We brought Zafran Security in to provide continuous threat exposure management, awareness, and vulnerability management.
The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
We brought Zafran Security in to provide continuous threat exposure management, awareness, and vulnerability management.
What I appreciate the most about Zafran Security is that it is awesome, and the ability to identify truly critical vulnerabilities that needs to be addressed is a standout feature.
We saw benefits from Zafran Security almost immediately after deploying it.
We have asked for many feature requests related to Zafran Security, and they have been really responsive. I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements.
The specific enhancements of Zafran Security are reports that will support our mission, our business' mission, and the mission of our security team.
We have been using Zafran Security for just under a year.
I do not know the exact length of time it took to fully deploy Zafran Security, but I know when it was finished.
Zafran Security is a very stable platform, with no issues of lagging, crashing, or downtime.
Zafran Security is very extensible, very scalable, and reliable.
I have not contacted Zafran Security's technical support, but my team has.
My team's experience with the support for Zafran Security is excellent.
Positive
I have evaluated some of the alternatives, and Zafran Security was the leader, which is why we chose them.
The initial deployment of Zafran Security is easy for my team.
The deployment model and cloud provider information are not provided.
I think the pricing of Zafran Security is fair based on our analysis of how much time and effort it saves in terms of FTEs working additional patching, so we were able to cost justify it, even though I am always going to say it is more than I want to pay.
We chose Zafran Security because of their core functionality in exposure management, their willingness to be a partner and not just a vendor, and their eagerness to take our recommendations for feature enhancements, looking to us to make the product better because of our experience with the platform.
We are just a customer of Zafran Security; we are not an official partner or a reseller.
On a scale of one to ten, I rate Zafran Security a nine.
Zafran Security is helping reduce the amount of critical vulnerabilities in our environments that require prompt remediation. It has helped us focus on the assets and critical vulnerabilities that actually matter and have a real impact in preventing an incident or breach. Zafran has really helped us stay current with threat intelligence and all the new vulnerability insights that come out, especially for vulnerabilities in actively exploited and may exist in runtime.
The solution has helped us get new information out in front of those who must remediate immediately, which has allowed us to move swiftly with reducing vulnerability risks on the network. Because of this, the amount of time required to address vulnerability remediation has reduced. The product has also aided us in addressing infamous vulnerabilities and threat actors that are the constant variable in the threat landscape.
Overall, we have seen about an eighty-seven percent reduction in the number of vulnerabilities that require high urgency to remediate.
Zafran has also significantly reduced the amount of time to identify which assets are more vulnerable to specific threat actors. The tool has also cleaned up our vulnerability database and centralized all of our data sources, eliminating the need to jump between multiple tools.
The compensating controls consideration of Zafran brings a new light to TVM that we've never had before. It is unique compared to other Continuous Threat Exposure Management (CTEM) platforms where vulnerability risk is adjusted based off protections in place for our assets. When we were going to market for a solution, this feature alone drew our attention. Integrating with our existing security stack and encompassing all of this data together has been game changing.
The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements. Overall, you get some dashboards and widgets to start with that are helpful, but customization was lacking. It is definitely a weaker point of the product right now, but am confident this will be changing soon!
We have been using Zafran Security for about eight months.
We have never experienced any downtime, crashing, or slowness with Zafran .
Scalability with Zafran Security can happen very quickly because it is an easy solution to implement. Because it leverages existing investments in your environments and technologies you own, the scalability is very quick and easy for anything more. If you have a new solution you are bringing in, you would be able to easily integrate that because Zafran Security supports dozens of integrations, and they continue to add more, so they are scaling with you. If you had a particular need to do a more custom integration, they could build you an integration within a month.
We have contacted the technical support of Zafran Security through their support portal, and they have provided very quick responses. They listen to our feedback and have been very responsive. We have had phone calls with some of their leadership for specific use cases and feature requests. Overall, it has been very good, and we have always achieved a resolution.
Positive
No
The initial deployment of Zafran Security was very easy. The solution does not require a lot of infrastructure to stand up and support. It is a cloud-based solution that leverages your on-premise or cloud-hosted security components and tools. It simply requires pointing all of those to their cloud, which made it very easy and seamless to implement.
The deployment of Zafran Security required maybe two people, definitely not a full team. Zafran's staff truly feel like a part of our team and it's easy to tell they care about your organization just as much as you do. Their engineers and technical folks have been able to answer all of our questions and allowed implementation to go very smooth.
It took probably about six to seven months to fully deploy Zafran Security, primarily because we had to do a lot of training. We have a fairly big group using this tool. The technology itself being stood up and implemented with the integrations and data only took about three or four months.
The current pricing of Zafran Security is fair overall. They were good to work with to accommodate our organization with a longer-term cost model that worked best for us, so they are a good partner in that respect.
We have never used any CTEM alternatives to Zafran Security that include the compensating controls factor, and we're not aware of any equivalent product that does this. The only comparison that has came close is a tool called called Xdome from Claroty. That tool does some vulnerability data aggregation and risk analysis for vulnerabilities but it does not auto calculate compensating control effects on vulnerabilities.
On a scale from one to ten, we would rate Zafran Security a nine for support.
They were able to guide us every step of the way to implement the solution, taking out the guesswork.
Overall, we would rate Zafran Security a nine out of ten for everything.
