Coming October 25: PeerSpot Awards will be announced! Learn more

Deep Instinct OverviewUNIXBusinessApplication

Deep Instinct is #24 ranked solution in endpoint security software. PeerSpot users give Deep Instinct an average rating of 8.2 out of 10. Deep Instinct is most commonly compared to SentinelOne: Deep Instinct vs SentinelOne. Deep Instinct is popular among the large enterprise segment, accounting for 57% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 21% of all views.
Deep Instinct Buyer's Guide

Download the Deep Instinct Buyer's Guide including reviews and more. Updated: October 2022

What is Deep Instinct?

Deep Instinct is the first and only company applying end-to-end deep learning to cybersecurity. Deep learning is inspired by the brain’s ability to learn. Once a brain learns to identify an object, its identification becomes second nature. Similarly, as Deep Instinct’s artificial deep neural network brain learns to prevent any type of cyber threat, its prediction capabilities become instinctive. As a result, any kind of malware, known and new, first-seen malware, zero-days, ransomware and APT attacks from any kind are predicted and prevented in zero-time with unmatched accuracy and speed anywhere in the enterprise – Network, endpoint, Mobile – enabling multi-layered protection. To learn more, visit: https://www.deepinstinct.com.

Deep Instinct Video

Deep Instinct Pricing Advice

What users are saying about Deep Instinct pricing:
  • "Their pricing is very competitive. It is good, fair, and a lot cheaper than what we were doing with Cylance."
  • "Its pricing is too high, but that is not because of the product. It is expensive because of the cost of the console. You need a console to control the whole thing, but the console is expensive. You have to split this cost among all possible users. Normally, to be able to make it economically attractive, you need at least 1,000 agents, PCs, or users. If you have a customer with 300 to 500 agents, PCs, or users, it becomes too pricey."
  • "We are a nonprofit. The MSP had provides pretty decent nonprofit rates for us. This was one of the key factors that made us choose Deep Instinct over its competitors who were significantly more expensive."
  • Deep Instinct Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Elena Yau - PeerSpot reviewer
    Director Of Information Technology at a individual & family service with 201-500 employees
    Real User
    Prevention, in advance, saves us remediation time
    Pros and Cons
    • "When we were looking at Carbon Black and Sophos, the prevention pieces weren't as strong when compared to DI, which is why we decided to go with DI... I would rather have a product that does the prevention up front and saves me the effort of having to wipe someone's workstation."
    • "When things get done automatically, I would appreciate more logging of what's happening in the background... we should be able to backtrack from the log that gets uploaded to our cloud instance and see, forensically, what the root cause was."

    What is our primary use case?

    We've become a hybrid mix with COVID. Some folks are completely remote, while others, like our support teams, HR, finance, and IT, are in a hybrid role, where they can come into the office but predominantly work remotely. And we do have some folks who are in the office, although they are few and far between these days. More of the protections are around the individuals wherever they are. The office boundaries have really been extended so we're putting more controls around those peoples' laptops.

    How has it helped my organization?

    It has caught a lot of things for us and prevented a lot of things, saving some of our time. It prevented a couple of ransomware situations and that does give me peace of mind. When it does catch something like that, it locks up the person's computer and they end up saying to us, "Hey, what's going on? My computer is not working right." We say, "Yeah, you picked up something and it looks like it's ransomware," when we look at the log. The solution is doing its job by preventing that from spreading. For people who are hybrid and come back into the office, I don't have to worry about that.

    For the most, Deep Instinct has done a pretty good job of blocking a lot of this stuff in advance. That means we don't have to spend all that time remediating things and can do more of the forensic investigation part. It's been a great ride having Deep Instinct on the side.

    We have a small IT team. We only have one cyber security engineer and a couple of help desk individuals. It's helped our team a lot, and our agency as a whole, in terms of enabling us to focus on other things, rather than fighting all those battles on everybody's endpoint.

    In the past, when we used a traditional antivirus, it wasn't really blocking anything. It was more signature-based and a lot of things were coming through. What usually ended up happening was that we would have to wipe the computer and there would be at least a couple of days of downtime for that individual. And that was in the past, before COVID, when people were traditionally coming into the office where they had another device they could work on.

    But now, everybody only has that one laptop or one desktop, so if they're out, they're out. With DI, we haven't had that issue where we have to wipe that person's computer out. Usually what we find is that if it's some adware, we just clean out and reset their browser and that gets them back in the game. That saves us a lot of time and effort for all our staff.

    In short, it's a time-saver. There are a lot of things that DI does in the background for prevention. I don't have to worry too much about risk. The only risk for us is if an endpoint doesn't have Deep Instinct at all. As long as we have DI on an endpoint, it's going to do its job and I don't have to worry about the risk when they're taking that endpoint home or elsewhere. It's definitely one good layer of investment that we have put in and we're definitely going to keep that going.

    What is most valuable?

    The prevention pieces, which are the policies we worked on with the DI team, are very valuable. They guided us through a setup with policies that were very conservative. We can see what gets flagged. Eventually, we tweaked them with the DI team so they're blocking more. That has really helped our team to save time.

    It's very easy to use for a small team. We're a non-profit and we don't have a big cyber team and individuals that can do the pen testing, the red team/blue team type of work. We only have one individual who is dedicated to the role of monitoring and making sure that we're safe. So the prevention piece it gives us is very important. It saves us a lot of headache.

    What needs improvement?

    We have a PHI (protected health information) committee, and some of the things that we review on a weekly basis are incidents. For example, if there was malware or adware or some kind of phishing attempt, or even ransomware, we would have to investigate and see if there was any PHI impact. We've seen small things because some kind of adware made its way through the browser from some malicious link, and it's really hard to prevent those. We're putting more levels of filtering around that.

    There are some product development ideas that we have been working on alongside the DI team, and they've been super helpful. There are definitely a lot more little areas of improvement for the interface.

    Also, we have talked with the DI team about adding the forensic piece, which is what we do a lot. That would be added value and they've just recently provided more individuals to think about the roadmap. That's part of their strategy and one of the good features that they want to bring on. Hopefully, they can bring that to fruition and that will ease our workflow a little bit more.

    The additional predictive and prevention capabilities in the 3.0 version, that don't require special rules and configuration, help our organization. The only caveat is that when things get done automatically, I would appreciate more logging of what's happening in the background, if it is doing some kind of intervention. If we need to do some forensics, we should be able to backtrack from the log that gets uploaded to our cloud instance and see, forensically, what the root cause was. We should be able to see what instigated that trigger by DI and what exactly was done. That's a missing piece. It does a good job of preventing, but then we don't know what were the symptoms of the prevention.

    Let's say that there was like a PowerShell block. We'll see an indicator on the dashboard and we'll look at the logs and investigate. Sometimes we find that the logs that are captured locally on the endpoint itself are not very thorough. We were coached through our training with DI that, when troubleshooting, the DI team would always ask for the logs from the endpoint. We know what we need to do to look at something. But the logging for DI doesn't capture everything. There are some things that are missing. When it comes to root-cause analysis, or kill-chain analysis, and figuring out exactly what happened, it's very hard to do that right now on the product. I have used Carbon Black before and they're pretty good with the forensic analysis. That does save some efforts of my one engineer and myself when we have to go through the PHI committee. Right now, with Di, that feels like a blind spot.

    Another area for development is making the license clean-up a little bit easier. We always have to manually uninstall agents. If there were some way to remove the licensing and do better license management on the platform, that would help my team as well.

    Buyer's Guide
    Deep Instinct
    October 2022
    Learn what your peers think about Deep Instinct. Get advice and tips from experienced pros sharing their opinions. Updated: October 2022.
    634,775 professionals have used our research since 2012.

    For how long have I used the solution?

    We have been using Deep Instinct for about two years.

    What do I think about the stability of the solution?

    These days, it's more stable than it was.

    In the past, when we pushed out agents, we would experience issues with getting online updates. There were agents that would just lose connectivity and wouldn't report back. That required manual interaction, but that was in version 2.x. 

    Now, it's pretty smooth. The updates have been happening and we can see all the nodes reporting back. The ones that are not reporting back are, of course, offline. Those are the ones where we try to determine if they are truly not connecting or they're just turned off.

    What do I think about the scalability of the solution?

    It's very quick to scale. We haven't had issues. As long as we deploy the agent with our deployment management console, it's pretty easy and everything else gets set up in the background, such as policies, et cetera. It's pretty painless.

    We have 700-plus devices being protected, and that's just laptops and desktops. It has the ability to bring in Chrome in the future. The mix of people using this product includes our executive team, our support, and the rest of our staff who are non-technical, who make up about 80 percent of our users.

    As soon as we have more staff, we will put Deep Instinct on their computers. We are evaluating Chrome. Eventually, we'd like to put in DI Chrome as well. The DI team is familiar with that setup and they can help us with that.

    How are customer service and support?

    I would rate their customer service and technical support as a solid eight out of 10. 

    In the past, when we had to reach out to somebody for technical support, we would go back and forth and provide them the logs. They would do the investigation and the conclusion wouldn't look like something that was worth the effort. That's something that the DI team is aware of.

    We would like the ability to do root-cause analysis. Usually, the times when we send in a ticket are when we're relying on technical support to give us feedback on why something happened. We try to piece together, with the user's story, what was happening. We try to correlate between the events, and when we're going back and forth with the support team, of course, they're in a different time zone. There are delays there.

    Rather than relying on the tech support for their analysis, I would like to be able to do our own analysis. If DI can bring in that ability for the customer, I would appreciate that more, and I wouldn't have to rely on and bog down the tech support team.

    If we ever need to escalate a ticket, our rep is always there to escalate it.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We had an old antivirus from Symantec that we didn't renew.

    As soon as we were hit with remote work and we needed to send everybody home with a laptop, I wasn't comfortable sending them home with the Symantec antivirus. Even though it had the latest antivirus definitions, it didn't do a good job of what it was supposed to do. I wanted something that was more behavioral-based. 

    I came across DI at a cyber security conference and talked with the reps there. I really liked the technology and then reached out to them and signed up.

    How was the initial setup?

    In the beginning, the deployment was more complex because the agent would have issues on a couple of servers and even on some endpoints. We had to troubleshoot with our DI team success engineer. During that time, there was also some co-development happening in the background by the DI team. The DI agent is very tamper-proof, which is good. You don't want a hacker to be able to tamper with the application. We had to work with the development team, in Israel, and they had to send new code and then re-deploy the agent. We had to do a little back and forth to figure out why we weren't able to install the agent and, when we tried to uninstall it, it wasn't working.

    Once we got the new agent-uninstaller and the new agent to deploy, it was a lot easier from there. It required a lot of engagement and check-ins with the DI team, which we appreciate. 

    But we're past that. It was version 2 of the agent. Now we're on 3.x and we're a few generations past that. It's been a lot more stable since they hired more of a QA team to review the code and put some quality assurance into it. Hopefully, that change will stabilize the development and what gets pushed out. We're a lot better for having DI, but during that time when we were going through the deployment, it was a little harder to figure things out. But we got there with the DI team.

    It's a cloud deployment. We started off small with just the IT team and certain groups so that we could see how it feels and how it works. Then we grew it out to scale and we worked on pushing out the MSI package to most of the machines. We're still going through a list of which machines do not have it. We continue to cycle some of the older stuff out and make sure that our assets do have Deep Instinct deployed on them.

    What's my experience with pricing, setup cost, and licensing?

    As a non-profit, we were able to get non-profit pricing from DI.

    Which other solutions did I evaluate?

    When we were evaluating different products—we were looking at Carbon Black and Sophos, the top ones—we definitely wanted something that was more behavioral-based. We came from a traditional antivirus that was signature-based, so anything would already be better than that. But having the prevention piece helps me sleep at night. I don't have to worry about it. The DI team is pretty good at keeping everything updated in the background and it then gets pushed out to everybody, as long as they're connected to the internet.

    When we were looking at Carbon Black and Sophos, the prevention pieces weren't as strong when compared to DI, which is why we decided to go with DI. We knew that we would sacrifice some of the root-cause analysis ability and some of that control.

    We did a trial with the others. Sophos tries to do a lot of the things that DI does, but we were more interested in the prevention piece. I would rather have a product that does the prevention up front and saves me the effort of having to wipe someone's workstation. 

    I have worked with Carbon Black in the past, and I do like their root-cause analysis and their ability to remote into peoples' workstations if we need to. That might be another consideration for DI to have some of those features, being in a competitive space with Carbon Black. I would like to be able to do more of the forensic, remote assistance, and remediation pieces.

    For instance, if it's some kind of smaller malware or adware that didn't get flagged, not a Zero-day attack but more the kind of things that are just annoying on people's computers, that does take up time. We have to do some research because they get annoying popups or their computer becomes slow. Those are things that we would like to be able to remotely assist with, since everybody is working from home.

    What other advice do I have?

    We use the PowerShell-type of prevention and that still needs some tweaking because it can be a little sensitive at times. It's one of those harder ones to catch. DI is very conservative when it comes to flagging things.

    For example, we have Lenovo laptops and we use PowerShell in the background to run their updates. We do find that Deep Instinct prevents some of those. We then allow them, per user, to see if that works out. But, overall, it seems to be flagging a little too much when it comes to the shellcode. We could open up more exceptions, but we're reluctant to open it wider. That would be another feature discussion with our DI team regarding how we can best handle and manage the exceptions for PowerShell. I don't know if some of the interactions between Lenovo and DI are the issue or if it's just strictly Lenovo. It's a little disruptive when we need to run updates, although we have ways to get around that until we can figure it out with the DI team.

    For the most part, it's done its job and I don't have to think about it. You set it up and you let it do its job. It's like a good employee whom you don't have to coach and tell them exactly what needs to be done; it just gets done. It has definitely added value for us, which is why we want to continue our relationship with DI.

    Look no further for a solution. Deep Instinct is the de facto choice right now, compared to the market. There are a lot of competitors that try to do what DI does, but I feel that DI does a better job at it.

    The things that can be improved are the root-cause analysis and the logging from the endpoint giving us more ability to decipher what is going on. There is so much "magic sauce" happening on the DI end that we don't know what's happening; it just does its thing. When there is a report of slowness of a computer, we don't know if that's DI being in the way or not. We want to be able to rule that out. Usually what we're relying on are the popups from DI, if the user saw them at all. I don't know if the popups are always a true sign that something's happening and whether there is something more happening beyond that.

    But Deep Instinct is a true win when it comes to the other choices. It's pretty top-of-the-line right now.

    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    Flag as inappropriate
    PeerSpot user
    Principal Security Analyst at a government with 5,001-10,000 employees
    Real User
    Enables us to be a lot more proactive and saves us time on incident response
    Pros and Cons
    • "I really like the behavioral analysis feature, because it looks at all the different things, like arbitrary shellcode and reflective DLL. It looks at a lot of things that threat actors use as threat vectors to get into the environment."
    • "The interface on the endpoint could be a little more descriptive and more valuable. It doesn't always tell you the data you need to see. Improvement there would be very helpful."

    What is our primary use case?

    We have it on our endpoints, and the main purpose is to protect them from all the things that can happen: phishing emails, USBs installed, links downloaded, malicious third-party tools being downloaded through patches, etc.

    How has it helped my organization?

    Deep Instinct has helped us to be a lot more proactive on the security front, rather than reactive. We still have to address the threats that it finds, but because it's proactive it stops things before they occur. Instead of spending time trying to investigate what happened, we spend the time on the front-end determining if it's something we should allow or not. It has saved us a lot of time in incident response.

    It has also reduced our SOC’s endpoint protection management time and resulted in a significant reduction in false positives. And while we haven't seen a drastic reduction in operational disruption with Deep Instinct, because the solution we had before was working pretty well, I'm sure the fact that it has detected and prevented things has helped people work a whole lot more effectively.

    As far as we know it has helped prevent the newest threats and that is very important. There's always something new coming out and trying to stay ahead of that is always a challenge. Compared to the solution we had previously, Deep Instinct is way more thorough in its analysis of the files and memory.

    What is most valuable?

    I really like the behavioral analysis feature, because it looks at all the different things, like arbitrary shellcode and reflective DLL. It looks at a lot of things that threat actors use as threat vectors to get into the environment.

    It's also very easy to use and very intuitive. That was one of the reasons we picked it. The console is really simple and easy to figure out, as is creating policies. Every policy just needs a group and you can break out the policies per group. That means when you need to make changes, you can do it pretty easily. I can change a group's settings by just opening up a window and selecting dropdown options. 

    You can also select what you want things applied to. You can be very granular with your application of it.

    I've also been very impressed with Deep Instinct's prevention-first approach to stopping unknown ransom and malware. We had another solution that took a very similar approach—prevention first rather than reactive. This was another one of the reasons we picked Deep Instinct. So far it has been very good at catching things before they execute, which is what we wanted it to do. It's very quick. As soon as it sees something, it quarantines it.

    And the predictive and prevention capabilities for shellcode and fileless-based attacks are very important. Yet another reason we picked it was because of how thoroughly it looks through files. It's also very helpful that the predictive and prevention capabilities are built into the 3.0 release and don't require special rules or configuration. When an update comes out, it doesn't require us to reconfigure the device or the policies. It just follows along with what happened before. And if something is a brand-new feature, it comes out in "detect only," and that gives us an opportunity to test it before actually doing any prevention.

    What needs improvement?

    The interface on the endpoint could be a little more descriptive and more valuable. It doesn't always tell you the data you need to see. Improvement there would be very helpful.

    For how long have I used the solution?

    I've been using Deep Instinct for about two years.

    What do I think about the stability of the solution?

    It's very stable. We've had no issues with that.

    What do I think about the scalability of the solution?

    It works well as long as you have an automatic way to deploy it, like SCCM or GPO, which they have provisions for.

    We use it throughout the environment as our endpoint solution. It is our only endpoint solution. We have it rolled out as far as we're going to at this point.

    How are customer service and support?

    Tech support helped me with a very complex problem that took a lot of digging and research, beyond the norm. They helped figure it out. Whenever I open a ticket, they respond within a couple of hours.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We were using another artificial intelligence solution, Cylance, that actually worked really well, but it lacked some of the features that we were looking for, including granularity and configuration options. Both Deep Instinct and Cylance are pre-execution and both work well.

    One of the differentiators between the two at the time was that Deep Instinct had so much configurability compared to Cylance. We could be very specific with how we set up our exclusions and allowances. I think Cylance has caught up, but at the time there was a difference.

    How was the initial setup?

    The initial setup was pretty straightforward. We just had to configure the console, and the professional services were a big part of getting that set up. Once you get the console configured, you deploy the agents. Once we got the automated deployment down, it was really easy. We deploy it through SCCM.

    Our deployment took about four months. We have a little over 5,000 users. For deployment we have two desktop staff, which is a redundancy as one person can actually do it. And there are two of us who watch the console every day.

    What about the implementation team?

    We used Deep Instinct professional services to help us. We did it ourselves, but they were there to help us when we needed assistance.

    What was our ROI?

    The return on investment is in the time saved and being able to be more proactive. It's given us a lot more insight into the environment, which we didn't have before. It has definitely been a big help.

    Which other solutions did I evaluate?

    We evaluated four others solutions. A lot of them were new and maturing as they went, but the big difference between Deep Instinct and everyone else was the pre-execution portion. Almost everything else we looked at was all post-execution or machine learning or artificial intelligence. Deep Instinct was the only one that uses deep learning and the only one that was consistently working on pre-execution.

    And with the other solutions that were pre-execution, sometimes something would get through and run. They would say, "Yeah, sometimes you want to watch it first," but Deep Instinct doesn't do that. Deep Instinct just blocks it first.

    During testing and evaluation, Deep Instinct performed very well. And their professional service engineer was very helpful in answering our questions and explaining how things work when we asked why things worked a certain way. And the performance has been better in our deployment than it was in the PoC, which is unusual.

    What other advice do I have?

    Test it thoroughly with all your use cases, and even on use cases you don't usually think about. Do your own testing. Don't rely on the vendor testing at all. The vendor testing was good and they did a demo, but definitely do your own testing. With every product we test, not just Deep Instinct, we do our own testing and that raises a whole lot of questions that normally might not be raised.

    Do your homework on the solution and how it works. Understand it. Go through the training materials they have. They suggested doing that initially but I did that toward the end, after deployment. I should have done it earlier. The lesson learned would be to become as familiar with the tool as possible. That sounds obvious, but sometimes in IT we just like to run with something and go.

    There's been a little bit of impact initially, here and there, on our endpoints, as far as performance goes, but once it gets tuned in, that seems to settle down.

    Overall, it's doing a really good job of reducing our organization's overall risk. What it picks up and blocks on a regular basis seems to be very effective.

    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Deep Instinct
    October 2022
    Learn what your peers think about Deep Instinct. Get advice and tips from experienced pros sharing their opinions. Updated: October 2022.
    634,775 professionals have used our research since 2012.
    Systems Architect at a government with 5,001-10,000 employees
    Real User
    Top 20
    We receive a lot fewer calls and help desk tickets
    Pros and Cons
    • "Deep Instinct’s prevention-first approach to stopping unknown ransomware and malware is the reason why we purchased the product. The pre-execution versus post-execution is a big piece for us where it is able to stop something before it even hits the box or desktop. That was one of the big reasons why we went with Deep Instinct."
    • "I would like a little more training for the admins."

    What is our primary use case?

    We have it on all our endpoint users' machines. The whole organization pretty much uses it.

    We are on the latest version.

    How has it helped my organization?

    Deep Instinct’s prevention-first approach to stopping unknown ransomware and malware is the reason why we purchased the product. The pre-execution versus post-execution is a big piece for us where it is able to stop something before it even hits the box or desktop. That was one of the big reasons why we went with Deep Instinct.

    We get a lot fewer calls and help desk tickets, where people say, "Hey, I got a virus," or "My machine is locked up." Productivity from an end-user perspective has obviously increased because they can get things done. From the help desk side, they don't have to go around troubleshooting or re-imaging machines.

    Deep Instinct has helped improve the employee experience via reduced operational disruption since less downtime means people work more. Their machines are not offline. This is very critical for our SOC operations and their remediation needs. If there are fewer threats that we have to deal with, then we have more time to work on the few things that we need to work on. We don't need to be troubleshooting a whole slew of stuff. So, it has definitely improved the lives of our SOC operation employees.

    Operations-wise, it has given us more uptime from the user community.

    What is most valuable?

    The most valuable feature is its inline processing, preprocessing, or prescanning against the files before they come in. Most A/B does post-processing so the preprocessing is big for us. 

    Another value of the solution is having fewer false positives. That is another big plus.

    They are pretty good with automatic updates and algorithms. They seem to catch the newest threats quite quickly. This is extremely important for our organization.

    What needs improvement?

    I would like a little more training for the admins.

    For how long have I used the solution?

    We have been using it for close to two years.

    What do I think about the stability of the solution?

    We love its stability. We think it will be around for a while.

    What do I think about the scalability of the solution?

    It is definitely scalable. We have had no issues with it.

    How are customer service and support?

    I would rate the technical support as eight out of 10. We put in a ticket, then they follow through, even if it is a complex case. So, they don't leave you hanging.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    It replaced another product that we had called Cylance. We wanted fewer false positives. Our prior solution gave us a lot more false positives. With Deep Instinct, we were able to cut that down by a lot. Now, all our desktops and laptops have Deep Instinct on them.

    How was the initial setup?

    The initial setup was pretty straightforward. Some training was needed since we needed to understand the environment. 

    We deployed to approximately 3,000 endpoints, which took us a couple months since we had to schedule and stage it out.

    What about the implementation team?

    We did it ourselves. A few staff were needed because we deployed it automatically.

    Day-to-day, there are just a couple of security analysts keeping eyes on the dashboard. They monitor and see if there are new threats, etc.

    What was our ROI?

    Deep Instinct has helped reduce our alerts due to false positive elimination, which has saved us at least 50%.

    The speed of Deep Instinct when preventing unknown zero-day, malware, and ransomware threats is really good. They are pretty up-to-date with their algorithms.

    We get a bunch of threats. It prevents hundreds, if not thousands, of these across the environment. 

    Deep Instinct has helped improve our SOC's endpoint protection management time. 

    It is critical for reducing our organization's overall risk. We depend on them. It is all about the endpoints, so they are a big player internally.

    What's my experience with pricing, setup cost, and licensing?

    Their pricing is very competitive. It is good, fair, and a lot cheaper than what we were doing with Cylance.

    Which other solutions did I evaluate?

    I definitely know we looked at CrowdStrike, but their technology at the time was not pre-execution. Their cost was higher as well.

    Deep Instinct is really at the next level. They are really good. Compared to a lot of the other bigger solutions, they are probably a bit slower. Their way of dealing with new viruses or threats is just a little different. This solution is pre-execution. Only a few vendors in the market can do that, which is why they are at a different level.

    Deep Instinct was a lot easier to stand up during the PoC evaluation time frame then other endpoint protection platforms.

    What other advice do I have?

    We need something like this, especially something that is pre-execution because there are always a lot of threats out there. We can trust this product and know that it is constantly and effectively working.

    As we bring in more departments, we have plans to increase usage.

    It is not hard to use. Once you understand how it works, it is not too hard.

    We are not running a lot on the server side.

    I would rate Deep Instinct as nine out of 10. They are growing and have a lot of potential. The sky's the limit for them.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    Flag as inappropriate
    PeerSpot user
    Paul Durand - PeerSpot reviewer
    Director at Ancona
    Reseller
    Top 20
    A great threat-prevention solution that is light, simple to use, and easy to deploy and administer
    Pros and Cons
    • "The most important thing is that it is for prevention. It prevents attacks of any type of malware. Normally, what we've seen in other products is that they are not for prevention. They isolate a possible threat that they don't understand or know about, and then they check it with our database to see if it needs any correction or elimination. This means that the threat is already inside a customer's base, whereas Deep Instinct prevents a threat from getting in. Prevention is basically done by an agent in each installation, PCU, or product. An agent has its own intelligence to be able to detect if it should stop a threat or not. It has been taught. It is like a brain that has been taught to react according to any possible threat. Deep Instinct is very light. It doesn't take too much CPU attention or memory. It doesn't slow down the performance. You don't really realize any change in the performance, which makes it very different from other solutions. They are usually heavy for the users."
    • "Its support for Linux and Unix operating systems can be improved. Currently, they cover macOS and Windows, but they don't cover Linux and some of the Unix products. Pricing is also an issue. Its pricing is not as aggressive as it could be, and its price makes it difficult to sell. Customers feel that they can get an antivirus for a lower price, even though it is not a similar product. It is technically different. Their SLAs can be better. They have to give you 24/7 support, but their SLAs are not very good. They should be better documented, and the offerings should also be a little bit better. What happens is that the SLAs end up in the hands of the intermediary, seller, or the local partner of Deep Instinct in a country. The customers want very fast SLAs in a very short time, but Deep Instinct doesn't give them at the same speed. Having said that, SLAs are important when you have a lot of issues, but this product doesn't have too many issues, so it is not a big concern. However, for a customer who doesn't know the product, it could be a concern."

    What is our primary use case?

    We used it basically with the idea of replacing antiviruses. We've done a proof of concept with a few customers. The experience has been at some customers of ours, but there hasn't been a final sale. We used the latest version of this solution.

    What is most valuable?

    The most important thing is that it is for prevention. It prevents attacks of any type of malware. Normally, what we've seen in other products is that they are not for prevention. They isolate a possible threat that they don't understand or know about, and then they check it with our database to see if it needs any correction or elimination. This means that the threat is already inside a customer's base, whereas Deep Instinct prevents a threat from getting in. Prevention is basically done by an agent in each installation, PCU, or product. An agent has its own intelligence to be able to detect if it should stop a threat or not. It has been taught. It is like a brain that has been taught to react according to any possible threat.

    Deep Instinct is very light. It doesn't take too much CPU attention or memory. It doesn't slow down the performance. You don't really realize any change in the performance, which makes it very different from other solutions. They are usually heavy for the users.

    What needs improvement?

    Its support for Linux and Unix operating systems can be improved. Currently, they cover macOS and Windows, but they don't cover Linux and some of the Unix products.

    Pricing is also an issue. Its pricing is not as aggressive as it could be, and its price makes it difficult to sell. Customers feel that they can get an antivirus for a lower price, even though it is not a similar product. It is technically different. 

    Their SLAs can be better. They have to give you 24/7 support, but their SLAs are not very good. They should be better documented, and the offerings should also be a little bit better. What happens is that the SLAs end up in the hands of the intermediary, seller, or the local partner of Deep Instinct in a country. The customers want very fast SLAs in a very short time, but Deep Instinct doesn't give them at the same speed. Having said that, SLAs are important when you have a lot of issues, but this product doesn't have too many issues, so it is not a big concern. However, for a customer who doesn't know the product, it could be a concern.

    For how long have I used the solution?

    I have been using this solution for a year or so.

    What do I think about the stability of the solution?

    It is totally stable. There is no problem with its stability.

    What do I think about the scalability of the solution?

    It is scalable. Our clients are medium to large organizations. 

    How are customer service and technical support?

    Their support is pretty good. Their documentation is also all in order.

    How was the initial setup?

    It is pretty straightforward to have it working. Its deployment is very fast. You put the agent into a computer or mobile phone, and it is very light. Everything is connected and registered in the console, and the console will do an audit and follow up with every unit in the network. You can get those statistics and information out of the console.

    What about the implementation team?

    It is pretty simple to deploy and maintain. It doesn't really need maintenance. Many other competitor products have very frequent revisions or upgrades of the product, sometimes even in the same month or week, whereas with this product, there are at the most two revisions or upgrades in a year. It is very simple to administer it.

    What's my experience with pricing, setup cost, and licensing?

    Its pricing is too high, but that is not because of the product. It is expensive because of the cost of the console. You need a console to control the whole thing, but the console is expensive. You have to split this cost among all possible users. Normally, to be able to make it economically attractive, you need at least 1,000 agents, PCs, or users. If you have a customer with 300 to 500 agents, PCs, or users, it becomes too pricey.

    What other advice do I have?

    It is very simple to get it working and keep it working.

    I would rate Deep Instinct a nine out of ten. It is a great product.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
    PeerSpot user
    Administrator at BAPS Swaminarayan Sanstha
    Real User
    Top 20
    Provides a structured approach for detecting and preventing threats, but doesn't work in clustered mode and needs an option to segregate clients into different logical entities
    Pros and Cons
    • "It has given us a more structured approach for detecting and preventing threats. It has machine learning-based detection and prevention. Their engines, in even older versions, are able to pick these viruses and malware. They have posted a lot of use cases online for detecting different viruses and malware that have been out for many years."
    • "The Deep Instinct client stops working when you have two servers and you add high availability or Windows Failover Cluster mode. It doesn't work in a clustered mode. I haven't yet had time to go back and talk with their support and get it fixed. It would be good if they can make the installation independent of an actual user. Currently, its installation is dependent on the actual user being logged in. For example, a computer has to be logged in for the installation to happen. If it is not logged in, then on the cloud platform, it is going to show that the client is offline. On the management side of the cloud platform, we would like to have the administrators segregated by logical entities. We have told them that on their cloud management platform, we would like to be able to segregate clients into different logical entities or organizations so that the administrators are able to manage only those entities that are within their designated organization."

    What is our primary use case?

    We are using Deep Instinct for malware protection on servers and workstations. We are using its latest version.

    What is most valuable?

    It has given us a more structured approach for detecting and preventing threats. It has machine learning-based detection and prevention. Their engines, in even older versions, are able to pick these viruses and malware. They have posted a lot of use cases online for detecting different viruses and malware that have been out for many years. 

    What needs improvement?

    The Deep Instinct client stops working when you have two servers and you add high availability or Windows Failover Cluster mode. It doesn't work in a clustered mode. I haven't yet had time to go back and talk with their support and get it fixed.

    It would be good if they can make the installation independent of an actual user. Currently, its installation is dependent on the actual user being logged in. For example, a computer has to be logged in for the installation to happen. If it is not logged in, then on the cloud platform, it is going to show that the client is offline. 

    On the management side of the cloud platform, we would like to have the administrators segregated by logical entities. We have told them that on their cloud management platform, we would like to be able to segregate clients into different logical entities or organizations so that the administrators are able to manage only those entities that are within their designated organization.

    For how long have I used the solution?

    I have been using this solution for four months.

    What do I think about the stability of the solution?

    It is stable. There are no issues related to its stability. 

    What do I think about the scalability of the solution?

    We haven't scaled it yet. We have 250 or so endpoints, which include workstations, servers, etc.

    How are customer service and technical support?

    Tech support is provided by our MSP, Cyberforce. They are based out of Austin. They are also providing the solution. They respond very quickly, and they are good. I would rate them a nine out of ten.

    Which solution did I use previously and why did I switch?

    We didn't use any other solution.

    How was the initial setup?

    It was very straightforward and simple. You can obviously do the installation through the command line. It is not a typical EXE file that you just double click and install. 

    We have NinjaRMM as our remote management tool for all endpoints. We were able to create a script on NinjaRMM and just do an automated install to Ninja. In a matter of 15 minutes, we had installed it over 200 servers or workstations.

    What's my experience with pricing, setup cost, and licensing?

    We are a nonprofit. The MSP had provides pretty decent nonprofit rates for us. This was one of the key factors that made us choose Deep Instinct over its competitors who were significantly more expensive.

    Which other solutions did I evaluate?

    We compared Deep Instinct with Cylance and CrowdStrike, and we ended up going with Deep Instinct. We felt it was going to give us better coverage, and the cloud management platform was also much easier to use.

    What other advice do I have?

    It is definitely worth looking at before you make a decision. 

    I would rate Deep Instinct a seven out of ten. There are a few kinks, but it is a new company, so we can't expect everything from day one. With that understanding, we accepted some of the shortfalls.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Gian Michele Roletto - PeerSpot reviewer
    SOC Manager at Nais Srl
    Real User
    Top 5Leaderboard
    Good threat identification, but the documentation could be improved
    Pros and Cons
    • "The support is very good. They reply and respond very quickly."
    • "They have a manual, but it is not excessive."

    What is our primary use case?

    It is currently in the testing phase for two of my customers, one with a large enterprise and another medium-sized company. We have tested both to understand which company is best suited for this solution.

    What is most valuable?

    It's a new solution that is beneficial for the endpoint because they have a new perspective on cyber security. 

    The agent and this platform do not require the endpoint to be connected to the network because the agent is designed to understand the threat, and tags it. 

    When the platform is connected to the network, he receives new mathematics as well as other tools to check the threat.

    What needs improvement?

    The documentation could be improved. They have a manual, but it is not excessive.

    For how long have I used the solution?

    I have been working with Deep Instinct for approximately one year. It's a new solution in Italy that has been released for one year.

    What do I think about the stability of the solution?

    For the moment, stability is not a question, for the amount that it is being used. We hope that it continues to be stable.

    How are customer service and support?

    The support is very good. They reply and respond very quickly.

    What other advice do I have?

    I would rate Deep Instinct a seven out of ten. It is a good solution and a good idea, but it is a very, new platform, and we must determine whether or not it is a truly effective security platform. We need more time to understand it.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Download our free Deep Instinct Report and get advice and tips from experienced pros sharing their opinions.
    Updated: October 2022
    Buyer's Guide
    Download our free Deep Instinct Report and get advice and tips from experienced pros sharing their opinions.