Deep Instinct Prevention Platform Reviews

We use the solution for our MSP and MSSP clients. Our clients' range of industries involves finance, insurance, and professional services. So, we use it across almost all companies.

One of the advantages of the solution is that it provides only two updates a year.

It performs most of its duties effectively in the pre-execution stage. Whenever someone downloads a file, the system immediately detects it and prevents its execution if required. If a file bypasses the initial download detection, the system will still intercept and stop it in the pre-execution stage.

I think it's probably the administration, especially the administration platform, which could be improved in the solution. It's clunky and hard to navigate, especially for inexperienced technicians. So, I want to see better platform administration and easy navigation in the future.

I have experience with Deep Instinct Prevention Platform for three years. Also, I am using the latest version of the solution. My company is a reseller of the solution.

Stability-wise, I rate the solution a ten out of ten.

Although not currently within our organization, we have a potential use case for approximately 850 endpoints or clients in finance, professional services, and other businesses.

Scalability-wise, I rate the solution a nine out of ten.

The solution's technical support is very responsive and helpful. In the past, technical support has answered all my queries very quickly. So, I rate the solution's technical support a nine out of ten.

Previously, I used Trend Micro. Trend Micro is a bad product, as it uses too many resources from my clients. So, none of my clients wanted the solution.

It doesn't cost us anything to maintain the solution. So as far as investing any time into deployment or maintaining it, there's none. It's deployed very easily. Also, the deployment can be done remotely.

The deployment process takes about one and a half minutes per PC. So depending on the size of the client, we might spend an hour or two deploying it. And depending on the technology our clients possess, they may be able to deploy it by themselves. We can also help them deploy the solution over the phone.

We have a return on investment of about 100% using the solution. So, we charge a reasonable amount for the solution from our clients.

There are no additional costs on the price, and our company has a support contract, which bundles in those services anyway. The cost is something I can't split out exactly for each desktop or each endpoint.

Though I can't tell you what we, in our company, looked at as an alternative for Trend Micro, we chose Deep Instinct Prevention Platform since we needed it.

I would absolutely recommend Deep Instinct Prevention Platform to those planning to use it. Overall, I rate the solution a ten out of ten.

We are using Deep Instinct for malware protection on servers and workstations. We are using its latest version.

It has given us a more structured approach for detecting and preventing threats. It has machine learning-based detection and prevention. Their engines, in even older versions, are able to pick these viruses and malware. They have posted a lot of use cases online for detecting different viruses and malware that have been out for many years. 

The Deep Instinct client stops working when you have two servers and you add high availability or Windows Failover Cluster mode. It doesn't work in a clustered mode. I haven't yet had time to go back and talk with their support and get it fixed.

It would be good if they can make the installation independent of an actual user. Currently, its installation is dependent on the actual user being logged in. For example, a computer has to be logged in for the installation to happen. If it is not logged in, then on the cloud platform, it is going to show that the client is offline. 

On the management side of the cloud platform, we would like to have the administrators segregated by logical entities. We have told them that on their cloud management platform, we would like to be able to segregate clients into different logical entities or organizations so that the administrators are able to manage only those entities that are within their designated organization.

I have been using this solution for four months.

It is stable. There are no issues related to its stability. 

We haven't scaled it yet. We have 250 or so endpoints, which include workstations, servers, etc.

Tech support is provided by our MSP, Cyberforce. They are based out of Austin. They are also providing the solution. They respond very quickly, and they are good. I would rate them a nine out of ten.

We didn't use any other solution.

It was very straightforward and simple. You can obviously do the installation through the command line. It is not a typical EXE file that you just double click and install. 

We have NinjaRMM as our remote management tool for all endpoints. We were able to create a script on NinjaRMM and just do an automated install to Ninja. In a matter of 15 minutes, we had installed it over 200 servers or workstations.

We are a nonprofit. The MSP had provides pretty decent nonprofit rates for us. This was one of the key factors that made us choose Deep Instinct over its competitors who were significantly more expensive.

We compared Deep Instinct with Cylance and CrowdStrike, and we ended up going with Deep Instinct. We felt it was going to give us better coverage, and the cloud management platform was also much easier to use.

It is definitely worth looking at before you make a decision. 

I would rate Deep Instinct a seven out of ten. There are a few kinks, but it is a new company, so we can't expect everything from day one. With that understanding, we accepted some of the shortfalls.

We are a software reseller and managed service company, and Deep Instinct is one of the EDR solutions that we implement for our customers. It is one of two EDR solutions that we offer to our client base as a managed service and a 24/7 basis.

The primary use case is ransomware control.

We think of this product as a fishing net that fits into the computer and has all of the capabilities and understanding of what ransomware and malware look like. It reacts to the look of ransomware, as opposed to trying to detect it by using a signature.

In our experience, it is a whole different concept that is extremely effective.

The most valuable feature is its ability to detect and eradicate ransomware using non-signature-based methods. It is not a traditional EDR.

My primary concern is that there are elements of the MSSP model that need updating. Specifically, there are some technical controls that need to be updated and it means that rolling it out is a little bit more complicated than it has to be. If the client is working remotely and doesn't have a VPN then the deployment is difficult to do.

In the future, I would like to see additional reporting made available.

Adding a firewall would negate the need for some products by other vendors. More generally, adding traditional endpoint security features over time would mean that we would not have to support multiple platforms.

We have been using Deep Instinct for eight months.

The stability seems to be fine. Occasionally, we have to consider the brain of the solution, which is the component agent that goes to the endpoint. It remains stable because you're only pushing it out three or four times a year. Because it is not signature or EDR-based, you don't have updates.

Scalability with this product is superb. We currently have about 2,000 clients who are using Deep Instinct.

We also work with FortiEDR.

The initial setup is very straightforward.

The length of time required for deployment depends on the number of users that the client has. We have some clients with 500 to 1,000 users, whereas one of our clients only has eight. I would say that you can finish deploying this product in less than half a day, regardless of size.

We are satisfied with the pricing. 

The most complicated part about endpoint security these days has to do with COVID because you have so many people who are working remotely, and they made the transition without a lot of forethought. The cloud-based deployment helps because if you are in an on-premises environment, it's extremely complicated unless they have VPNs.

Overall, this is a good product and it is extremely effective. That said, changes to the deployment process and making the reports a little prettier would be a good way to improve it. Functionally, it meets our requirements, but it doesn't have all of the bells and whistles that other products have.

I would rate this solution a seven out of ten.

It is currently in the testing phase for two of my customers, one with a large enterprise and another medium-sized company. We have tested both to understand which company is best suited for this solution.

It's a new solution that is beneficial for the endpoint because they have a new perspective on cyber security. 

The agent and this platform do not require the endpoint to be connected to the network because the agent is designed to understand the threat, and tags it. 

When the platform is connected to the network, he receives new mathematics as well as other tools to check the threat.

The documentation could be improved. They have a manual, but it is not excessive.

I have been working with Deep Instinct for approximately one year. It's a new solution in Italy that has been released for one year.

For the moment, stability is not a question, for the amount that it is being used. We hope that it continues to be stable.

The support is very good. They reply and respond very quickly.

I would rate Deep Instinct a seven out of ten. It is a good solution and a good idea, but it is a very, new platform, and we must determine whether or not it is a truly effective security platform. We need more time to understand it.

We used it basically with the idea of replacing antiviruses. We've done a proof of concept with a few customers. The experience has been at some customers of ours, but there hasn't been a final sale. We used the latest version of this solution.

The most important thing is that it is for prevention. It prevents attacks of any type of malware. Normally, what we've seen in other products is that they are not for prevention. They isolate a possible threat that they don't understand or know about, and then they check it with our database to see if it needs any correction or elimination. This means that the threat is already inside a customer's base, whereas Deep Instinct prevents a threat from getting in. Prevention is basically done by an agent in each installation, PCU, or product. An agent has its own intelligence to be able to detect if it should stop a threat or not. It has been taught. It is like a brain that has been taught to react according to any possible threat.

Deep Instinct is very light. It doesn't take too much CPU attention or memory. It doesn't slow down the performance. You don't really realize any change in the performance, which makes it very different from other solutions. They are usually heavy for the users.

Its support for Linux and Unix operating systems can be improved. Currently, they cover macOS and Windows, but they don't cover Linux and some of the Unix products.

Pricing is also an issue. Its pricing is not as aggressive as it could be, and its price makes it difficult to sell. Customers feel that they can get an antivirus for a lower price, even though it is not a similar product. It is technically different. 

Their SLAs can be better. They have to give you 24/7 support, but their SLAs are not very good. They should be better documented, and the offerings should also be a little bit better. What happens is that the SLAs end up in the hands of the intermediary, seller, or the local partner of Deep Instinct in a country. The customers want very fast SLAs in a very short time, but Deep Instinct doesn't give them at the same speed. Having said that, SLAs are important when you have a lot of issues, but this product doesn't have too many issues, so it is not a big concern. However, for a customer who doesn't know the product, it could be a concern.

I have been using this solution for a year or so.

It is totally stable. There is no problem with its stability.

It is scalable. Our clients are medium to large organizations. 

Their support is pretty good. Their documentation is also all in order.

It is pretty straightforward to have it working. Its deployment is very fast. You put the agent into a computer or mobile phone, and it is very light. Everything is connected and registered in the console, and the console will do an audit and follow up with every unit in the network. You can get those statistics and information out of the console.

It is pretty simple to deploy and maintain. It doesn't really need maintenance. Many other competitor products have very frequent revisions or upgrades of the product, sometimes even in the same month or week, whereas with this product, there are at the most two revisions or upgrades in a year. It is very simple to administer it.

Its pricing is too high, but that is not because of the product. It is expensive because of the cost of the console. You need a console to control the whole thing, but the console is expensive. You have to split this cost among all possible users. Normally, to be able to make it economically attractive, you need at least 1,000 agents, PCs, or users. If you have a customer with 300 to 500 agents, PCs, or users, it becomes too pricey.

It is very simple to get it working and keep it working.

I would rate Deep Instinct a nine out of ten. It is a great product.

I'm a security consultant and we are customers of Deep Instinct. 

The user interface is a good feature. It shows which process has been accessed and the flow. The detections for PowerShell are also pretty good as is the active scripts detection feature. 

Some of the features are very resource intensive, such as the ransomware detection. It consumed so much of the resource on the endpoints that we have disabled those functions. If they could improve the detection logic so that those elements would consume less resource, that'd be effective. They could also improve the reporting feature so it coul be more like you find in Maltego or IBM's i2. They could introduce a graph feature to coordinate between search and those things, perhaps a dashboard of some kind.

I've been using this solution for almost a year and a half. 

This is a stable solution. 

This is a scalable solution. We have around 3,000 endpoints and one person in our company who deals with maintenance. 

We had difficulty connecting with them and initially we were not sure who to contact. It took around eight to 10 hours to get hold of that person so support could be improved. 

I would not recommend this solution for small companies but for companies that deal with sensitive data, I would recommend it as an additional layer of security. It cannot be used as a stand alone product from my perspective, but it can be used with a defense-in-depth approach.

I would rate this solution an eight out of 10. 

We provide managed services for our clients and we are looking at this solution for many, if not all, of our customers. Depending on the results of our evaluation, we may be making it our standard.

This solution is good at catching viruses and it's very effective and lightweight, which are all things that you want in an antivirus product.

It's fast in comparison and we like that. It's simple, which is okay.

Reporting on incidents needs improvement. It doesn't give very much information compared to Sophos. Sophos will give you a graphic that you can zoom in on the subject and find out everything that the exploit tried to do. It gives you a visual sense of what is going on.

When it does find something I am not 100% sure that they are exploits or if they are false positives. At times, it can be difficult to tell what the problem is.

The deployment was a bit difficult. It was more difficult than Sophos, for example, with having to create an installer. I had to read through a lot of documentation to figure it out. It's clunky and cumbersome.

In Sophos, I can click what I want and it downloads an installer for each tenant. It just takes seconds. Whereas with Deep Instinct, I have to create a whole script and a lot more steps to deploy it.

You have to be more technical to deploy it. You can't just send a file to an end-user and have them install it. You have to have technical expertise.

The dashboards are quite primitive compared to Sophos, which is both good and bad. It's good because it's fast.

Easier Deployment would be better. More integration with RMMs, such as LabTech or Automate. Also, there should be more optics. When it does something, more information on what's happening would help us to make better decisions.

We are still in the test phase at the moment, but I know a few companies that use it in mass and they like it a lot. From them, I know that it is stable.

The solution is scalable and there are no issues with that.

Previously we were using Webroot, but we are in the process of getting rid of it. We are thinking of moving all of our clients to Deep Instinct, and Sophos. We may have some clients on one and some on the other.

We have been using Sophos for five years now.

Sophos uses a huge amount of resources. There are a lot of components, and because it has so many, sometimes there are problems with installations. When there is a problem it takes forever to fix it. Also, it drains battery life on my laptop or tablet. With Deep Instinct, it lasts for hours.

 We are in the process of evaluating Deep Instinct.

I would suggest that people seriously consider using Deep Instinct. It's no-frills but effective and lightweight.

At this point, I would rate this solution an eight out of ten.

I use it to help my customers secure their environments. I am using it internally for my own network as well.

I had one of the traditional AVs in my environment and I had some sort of unusual behavior on my machine. I was trying to figure out what was going on. The AV did not pick it up. I tried some other solutions as well, traditional ones, to find out what was going on, but nothing got picked up. The machine was very slow and at times it would act very funny, screens would flick around and sometimes it would just close down.

I definitely knew there was something going on. I thought, "Given I have Deep Instinct now, let me try it on that machine." When I installed it, the moment it started to scan the machine, it picked up this particular virus which had actually masked itself like a fake OS. It had actually taken over my original machine. Nobody else was able to pick it up, but Deep Instinct was able to and it freed up my machine. Now the machine is absolutely fine.

I've got the image of that virus in the sandbox to try to find out exactly what sort of virus it is. As of today, nobody else has picked it up. It's a six-month-old virus.

Some of my customers have come across quite a few other malicious files which were underscored by other solutions and, obviously, they were not happy with the traditional solutions. They have compared it with the likes of Kaspersky, Trend Micro, Symantec, and McAfee, but Deep Instinct stands out, catching everything. Deep Instinct is much more powerful because of the way that it has been made.

In my own environment, Deep Instinct has found around 15 to 20 such malicious files in six to seven months.

It also helps with real-time prevention of unknown malware. I was trying to backup one of my mobile phones on my laptop, and some script would have ended up being uploaded onto my machine. Because the agent was live, the moment it detected something it just blocked it. It just picks up things straight away.

I haven't really looked at the CPU consumption, but given that even when the scanning was going on, as well as any live detection that comes through, I have never seen any performance degradation on my machine. It's been working fine without me noticing anything happening in the back end. I haven't seen any problems in terms of the performance of the machine, but I haven't really checked out the CPU consumption. I probably would have looked at it if I had found the machine was slow. But I've never needed to because it is so fast.

There is no comparison, regarding CPU consumption, when you look at competitors. There's really no comparison at all. One of the major AVs has so many different services that degrade the performance quite a lot, and one has to keep turning off all the other services just to keep my machine working and to avoid alerts. It has been a very different experience using Deep Instinct. I don't have to worry about some other solution adding more services. One engine does its job.

For me, it definitely takes a lot of time and effort away from trying to find the cause of the problem if an attack happens. Without the solution, if something goes wrong, it's usually going to take a couple of hours just to figure out what's wrong with the machine. It definitely saves that time and effort.

It is a very easy solution in terms of the deployment. It's just a single agent that has everything in it. You don't have to really think too much about your strategy for securing your endpoint. With the EDR solutions, you have to install it, then you have another service history installed, and you have behavioral analytics, etc. With this, everything is in a single small "box," a small agent that has pretty much got everything. This is what has excited me, my team, as well as my end customers who are using it. It's an absolutely fantastic solution. 

It's very easy going and has got the latest technology, which is the deep learning. That is one step ahead of machine-learning because there is no feature engineering in it. That is the key difference. With today's solutions, everything around them can be re-engineered given they have access to similar tools outside. Given the proprietary framework these guys have, nobody else has access to it. That makes it more secure.

It classifies unknown malware as well. I've got various classifications already: either a backdoor entry or 100 percent virus or malware or a scripting shell. Scripting shell has been detected quite a lot. Viruses have been detected. Two backdoor entries have been trying to get on. I've got a number of different types of attacks that have been happening.

From the dashboard, I can see what I've picked up that's live. I can see the number of users, the number of devices, what are the risks. It has remote accessibility to deploy the agent as well as remove the agent, as well as modify it and update it.

It has the lowest false-positive ratio that I have come across. I have only had one which was a legitimate file that I had to whitelist. It was for one of the applications I was trying to install and integrate. But the false-positive ratio is very low.

The online and offline mode of this technology has actually made a huge difference. I don't have to worry about my employees when they take their machines anywhere. Whether they're connected or not connected, I know it's all secure. If anybody tried to put in a USB or whatever, it just does its job. From that perspective, I see a big difference.

If they can bring some additional, complementary solutions, like network scanning and the like, that will help. If they had some sort of a firewall which could help detect DDoS attacks and other things. It's just an extension of what they do, so it would not be just the endpoint. If they can take the technology and make it more useful across the network and add anything that could help improve the work environment, that would be good. 

I'm watching closely to see what they next bring onboard. But within the product itself, overall I don't see any required improvement because it has a very lightweight agent, it's fast and quick, and it detects everything. I haven't experienced any negativity on the Deep Instinct side.

The UI is pretty straightforward. It's very simple. It would be nice to have if there were options where, if I have to do SIEM integration, I could do so from the UI: Just pick and choose what SIEM solutions the customers use and have options to have out-of-the-box connection facility. If I had an option to do SIEM integration out-of-the-box from the user interface, that would be handy.

It's very stable. I haven't had any issues with the deployments, any performance issues, or conflicts with anything.

One exception was when one of my customers tried to do the install Deep Instinct, but their existing Bit Defender was detecting the solution as something trying to get into the environment. Obviously there was a conflict. We just whitelisted on both sides and both of them were talking to each other. They were augmented rather than competing.

It's quite scalable. In fact, I'm working on an opportunity where we're looking at around 20,000 seats. I don't see any issues, although time will tell when we deploy 20,000. But it is scalable to that extent.

Support is fantastic. Whenever I have any kind of query or questions, the team is absolutely spot-on, responding back immediately.

When I was doing a small pilot for one of my customers, I got stuck with a very silly thing about creating a user ID in the organization. I got stuck with configuring some rules and policies. I called and, within 20 minutes, somebody called me back and I had my answers. I had no problems at all.

Whenever I want to contact them, they proactively get back to me, so I don't have to keep chasing them.

I moved out my other solutions after I got Deep Instinct. I didn't want to have anything else further complicate the matter, in case something happened with a machine. I removed them all and just use Deep Instinct.

I said, "All right, let me take your solution on board and also be an advocate in my country." I was one of their first customers and partners in the country because I was so convinced about the technology that they presented. I've never seen anything like it before. I can see the power of it, I can see how it can benefit customers. 

The Set-up is very straightforward.

For deployment, I just need to extract the agent from the console and send it across and run it. It takes 15 to 20, max, to do a small deployment. Depending on the size of the organization, if using central deployment tool, just put it into an image and deploy it. When it runs it starts talking to the console without any other intervention.  No issues at all.

Depending on the size of the customer, It will take some time to do the initial setup of the console. In total, it will take about an hour-and-a-half to have everything, with the user-group policies defined, the users defined, the sites, and all the other things that can be done without much hassle.

I wanted to put together a standard document which would help customers to just do that but, as it's so simple and straightforward, I just keep everything ready on the console. I create the customer details on the console and just send the agent. 

There's no rocket science involved at all here and that's why it is so easy. There is nothing else to be prepared because there is no system downtime. You don't have to integrate this solution with anything else. It is autonomous and it just does its job.

In terms of staff for deployment, it's a one-man show. And there's hardly any maintenance because, once the agent is deployed, there is nothing else to be maintained, unless there is a conflict with something else. Apart from that, the product doesn't require any maintenance.

Vendor Team. They are excellent !

I have definitely seen ROI. Whatever price I paid for, I got my returns when it detected that virus that was in my environment already. I got my returns pretty much by securing all that. The information that probably would have gone out, had that virus spread to other machines, could have been a big catastrophe for my business. It's done its job and it's pretty much paid off what I spent on it.

Pricing and licensing are very straightforward. It's two SKUs, one is for the console and the other is for the client. 

One thing about their licensing program that I like is that just one covers the server as well as on the endpoint as well as mobile devices. There is no complexity in calculating how many SKUs I need for mobile, for laptop, for desktop, and for servers. It's very simple and that makes it much easier to budget. You know how much you're spending and how you're securing your environment with that technology.

I've never come across anything like this. I looked at other things as well. I've been hearing about Carbon Black, Cylance, CrowdStrike, and all the other AI & ML Solutions. All of them have limitations in terms of what they can do and how they do it. It's still human intervention. It's still behavioral analysis, heuristics, etc. There's nothing wrong with that, but they still haven't found a way, like Deep Instinct has, to take all that pain away in a single solution.

Deep Instinct can actually predict unknown malware that is going to come out, as well, because of the way they have built this technology. It can predict the tiniest mutations of viruses or new malware that is coming out. These guys can predict it straight away, whereas the others can't, until something goes through and they work on it and find to fix it. I.e., post execution, where the damage is already done! Everything they do is post-execution. What's the point? If your technology, which you say is that great, cannot detect earlier on, prevent it before happening, then I don't think it's good enough.

That is what I have seen with Deep Instinct. It doesn't even allow something malicious to pass through. It saves a lot of time and effort in cleaning up rather than saying, "Okay, fine, I blocked it. Nothing to worry about."

I've been sharing all my experiences around using it and how it's secure and that it's the next wave in the security world. It's changing the way security is looked upon from the endpoint perspective. They have made life so much easier. There's so much complexity with all the other solutions. When I talk to anybody, I tell them that if they really want peace of mind and a technology that can actually take care of your assets, Deep Instinct is the one to look at.

In terms of extent of use and increasing usage, I'm still a small organization, and growing gradually. I am getting more customers on board. The scale is obviously going up. At this moment, I'm managing roughly 400 + devices, with about another 3,000 in the pipe.

It's a ten out of ten. It's the best. All around, I'm pretty happy with them. I'm just excited to see what they bring me next.