We performed a comparison between Bitsight Third-Party Risk Management, Cisco Umbrella, and McAfee Web Protection [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about RSA, BitSight, OneTrust and others in IT Vendor Risk Management."I prefer BitSight due to its patch management capabilities. The score is a valuable feature. I have contacted the customer support through e-mail and their response rate is fast. I rate the solution a nine out of ten."
"Its customer service team responds quickly."
"The solution is user-friendly."
"The product helps us identify the vulnerabilities of internet-facing applications."
"Offers open ports from an external point of view."
"Provides dependable DNS monitoring of external devices."
"Helps block personal email accounts."
"The most valuable feature is the ability to block users from reaching places that they should not even try to reach has been a boon."
"They have a wealth of articles in their knowledge base. This has given me the freedom to troubleshoot on my own time. "
"It has the ability to quickly block new threats."
"Meraki features and cloud-based functionality are advanced and easy to manage centrally."
"Web proxy adds an effective layer for security."
"Cisco Umbrella is such a solution and can be implemented very fast and easy. All that we must do is redirect the DNS registers in their routers, or the active directory service of the enterprise that are going to use in Umbrella services. If you buy the service now, in two hours you are protected by the service because it's very fast to put in service."
"The solution does what it's meant to do."
"The most valuable feature of this solution is that it protects against threats that are coming from the web."
"The most valuable feature is the ease in the configuration for security roles."
"The stability has a good standard right now."
"The most valuable is the blocking of blacklisted sites, a URL that is, either by intelligence or by McAfee, detected as a malicious site."
"The solution is not too expensive. It's affordable."
"McAfee Web Protection was a good tool because in the olden days when you had to use a proxy tool when browsing the internet. Today the logic has changed slightly, in the sense your protection's taken onto the cloud. You'll exit a predefined gateway on the cloud before your internet browsing happens and therefore you're secured."
"It is functional. It has reduced risk and downtime while also ensuring regulatory compliance, which is critical."
"The solution’s benchmarking should be improved."
"Its factor analysis feature could be better."
"At the moment, when the vulnerability score decreases, it remains the same for quite a while, even though issues are resolved in 24 hours."
"There may be room for improvement in the methodology for identifying findings, as occasional errors occur on the technical side."
"Data enrichment is the major issue."
"It had the ability to do a lot of app control. So, every single app that went through that portal was registered, but there is a general issue with the whole app control. As soon as you add a mobile phone to your network, all of the apps get registered through the system, and you can approve, reject, or just let them go through. When I looked at it, it was impossible to manage app control. There was just so much data. I didn't apply that service because I just didn't have the time to manage it. It would be good if there was a way to categorize applications."
"I would like to see Cisco enable us to get objects from the internet. I would also like to be able to choose groups."
"Its DNS service does not support IPv6 query."
"The only thing I can think of is that I'd like to see a little more flexibility in policy creation. The way that policy is currently structured is like a "first hit succeeds" kind of policy. It would be nice if it were more hierarchical."
"The API is very Cisco orientated, which is absolutely fine if you're using Cisco Firepower and SecureX kind of products, but if you want to integrate with third parties, it is a bit tricky. There are some key API connectors for the more prevalent SIEM tools. I would really like to see in Cisco Umbrella the ability to create customized reports and then assign the rights to view these reports to people within a group. I should be able to create a customized report, which is viewable by anybody who has the rights. I should be able to create groups within Cisco Umbrella, and then assign reports to groups and have those reports split out automatically only to those groups. I can kind of do it by restricting my email list, but it is a half-complete way of doing it."
"It should have a real-time malware classification engine. It should check the malware on the website. It would be good if it had a real-time malware check for the websites because currently, it just compares the DNS queries of the blacklist. It should also have malware control over file execution and the types of files that the users are allowed to download."
"One of the issues with Umbrella is as you get into endpoint detection and response, such as EDR point solutions, some of them will not integrate well with Umbrella. Sometimes when you want to use technology, such as Always On VPN, it will not work. There are some looming issues as one type of technology starts to crossover with Umbrella. That is the challenge and Umbrella should find a way to be more compatible with some of the endpoint response solutions that are coming out on the market."
"There are a couple of different pieces that have different portals. I know they're working on getting them all into one portal, but that's probably the biggest thing that needs improvement right now. It's not a single pane of glass yet."
"The manufacturerers should have more transparancy about exactly what is getting filtered when you use the product and why."
"In McAfee Web Protection there are gaps in the security design, in the overall architecture, the gaps need to be fixed."
"The True Key version for mobile phones should be improved. The password manager is not as seamless as on the desktop. Once implemented, on the desktop, when you go to the site, it automatically fills and connects you, whereas, on the mobile phone, it doesn't do that quite seamlessly. You need to open the True Key application and then select the password you want to use. It then opens in the browser. There are fewer steps in the desktop version as compared to the mobile version."
"The solution should be more proactive in regards to sending you updates."
"The solution could always use more security features. If it was more secure, it would be an even stronger product."
"McAfee Web Protection can improve the information provided for hybrid installations in the console. Additionally, having cloud protection would be good."
"There is a real need to make sure all the updates and improvements are in order to keep the security at top performance to continue defeating threats that come daily."
"We need a better customer experience and more flexibility in the product."
More Bitsight Third-Party Risk Management Pricing and Cost Advice →