"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"Good detections for PowerShell. and good user interface."
"The most valuable feature is its ability to detect and eradicate ransomware using non-signature-based methods."
"It has given us a more structured approach for detecting and preventing threats. It has machine learning-based detection and prevention. Their engines, in even older versions, are able to pick these viruses and malware. They have posted a lot of use cases online for detecting different viruses and malware that have been out for many years."
"Deep Instinct’s prevention-first approach to stopping unknown ransomware and malware is the reason why we purchased the product. The pre-execution versus post-execution is a big piece for us where it is able to stop something before it even hits the box or desktop. That was one of the big reasons why we went with Deep Instinct."
"I really like the behavioral analysis feature, because it looks at all the different things, like arbitrary shellcode and reflective DLL. It looks at a lot of things that threat actors use as threat vectors to get into the environment."
"The support is very good. They reply and respond very quickly."
"The most important thing is that it is for prevention. It prevents attacks of any type of malware. Normally, what we've seen in other products is that they are not for prevention. They isolate a possible threat that they don't understand or know about, and then they check it with our database to see if it needs any correction or elimination. This means that the threat is already inside a customer's base, whereas Deep Instinct prevents a threat from getting in. Prevention is basically done by an agent in each installation, PCU, or product. An agent has its own intelligence to be able to detect if it should stop a threat or not. It has been taught. It is like a brain that has been taught to react according to any possible threat. Deep Instinct is very light. It doesn't take too much CPU attention or memory. It doesn't slow down the performance. You don't really realize any change in the performance, which makes it very different from other solutions. They are usually heavy for the users."
"I like the fact that you can create patching campaigns depending on the area of your network that you want to address first. I like the ability it has to make several campaigns that work in parallel."
"Tanium's most valuable features are patch management, inventory, and distribution software."
"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."
"Threat hunting is a very good feature on Tanium. We have just started using it and have not used it extensively."
"This product has issues with the number of false positives that it reports."
"I would like to see integration with Cisco Analytics."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"In terms of the user experience, if the UX design could be much simpler [that would improve things]... if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something."
"We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints."
"The GUI needs improvement, it's not good."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"They have a manual, but it is not excessive."
"Some features are too resource intensive."
"The Deep Instinct client stops working when you have two servers and you add high availability or Windows Failover Cluster mode. It doesn't work in a clustered mode. I haven't yet had time to go back and talk with their support and get it fixed. It would be good if they can make the installation independent of an actual user. Currently, its installation is dependent on the actual user being logged in. For example, a computer has to be logged in for the installation to happen. If it is not logged in, then on the cloud platform, it is going to show that the client is offline. On the management side of the cloud platform, we would like to have the administrators segregated by logical entities. We have told them that on their cloud management platform, we would like to be able to segregate clients into different logical entities or organizations so that the administrators are able to manage only those entities that are within their designated organization."
"Its support for Linux and Unix operating systems can be improved. Currently, they cover macOS and Windows, but they don't cover Linux and some of the Unix products. Pricing is also an issue. Its pricing is not as aggressive as it could be, and its price makes it difficult to sell. Customers feel that they can get an antivirus for a lower price, even though it is not a similar product. It is technically different. Their SLAs can be better. They have to give you 24/7 support, but their SLAs are not very good. They should be better documented, and the offerings should also be a little bit better. What happens is that the SLAs end up in the hands of the intermediary, seller, or the local partner of Deep Instinct in a country. The customers want very fast SLAs in a very short time, but Deep Instinct doesn't give them at the same speed. Having said that, SLAs are important when you have a lot of issues, but this product doesn't have too many issues, so it is not a big concern. However, for a customer who doesn't know the product, it could be a concern."
"I would like a little more training for the admins."
"The interface on the endpoint could be a little more descriptive and more valuable. It doesn't always tell you the data you need to see. Improvement there would be very helpful."
"If the client is working remotely and doesn't have a VPN then the deployment is difficult to do."
"The main issues are the network connection because different customers have issues with their networks. It's difficult implementing this type of solution because the network is the main feature in the architecture for these types of solutions. Tanium could improve by creating some network optimization."
"The solution can give a lot of false positives."
"The performance could improve in future releases. We have had performance issues in specialized web environments, but overall I think the problems are less than 2% of the computer systems being used."
"The most painful thing is the interface. It's a bit unclear sometimes."
Deep Instinct is ranked 24th in EPP (Endpoint Protection for Business) with 7 reviews while Tanium is ranked 30th in EPP (Endpoint Protection for Business) with 4 reviews. Deep Instinct is rated 8.0, while Tanium is rated 7.6. The top reviewer of Deep Instinct writes "Enables us to be a lot more proactive and saves us time on incident response". On the other hand, the top reviewer of Tanium writes "Great inventory tool that that scans well for vulnerabilities and offers minimal end-user disruption". Deep Instinct is most compared with SentinelOne, Microsoft Defender for Endpoint, CrowdStrike Falcon, CylancePROTECT and Check Point Harmony Endpoint, whereas Tanium is most compared with Microsoft Endpoint Configuration Manager, CrowdStrike Falcon, Microsoft Defender for Endpoint, BigFix and Tenable SC. See our Deep Instinct vs. Tanium report.
See our list of best EPP (Endpoint Protection for Business) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
