Top 8 Security Incident Response
Carbon Black CB DefenseServiceNow Security OperationsFireEye HelixIBM ResilientSecureworks Red Cloak Threat Detection and ResponseCarbon Black CB ResponseProofpoint Threat ResponseSECDO Platform
Popular Comparisons The whole purpose of the product, like application control, is very good, and also if you need to update some policies, it works well and instantly.
The solution has a library where we can have multiple threat intels onboarded. We just have to subscribe to a particular site intel and they'll provide us with all of the truncated details so that we can create IOCs and alerts on the basis of those IOCs.
Popular Comparisons The ease of use is great.
The product has a very simple UI.
Popular Comparisons The most valuable features include predefined use cases and threatening states.
It is kind of simple and very easily deployable. You can start working with it very fast.
Popular Comparisons This is a good solution that we recommend for customers.
The UBA, User Behavior Analytics, is very good.
Popular Comparisons The features that I have found most valuable are that the search capabilities are easy to use. The dashboards are good. The reports are good. It is just simple from a deployment standpoint - that was easy.
Popular Comparisons Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support.
Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread.
Popular Comparisons The best part of Proofpoint Threat Response is the Auto-Pull feature. Being able to pull an email back from a user's mailbox is very useful, yet I have noticed that not a lot of organizations use this kind of feature.
Popular Comparisons Technical support is great. Palo Alto is extremely helpful and responsive.
The ease of deployment is a valuable feature.
Buyer's Guide
Security Incident Response
December 2022
Find out what your peers are saying about VMware, ServiceNow, Trellix and others in Security Incident Response. Updated: December 2022.
670,331 professionals have used our research since 2012.
Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.
670,331 professionals have used our research since 2012.
See all 15 solutions in Security Incident Response
Advice From The Community
Read answers to top Security Incident Response questions. 670,331 professionals have gotten help from our community of experts.
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Dec 21 2022
Hi SOC analysts and other infosec professionals,
Which standard/custom method do you use to decide about the alert severity in your SOC?
Is it possible to avoid being too subjective? How do you fight the "alert fatigue"?
Rony_Sklar
Community Manager at a tech services company with 51-200 employees
Dec 21 2022
Hi dear community,
Can you explain what an incident response playbook is and the role it plays in SOAR? How do you build an incident response playbook?
Do SOAR solutions come with a pre-defined playbook as a starting point?
Shibu Babuchandran
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Dec 15 2022
Hi community,
What are your top 5 (or less) cyber security trends in 2022?
Thanks in advance!
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Sep 15 2022
Hi,
When would you suggest using an internal SOC and when SOC-as-a-Service? What are the pros and cons of each?
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Aug 10 2022
Hi infosec professionals,
We all know how security terms can be confusing and there are permanent discussions between professionals about simple ones.
How would you describe the difference between cyber resilience and business continuity?
How do you achieve each of them? Read More »
Security Incident Response Articles
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi dear community members,
This is our latest community digest. It helps you catch up on recent contributions by community members. Comment below with your feedback and suggestions!
Trending
What are the Top 5 cybersecurity trends in 2022?
What are the main benefits of modern IT Asset D... Read More »
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi community members,
Spotlight #2 is our fresh bi-weekly community digest for you. It covers cybersecurity, IT and DevOps topics. Check it out and comment below with your feedback!
Trending
What are the pros and cons of internal SOC vs SOC-as-a-Service?
Join The Moderator Team at IT Ce... Read More »
CristianoLima
Senior IT Infrastructure Engineer at Tecnoage
Keeping up with the evolution of cybersecurity and the threats that are haunting the IT industry across all industries, this text pays special attention to ransomware, as this practice is on the rise in the world of cybercrime. Let's focus on the subject, specifically on the Healthcare sector. ... Read More »
Netanya Carmi
Content Manager at PeerSpot (formerly IT Central Station)
We receive alerts all day long - alerts about emails, incoming Whatsapps and SMSes, posts on social media, etc. At some point we become desensitized to these alerts and stop noticing them anymore - a phenomenon known as “alert fatigue.” Seventy percent of a SOC analyst’s workday is spent dealing ... Read More »
Buyer's Guide
Security Incident Response
December 2022
Find out what your peers are saying about VMware, ServiceNow, Trellix and others in Security Incident Response. Updated: December 2022.
670,331 professionals have used our research since 2012.
