Share your experience using StealthDEFEND

The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.

Use our online form to submit your review. It's quick and you can post anonymously.

Your review helps others learn about this solution
The PeerSpot community is built upon trust and sharing with peers.
It's good for your career
In today's digital world, your review shows you have valuable expertise.
You can influence the market
Vendors read their reviews and make improvements based on your feedback.
Examples of the 83,000+ reviews on PeerSpot:

Nikunj Kamboj - PeerSpot reviewer
Cybersecurity Analyst at OnX Canada
MSP
Top 20
Integrates well with our existing SIEM tool and helps in identifying suspicious activities
Pros and Cons
  • "VMware Carbon Black Endpoint is a highly stable solution."
  • "Performing a malware scan usually takes a lot of time, more than 24 hours."

What is our primary use case?

VMware Carbon Black Endpoint is a log system for one of the clients, and that's the main source where we get logs for their endpoints.

What is most valuable?

VMware Carbon Black Endpoint is a highly stable solution.

What needs improvement?

Performing a malware scan usually takes a lot of time, more than 24 hours.

For how long have I used the solution?

I have been using VMware Carbon Black Endpoint for two months.

What do I think about the stability of the solution?

I haven’t faced any issues with the solution’s stability.

I rate the solution ten out of ten for stability.

What do I think about the scalability of the solution?

Around 500 users are using VMware Carbon Black Endpoint in our organization.

I rate the solution ten out of ten for scalability.

What other advice do I have?

The solution's integration with our existing security infrastructure is good. Whenever we have any alert in VMware Carbon Black Endpoint, we can easily that alert in our SIEM tool and check logs from the SIEM tool itself. VMware Carbon Black Endpoint is just a secondary security tool for us, and we are just monitoring the alerts from it.

The solution's behavioral analytics feature helps in identifying suspicious activities pretty well. Whenever we have even a small thing, we get an alert. The solution is deployed on the cloud in our organization.

Performance-wise, the solution is doing great in terms of connecting to the host directly. Performing a malware scan usually takes a lot of time, more than 24 hours. A malware scan is something that we do only on Carbon Black for the old endpoint devices and servers. It used to take sometimes three days to perform. I would recommend the solution to other users.

Overall, I rate the solution an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Integration Dept. Manager at Nssc
Real User
Top 20
A tool with good integration capabilities and great stability
Pros and Cons
  • "It is a stable solution...It is a scalable solution."
  • "The response time of the support is an area of concern where improvements are required."

What is our primary use case?

I use IBM Resilient in my company to manage areas like automation of non-easy tasks and to be able to integrate with other security controls in our environment. The tool is also useful to manage areas like ticketing and case management.

What needs improvement?

The configuration area to deal with during the very beginning or initial stages of the product can be the hardest part for users. Dealing with the configuration part in the beginning stages can be difficult since it is very important for users to have the capability to identify what is required within the tool and what you want to automate. The product's configuration during the beginning stages can be an area that needs to be considered for improvement.

The response time of the support is an area of concern where improvements are required.

For how long have I used the solution?

I have been using IBM Resilient for three years. My company has a partnership with IBM.

What do I think about the stability of the solution?

It is a stable solution.

What do I think about the scalability of the solution?

It is a scalable solution.

How are customer service and support?

The solution's technical support was good. I rate the technical support an eight out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

In my company, IBM Guardium Data Protection is used for monitoring purposes, specifically by those who manage the company's SOC area. With the tool, it is possible to have a centralized location for all the logs, and it helps with a correlation of use cases, specifically the ones related to security.

My company uses Imperva for database activity monitoring and data security.

How was the initial setup?

The product's initial setup phase was a bit difficult, but my company received all the support we needed from IBM. During the initial setup phase, my company faced some unexpected challenges during the process within our environment. There will be some issues or problems during the product's installation phase.

The solution can be deployed in around 40 days.

The deployment process was carried out with the help of two people in our company.

What was our ROI?

The product offers good value in terms of money. The product's use in our company saves around 80 percent of our time.

What's my experience with pricing, setup cost, and licensing?

The product is expensive. There is a need to make yearly payments towards the licensing costs attached to the solution. There are no costs except for the support services that our company pays in addition to the licensing charges attached to the solution.

What other advice do I have?

I use IBM Resilient in my company for incident response and management within our organization by temporarily integrating the tool with the firewall, considering the fact that it can block attacks after we automate many of the processes.

IBM Resilient has helped streamline our company's cyber resilience and security operations, and it helps save time for our analysts. If someone else tries to take care of the aforementioned process manually and carry out investigations alone, then such a person may see that it is not an easy or simple task. The tool takes care of the tasks by itself, saving time for my company.

The features of IBM Resilient that I found to be most effective for automating our company's security incident response processes stems from the ease of operations that the product provides ease of use in areas like workflows and playbooks, making it a product that ensures its users experience ease of development when using the tool. The product also offers a lot of integration capabilities, allowing users to use the tool in a customized manner, as everything can be integrated with the solution.

The product's integration capabilities with other security tools have enhanced the incident response workflow since the integration part was easy to manage. Knowing the company's use cases and internal processes well enough can help its users identify what they want to protect and the projects they have, which in turn can make everything easy to handle in the tool.

Our company has an engineer to take care of the maintenance of the product.

In terms of the improvements I noticed in my organization's compliance or reporting since the implementation of IBM Resilient, we have complied with many standards, especially those related to our local controls. In terms of compliance, our organization was able to close many gaps.

I recommend the tool to those who plan to use it.

I rate the overall tool an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate