IT Central Station is now PeerSpot: Here's why

Top 8 Security Incident Response

Carbon Black CB DefenseIBM ResilientFireEye HelixCarbon Black CB ResponseSecureworks Red Cloak Threat Detection and ResponseSECDO PlatformProofpoint Threat ResponseD3 Security
  1. leader badge
    The solution is stable.The feature I found most valuable in Carbon Black CB Defense is the ongoing monitoring feature that works by emailing updates about any detections found.
  2. This is a good solution that we recommend for customers. The UBA, User Behavior Analytics, is very good.
  3. Buyer's Guide
    Security Incident Response
    August 2022
    Find out what your peers are saying about VMware, IBM, Trellix and others in Security Incident Response. Updated: August 2022.
    620,600 professionals have used our research since 2012.
  4. It is kind of simple and very easily deployable. You can start working with it very fast.I like that it's easy. It's got the protection set up, and we can see whatever is required. We write our own rules and the rules that we can input. I think it is good.
  5. Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support.Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread.
  6. The features that I have found most valuable are that the search capabilities are easy to use. The dashboards are good. The reports are good. It is just simple from a deployment standpoint - that was easy.
  7. Technical support is great. Palo Alto is extremely helpful and responsive. The ease of deployment is a valuable feature.
  8. report
    Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.
    620,600 professionals have used our research since 2012.
  9. Support is very responsive.It has reduced our manual efforts to remove emails from each user's inbox, and in this case we do not have to ask our IT department or users to do so.

Advice From The Community

Read answers to top Security Incident Response questions. 620,600 professionals have gotten help from our community of experts.
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Aug 10 2022
Hi infosec professionals, We all know how security terms can be confusing and there are permanent discussions between professionals about simple ones. How would you describe the difference between cyber resilience and business continuity?  How do you achieve each of them?
Read More »
VladanKojanic - PeerSpot reviewer
VladanKojanicIt's simple: cyber resilience is the ability to prepare for, respond to and… more »
6 Answers
Shibu Babuchandran - PeerSpot reviewer
Shibu Babuchandran
Regional Manager/ Service Delivery Manager at ASPL INFO Services
May 19 2022

Hi community,

What are your top 5 (or less) cyber security trends in 2022?

Thanks in advance!

Pablo Cousino - PeerSpot reviewer
Pablo Cousino1) Security in endpoints (especially because of remote work), especially to… more »
10 Answers
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)

Hello security professionals,

What is the main difference between these two terms in incident response:  mitigation and remediation.

Please share some examples, if applicable.

Thanks,

ITSecuri7cfd - PeerSpot reviewer
ITSecuri7cfdMitigation is taking your car in for an oil change and tune up.  Remediation… more »
5 Answers
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)

Hi SOC analysts and other infosec professionals,

Which standard/custom method do you use to decide about the alert severity in your SOC? 

Is it possible to avoid being too subjective? How do you fight the "alert fatigue"?

Robert Cheruiyot - PeerSpot reviewer
Robert CheruiyotHi @Evgeny Belenky, I think as long as you do this thing manually, you will… more »
6 Answers
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi peers, I believe many of you have already heard of the recent Log4j/Log4Shell vulnerability that allows attackers to perform remote code execution (RCE). What does it mean for an organization? How can you check you're vulnerable and mitigate/patch it now, if at all? Lastly, what impact do...
Read More »
ITSecuri7cfd - PeerSpot reviewer
ITSecuri7cfdYet another chance to test our incident response procedures.  So far I would… more »
5 Answers

Security Incident Response Articles

Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi dear community members, This is our latest community digest. It helps you catch up on recent contributions by community members. Comment below with your feedback and suggestions! Trending What are the Top 5 cybersecurity trends in 2022? What are the main benefits of modern IT Asset D...
Read More »
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi community members, Spotlight #2 is our fresh bi-weekly community digest for you. It covers cybersecurity, IT and DevOps topics. Check it out and comment below with your feedback! Trending What are the pros and cons of internal SOC vs SOC-as-a-Service? Join The Moderator Team at IT Ce...
Read More »
CristianoLima - PeerSpot reviewer
CristianoLima
Senior IT Infrastructure Engineer at Tecnoage
Keeping up with the evolution of cybersecurity and the threats that are haunting the IT industry across all industries, this text pays special attention to ransomware, as this practice is on the rise in the world of cybercrime. Let's focus on the subject, specifically on the Healthcare sector. ...
Read More »
Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager
PeerSpot (formerly IT Central Station)
We receive alerts all day long - alerts about emails, incoming Whatsapps and SMSes, posts on social media, etc. At some point we become desensitized to these alerts and stop noticing them anymore - a phenomenon known as “alert fatigue.” Seventy percent of a SOC analyst’s workday is spent dealing ...
Read More »
Buyer's Guide
Security Incident Response
August 2022
Find out what your peers are saying about VMware, IBM, Trellix and others in Security Incident Response. Updated: August 2022.
620,600 professionals have used our research since 2012.