We performed a comparison between Galvanize IncidentBond, Palo Alto Networks Cortex XSOAR, and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."The customization and the transparency of data while still maintaining a mostly user-friendly UI, are key features. It allows for me, as an engineer, to evolve the individual components and modules, and to create a much more meaningful picture than the individual pieces in isolation ever could."
"The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily."
"It is a scalable solution. I would rate scalability a ten out of ten."
"The solution is very reliable."
"It is a scalable solution."
"The repository of playbooks and the integration between Palo Alto and IBM QRadar are some useful features"
"The product is quite easy to use."
"The pricing is very good."
"From the security team's standpoint, the solution has improved our organization's overall cybersecurity."
"For setup, the server can be given to you as a VM image and with minimal configuration needed."
"The most valuable features are the threat-hunting and the batch console."
"The detection response and quarantining are very good features."
"The most valuable feature is its ability to seek out abnormal activity and to create alerts."
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"The solution does very well as a baseline EDR and provides good process-level management."
"We are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts."
"The most valuable features are its lightweight design, ensuring minimal impact on end-users, and its real-time protection."
"Stable – Release – Experimental" system with their releases, and all the proper checks and balances, I’d be an incredibly happy individual. I can appreciate the cause and affect, wherein the customization of the tool drives rapid release schedules, and the paradox that creates with the idea of stable releases. I’d also like more transparency about known bugs and issues."
"The price of the solution could be improved."
"It is not a very scalable solution."
"Palo Alto Networks Cortex XSOAR could improve the Panorama feature. We had to turn it off because it was not working properly."
"For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added."
"We need a little hands-on experience to install the solution."
"Corex XSOAR could be improved by reducing the time it takes to process large amounts of data and increasing the number of integrations."
"The solution's correlation rules and playbooks should be improved."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
"It's not simple."
"The biggest issue I encountered was one where old logs were not being overwritten as expected so the system drive kept filling up from time to time. However, support was usually quite responsive and happy to jump on a remote session to take a look at it for us. That log bug has probably been resolved with an update by now."
"The solution can only handle about 500 bans or blocks."
"One area for improvement is the maturity of its vulnerability features."
"The dashboard should be more user-friendly."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"The threat intelligence feed could use some fine tweaking."
"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
Earn 20 points
