The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
The solution tells us where we need to perform actions. It makes us more efficient and measures the efficacy of the controls we've implemented. If we use a threat actor like APT28, the tool will tell us quite effectively how robust our email, web gateway, and endpoint controls are. It is an end-to-end solution for very sophisticated malware.
Endpoint testing is the most valuable feature. The product has a very good impact on our team’s productivity. We don't need to be an expert in the product to use it. The reporting capabilities are very good. I rate them ten out of ten. It's one of the most useful features because it gives you a metric for your efficacy. We use them as a baseline to manage our outcomes. The product has improved our security posture. It tells us where we need to invest. It tells us where we need to improve. The tool has been invaluable to me for what I use it for.
The product must provide consultancy for initial setup. The solution needs better marketing. It will help people to understand the product better.
I have been using the solution for two years.
I rate the tool’s stability a ten out of ten. Since it's a SaaS service, there's nothing for me to do. We have agents on our Cymulate device, but most of the solution is with Cymulate. It is not with the customer. It is fairly easy to integrate the product with third-party solutions. We've integrated it with Microsoft Defender.
The tool is scalable. We have it in all of our businesses. Our enterprise has 2000 users, but we also have the solution in small offices with 30 users. We scale the product up or down depending on our use case.
Before Cymulate, the market hadn't evolved enough. I transitioned to it from using vulnerability management tools like Rapid7. Vulnerability management tools would tell me where I'm vulnerable. I have migrated to breach and attack simulation tools in the last two years. I bought Cymulate because we had a successful proof of concept. The company and the pricing scaled quite nicely with what we wanted.
Cymulate is a SaaS solution. The initial setup was not difficult. We must be mindful that we're going to have some teething trouble. We found it reasonable because we ran a proof of concept first. When we put it in the enterprise, we knew the potential pitfalls.
We have seen a 100% return on investment. We're not a large information security team. The solution tells us quite explicitly where we need to focus. Other vulnerability management tools might tell us where the vulnerabilities are, but they might not tell us where to focus.
The product is affordable. There are no additional costs associated with it.
We evaluated other options. The market leaders are all the same. The differentiator is price.
I've never had to deal with technical support. We have a dedicated customer success manager. I have a weekly meeting to talk about new updates and problems. People who want to use the solution must do a proof of concept and understand their use case before buying it. It is not a vulnerability management tool.
I don't use everything the product has to offer. For my particular scenario, it works fine, and the features within the tool set are also fine. I'm in Australia. The tool is relatively new to the market in Australia. We were one of the first customers, so we have a very good relationship. I will recommend the product to anybody. Overall, I rate the solution a ten out of ten.
Our customers utilize Cymulate for various purposes, such as conducting ransomware assessments and auditing their overall security posture and technology infrastructure. By leveraging Cymulate's cloud platform, we assess their security readiness and identify vulnerabilities. Our approach involves utilizing Cymulate for vulnerability management and conducting thorough assessments based on the specific needs of each client. This includes using simulated attacks and exercises, to evaluate their defenses comprehensively. The scope of our assessments varies and is tailored to the unique requirements and challenges faced by each organization, allowing our technical team to creatively address and mitigate potential risks.
Cymulate's platform has enhanced our customers' cybersecurity preparedness and awareness, primarily targeting the internal team rather than end-users. By engaging in routine exercises and assessments, the team's proficiency in handling security threats has significantly improved within two to three months. This results in an estimated enhancement of the organization's overall security posture by at least twenty percent.
The dashboard and reporting capabilities of Cymulate have supported security decision-making across multiple areas.
Cymulate has been instrumental in identifying and mitigating advanced threats such as ransomware through assessments and testing of zero-day vulnerabilities.
The most valuable feature for us is the zero-day and advanced APT scenarios for SOC and security teams.
The management at Cymulate is inconsistent and unreliable, particularly in the sales process. Changes happen abruptly, with sudden shifts in personnel and strategy. The turnover rate for key positions, such as general management, is high, contributing to a sense of instability and dissatisfaction among clients.
The reporting process requires significant improvement as technical reports often provides general advisory with insufficient remediation details for IT operations, also "top level" non-technical reports are lacking expected quality.
I have been working with it for three years.
It provides good stability capabilities. I would rate it eight out of ten.
Overall, it scales up seamlessly. We serve around seven enterprise customers.
I've always had the chance to communicate with live representatives, so I haven't had to reach out to support directly. In my experience, their support is reasonable, with no significant drawbacks or issues. They respond in a timely manner, which is appreciated. I would rate it eight out of ten.
Positive
The initial setup is straightforward. I would rate it nine out of ten.
The deployment time for Cymulate's services varies depending on the starting milestone, whether it's from the initial setup or another point. For instance, for a ransomware assessment, the initial installation typically takes just one day, with results often available within two to five days, sometimes even within the same day. Once the customer's use cases are agreed upon, setting up the tenant becomes the primary focus, which can be a significant challenge. This involves configuring the agent deployment, determining which segment to install the agent, and finalizing policies and tests. Despite this initial hurdle, the process becomes more straightforward once these steps are completed.
Cymulate's services are expensive for CE EU region . In some cases, it may be more cost-effective to hire a local competitor or ethical hacker for a year to perform frequent testing rather than purchasing Cymulate's services at the same price. I would rate it six out of ten. They offer a subscription model, where additional costs may arise from scaling the solution, such as expanding the number of agents, or adding modules. However their MSSP licensing strategy is unpredictable.
While Cymulate's technology shows great promise and delivers excellent results, their approach to positioning the solution appears to overlap with other companies like Tenable, making them both direct and indirect competitors. Cymulate must refine their messaging and manage expectations effectively.
In my experience, they need to be more attentive internally and mindful of potential negative impacts on customers. They exhibit a high degree of flexibility, which can result in sudden changes without adequate alerting. Communicating with them via phone for business matters can be challenging.
On a scale from one to ten, I would rate Cymulate's technology level at eight, but their business level at four out of ten.
