap between vendors and buyers

Popular Questions in our Community

Buying Intelligence
for Enterprise Technology