Share your experience using Bottomline User Behavior Analytics

The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.

Use our online form to submit your review. It's quick and you can post anonymously.

Your review helps others learn about this solution
The PeerSpot community is built upon trust and sharing with peers.
It's good for your career
In today's digital world, your review shows you have valuable expertise.
You can influence the market
Vendors read their reviews and make improvements based on your feedback.
Examples of the 83,000+ reviews on PeerSpot:

Regional account manager at a tech services company with 51-200 employees
Real User
Top 5
Covers endpoints and network data for a comprehensive view of threats
Pros and Cons
  • "In terms of incident response, Cynet can contain attacks, offer a trial period to customers, and uninstall if not continued. The most valuable aspect is its integration capabilities, covering endpoints and network data for a comprehensive view of threats."
  • "I cannot provide more details about Cynet's automation features. While Cynet claims to be automated, the specifics of this automation are unclear. They claim to have a high capability to detect and block attacks, but I am cautious about companies that claim to solve every problem without limitations. It does help in identifying malware on the network but doesn't specifically identify vulnerabilities."

What is our primary use case?

I have limited direct contact with end-users, but as far as I know, customers use Cynet for real-time threat detection and integrate it with other solutions.

What is most valuable?

In terms of incident response, Cynet can contain attacks, offer a trial period to customers, and uninstall if not continued. The most valuable aspect is its integration capabilities, covering endpoints and network data for a comprehensive view of threats.

What needs improvement?

I cannot provide more details about Cynet's automation features. While Cynet claims to be automated, the specifics of this automation are unclear. They claim to have a high capability to detect and block attacks, but I am cautious about companies that claim to solve every problem without limitations. It does help in identifying malware on the network but doesn't specifically identify vulnerabilities.

For how long have I used the solution?

I have been user of Cynet since 1.5 years.

How are customer service and support?

I don't have direct experience with Cynet's tech support, but I assume they are good based on general feedback.

How was the initial setup?

I don't have direct experience with setting up Cynet, but I believe it involves on-premises installation for certain components while the console is in the cloud.

What's my experience with pricing, setup cost, and licensing?

I don't have specific information about integration capabilities or licensing costs.

What other advice do I have?

I cannot personally rate the product, but in general it can be almost eight or seven. I would recommend Cynet to others, especially for integrated MDR solutions. The perceived value of Cynet lies in its effectiveness in saving customers from aggressive attacks and critical situations.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
Vikas Dusa - PeerSpot reviewer
Cyber Security Trainer and Programmer at freelancer
Real User
Top 5
Useful for security operations, threat response, and DFIR
Pros and Cons
  • "During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
  • "The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."

What is our primary use case?

We use the tool for deployment, incorporating both EDR and SIP management. It serves the purpose of event management, including log retrieval from endpoints, malware detection, and providing about system health. This includes assessing vulnerabilities and determining the level of risk the system is exposed to at specific points in time. Its dashboard is wonderful. 

We use Rapid InsightIDR for security operations, threat response, and DFIR. It also provides lab practices to individuals. 

What is most valuable?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group.  The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint.

It provides user entity behavior analysis and a threat intelligence framework, combining SIEM and EDR for automation. My experience with user behavior analytics is positive and wonderful. It allows fetching logs, managing users, and overseeing endpoints. The capability to conduct investigations and import applications, along with configuring endpoints by collecting data, adds to its functionality. The platform offers a variety of features, including a dashboard for new alerts. This dashboard provides a quick overview of the number of users, endpoints, and noticeable behaviors. 

What needs improvement?

The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources. 

For how long have I used the solution?

I have been using the product for more than three years. 

What do I think about the stability of the solution?

I rate the product's stability a nine out of ten.

What do I think about the scalability of the solution?

I rate the tool's scalability a nine out of ten. 

How was the initial setup?

The initial setup is easy. It involves tasks such as data collection, onboarding, and downloading, making the process straightforward for clients. You can deploy it on mobile devices as well. It offers deployment options for iPhone users and Windows. 

What other advice do I have?

In one instance, we faced a threat from the DarkSide ransomware, known for its ability to execute without requiring administration privileges, including a privilege escalation part. This particular ransomware was embedded in an Excel file, and it didn't need any administrative privileges for execution. The hackers cleverly concealed the DarkSide ransomware within an Excel file. When an unsuspecting team member tried to open the file, an alert indicated the malicious nature of the Excel file.

The employee was unaware that the  Excel file contained a ransomware threat. As security personnel monitoring the endpoint received an alert, they immediately contacted the individual, notifying them about the presence of the DarkSide ransomware. The security team advised against opening the file and guiding the user to delete it.

I cannot compare Rapid7 InsightIDR with other tools directly because it has integrated both EDR and SIM. It combines these functionalities into an XDR platform, operating at a different level compared to other services. Additionally, the network analysis provided is wonderful.

The product is easy to use and easy to understand. It is lightweight. I rate it a nine out of ten.

I recommend it for easy deployment, enabling swift detection from endpoints to the cloud. This accelerates security orchestration across various environments and endpoints, aiding in risk mitigation within hybrid environments. The system is valuable for discovering new threats and offers exposure management to enhance understanding of the entire security operation.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate