We performed a comparison between ServiceNow Security Operations, Siemplify, and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product."
"ServiceNow Security Operations also takes care of GRC, governance, risk and compliance, enabling it to provide risk assessment."
"It's stable."
"The "follow" feature is really good. If the user is not responding, there's an option to "follow". Just click on the button, and it will automatically trigger an email to the end user."
"The ease of use is great."
"The solution is stable."
"The product has a very simple UI."
"It gives you the ability to bring data into the system. The workflows are out of the box, and it gives you the ability to auto-assign the incidents based on criteria and vulnerabilities."
"The most valuable feature of Siemplify is the playbooks that can be created."
"Without hyperbole, I have never, in my entire career, encountered a vendor or a vendor community as awesome as Siemplify. Siemplify and the Siemplify Community quite literally made it possible for our SOC to increase almost five-fold in our number of clients and number of analysts and to go from a Monday to Friday 9-5 shop to a 24/7 shop all in the span of under a year and a half and all while continually adding capabilities and improving the services we offer to our clients."
"The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations with other security operation solutions, enhancing our flexibility. The user interface is generally straightforward, although recent changes may require some adjustment and Siemplify's integrations and capabilities offer potential support for various compliance requirements."
"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."
"The most valuable feature of VMware Carbon Black Cloud is the possibility of securing any PC worldwide."
"The most valuable feature is its ability to seek out abnormal activity and to create alerts."
"Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
"For setup, the server can be given to you as a VM image and with minimal configuration needed."
"It is challenging for the customers to understand the processes for SecOps. It needs to be simplified."
"There is room for improvement in terms of developer support and documentation."
"In future releases, I would like to add a follow-up and reminder feature. For the tickets in our queue, we could set reminders. This would help us prioritize older tickets before moving on to new ones."
"They should stick to the roadmap and continue to build plugins and integrations with other third parties, enhance the UI, and enhance the reporting. It's all good. They should just continue enhancing the releases."
"There are limitations for the third-parties that are providing the inputs. They should increase the robustness of the solution."
"The product is called SecOps, but it is not security operations in terms of SIEM solutions."
"It's very slow. When you click a button or update a field, it takes forever to actually react."
"The threat intelligence module needs a better dashboard."
"I'm inclined to say that I'd love to see some Machine Learning capabilities integrated into the platform, however, I just attended a demo this morning where Siemplify gave a sneak peek into some Machine Learning capabilities that they are currently developing and have roadmapped for release soon."
"Building the playbooks could be easier and the integration could improve. It is a difficult process, such as what API connections need to be made."
"We often encounter minor issues that could be improved, but we maintain communication with the developers and submit feature requests. Recently, I requested enhancements such as improved search functionality within playbooks and expanded options for exporting case data."
"The biggest issue I encountered was one where old logs were not being overwritten as expected so the system drive kept filling up from time to time. However, support was usually quite responsive and happy to jump on a remote session to take a look at it for us. That log bug has probably been resolved with an update by now."
"The cloud console has a lot of bugs and issues in the analysis part."
"One area for improvement is the maturity of its vulnerability features."
"Training and education for both partner and customer, including product marketing need to be improved."
"The threat intelligence feed could use some fine tweaking."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"The solution's support could be improved."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
More ServiceNow Security Operations Pricing and Cost Advice →