IT Central Station is now PeerSpot: Here's why

Deep Instinct OverviewUNIXBusinessApplication

Deep Instinct is #31 ranked solution in endpoint security software. PeerSpot users give Deep Instinct an average rating of 8 out of 10. Deep Instinct is most commonly compared to SentinelOne: Deep Instinct vs SentinelOne. Deep Instinct is popular among the large enterprise segment, accounting for 57% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 24% of all views.
Deep Instinct Buyer's Guide

Download the Deep Instinct Buyer's Guide including reviews and more. Updated: July 2022

What is Deep Instinct?

Deep Instinct is the first and only company applying end-to-end deep learning to cybersecurity. Deep learning is inspired by the brain’s ability to learn. Once a brain learns to identify an object, its identification becomes second nature. Similarly, as Deep Instinct’s artificial deep neural network brain learns to prevent any type of cyber threat, its prediction capabilities become instinctive. As a result, any kind of malware, known and new, first-seen malware, zero-days, ransomware and APT attacks from any kind are predicted and prevented in zero-time with unmatched accuracy and speed anywhere in the enterprise – Network, endpoint, Mobile – enabling multi-layered protection. To learn more, visit: https://www.deepinstinct.com.

Deep Instinct Video

Deep Instinct Pricing Advice

What users are saying about Deep Instinct pricing:
  • "Its pricing is too high, but that is not because of the product. It is expensive because of the cost of the console. You need a console to control the whole thing, but the console is expensive. You have to split this cost among all possible users. Normally, to be able to make it economically attractive, you need at least 1,000 agents, PCs, or users. If you have a customer with 300 to 500 agents, PCs, or users, it becomes too pricey."
  • "We are a nonprofit. The MSP had provides pretty decent nonprofit rates for us. This was one of the key factors that made us choose Deep Instinct over its competitors who were significantly more expensive."
  • Deep Instinct Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Principal Security Analyst at a government with 5,001-10,000 employees
    Real User
    Enables us to be a lot more proactive and saves us time on incident response
    Pros and Cons
    • "I really like the behavioral analysis feature, because it looks at all the different things, like arbitrary shellcode and reflective DLL. It looks at a lot of things that threat actors use as threat vectors to get into the environment."
    • "The interface on the endpoint could be a little more descriptive and more valuable. It doesn't always tell you the data you need to see. Improvement there would be very helpful."

    What is our primary use case?

    We have it on our endpoints, and the main purpose is to protect them from all the things that can happen: phishing emails, USBs installed, links downloaded, malicious third-party tools being downloaded through patches, etc.

    How has it helped my organization?

    Deep Instinct has helped us to be a lot more proactive on the security front, rather than reactive. We still have to address the threats that it finds, but because it's proactive it stops things before they occur. Instead of spending time trying to investigate what happened, we spend the time on the front-end determining if it's something we should allow or not. It has saved us a lot of time in incident response. It has also reduced our SOC’s endpoint protection management time and resulted in a significant reduction in false positives. And while we haven't seen a drastic reduction in operational disruption with Deep Instinct, because the solution we had before was working pretty well, I'm sure the fact that it has detected and prevented things has helped people work a whole lot more effectively. As far as we know it has helped prevent the newest threats and that is very important. There's always something new coming out and trying to stay ahead of that is always a challenge. Compared to the solution we had previously, Deep Instinct is way more thorough in its analysis of the files and memory.

    What is most valuable?

    I really like the behavioral analysis feature, because it looks at all the different things, like arbitrary shellcode and reflective DLL. It looks at a lot of things that threat actors use as threat vectors to get into the environment. It's also very easy to use and very intuitive. That was one of the reasons we picked it. The console is really simple and easy to figure out, as is creating policies. Every policy just needs a group and you can break out the policies per group. That means when you need to make changes, you can do it pretty easily. I can change a group's settings by just opening up a window and selecting dropdown options.  You can also select what you want things applied to. You can be very granular with your application of it. I've also been very impressed with Deep Instinct's prevention-first approach to stopping unknown ransom and malware. We had another solution that took a very similar approach—prevention first rather than reactive. This was another one of the reasons we picked Deep Instinct. So far it has been very good at catching things before they execute, which is what we wanted it to do. It's very quick. As soon as it sees something, it quarantines it. And the predictive and prevention capabilities for shellcode and fileless-based attacks are very important. Yet another reason we picked it was because of how thoroughly it looks through files. It's also very helpful that the predictive and prevention capabilities are built into the 3.0 release and don't require special rules or configuration. When an update comes out, it doesn't require us to reconfigure the device or the policies. It just follows along with what happened before. And if something is a brand-new feature, it comes out in "detect only," and that gives us an opportunity to test it before actually doing any prevention.

    What needs improvement?

    The interface on the endpoint could be a little more descriptive and more valuable. It doesn't always tell you the data you need to see. Improvement there would be very helpful.
    Buyer's Guide
    Deep Instinct
    July 2022
    Learn what your peers think about Deep Instinct. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
    610,229 professionals have used our research since 2012.

    For how long have I used the solution?

    I've been using Deep Instinct for about two years.

    What do I think about the stability of the solution?

    It's very stable. We've had no issues with that.

    What do I think about the scalability of the solution?

    It works well as long as you have an automatic way to deploy it, like SCCM or GPO, which they have provisions for. We use it throughout the environment as our endpoint solution. It is our only endpoint solution. We have it rolled out as far as we're going to at this point.

    How are customer service and support?

    Tech support helped me with a very complex problem that took a lot of digging and research, beyond the norm. They helped figure it out. Whenever I open a ticket, they respond within a couple of hours.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We were using another artificial intelligence solution, Cylance, that actually worked really well, but it lacked some of the features that we were looking for, including granularity and configuration options. Both Deep Instinct and Cylance are pre-execution and both work well. One of the differentiators between the two at the time was that Deep Instinct had so much configurability compared to Cylance. We could be very specific with how we set up our exclusions and allowances. I think Cylance has caught up, but at the time there was a difference.

    How was the initial setup?

    The initial setup was pretty straightforward. We just had to configure the console, and the professional services were a big part of getting that set up. Once you get the console configured, you deploy the agents. Once we got the automated deployment down, it was really easy. We deploy it through SCCM. Our deployment took about four months. We have a little over 5,000 users. For deployment we have two desktop staff, which is a redundancy as one person can actually do it. And there are two of us who watch the console every day.

    What about the implementation team?

    We used Deep Instinct professional services to help us. We did it ourselves, but they were there to help us when we needed assistance.

    What was our ROI?

    The return on investment is in the time saved and being able to be more proactive. It's given us a lot more insight into the environment, which we didn't have before. It has definitely been a big help.

    Which other solutions did I evaluate?

    We evaluated four others solutions. A lot of them were new and maturing as they went, but the big difference between Deep Instinct and everyone else was the pre-execution portion. Almost everything else we looked at was all post-execution or machine learning or artificial intelligence. Deep Instinct was the only one that uses deep learning and the only one that was consistently working on pre-execution. And with the other solutions that were pre-execution, sometimes something would get through and run. They would say, "Yeah, sometimes you want to watch it first," but Deep Instinct doesn't do that. Deep Instinct just blocks it first. During testing and evaluation, Deep Instinct performed very well. And their professional service engineer was very helpful in answering our questions and explaining how things work when we asked why things worked a certain way. And the performance has been better in our deployment than it was in the PoC, which is unusual.

    What other advice do I have?

    Test it thoroughly with all your use cases, and even on use cases you don't usually think about. Do your own testing. Don't rely on the vendor testing at all. The vendor testing was good and they did a demo, but definitely do your own testing. With every product we test, not just Deep Instinct, we do our own testing and that raises a whole lot of questions that normally might not be raised. Do your homework on the solution and how it works. Understand it. Go through the training materials they have. They suggested doing that initially but I did that toward the end, after deployment. I should have done it earlier. The lesson learned would be to become as familiar with the tool as possible. That sounds obvious, but sometimes in IT we just like to run with something and go. There's been a little bit of impact initially, here and there, on our endpoints, as far as performance goes, but once it gets tuned in, that seems to settle down. Overall, it's doing a really good job of reducing our organization's overall risk. What it picks up and blocks on a regular basis seems to be very effective.
    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    Flag as inappropriate
    Paul Durand - PeerSpot reviewer
    Director at Ancona
    Reseller
    Top 20
    A great threat-prevention solution that is light, simple to use, and easy to deploy and administer
    Pros and Cons
    • "The most important thing is that it is for prevention. It prevents attacks of any type of malware. Normally, what we've seen in other products is that they are not for prevention. They isolate a possible threat that they don't understand or know about, and then they check it with our database to see if it needs any correction or elimination. This means that the threat is already inside a customer's base, whereas Deep Instinct prevents a threat from getting in. Prevention is basically done by an agent in each installation, PCU, or product. An agent has its own intelligence to be able to detect if it should stop a threat or not. It has been taught. It is like a brain that has been taught to react according to any possible threat. Deep Instinct is very light. It doesn't take too much CPU attention or memory. It doesn't slow down the performance. You don't really realize any change in the performance, which makes it very different from other solutions. They are usually heavy for the users."
    • "Its support for Linux and Unix operating systems can be improved. Currently, they cover macOS and Windows, but they don't cover Linux and some of the Unix products. Pricing is also an issue. Its pricing is not as aggressive as it could be, and its price makes it difficult to sell. Customers feel that they can get an antivirus for a lower price, even though it is not a similar product. It is technically different. Their SLAs can be better. They have to give you 24/7 support, but their SLAs are not very good. They should be better documented, and the offerings should also be a little bit better. What happens is that the SLAs end up in the hands of the intermediary, seller, or the local partner of Deep Instinct in a country. The customers want very fast SLAs in a very short time, but Deep Instinct doesn't give them at the same speed. Having said that, SLAs are important when you have a lot of issues, but this product doesn't have too many issues, so it is not a big concern. However, for a customer who doesn't know the product, it could be a concern."

    What is our primary use case?

    We used it basically with the idea of replacing antiviruses. We've done a proof of concept with a few customers. The experience has been at some customers of ours, but there hasn't been a final sale. We used the latest version of this solution.

    What is most valuable?

    The most important thing is that it is for prevention. It prevents attacks of any type of malware. Normally, what we've seen in other products is that they are not for prevention. They isolate a possible threat that they don't understand or know about, and then they check it with our database to see if it needs any correction or elimination. This means that the threat is already inside a customer's base, whereas Deep Instinct prevents a threat from getting in. Prevention is basically done by an agent in each installation, PCU, or product. An agent has its own intelligence to be able to detect if it should stop a threat or not. It has been taught. It is like a brain that has been taught to react according to any possible threat.

    Deep Instinct is very light. It doesn't take too much CPU attention or memory. It doesn't slow down the performance. You don't really realize any change in the performance, which makes it very different from other solutions. They are usually heavy for the users.

    What needs improvement?

    Its support for Linux and Unix operating systems can be improved. Currently, they cover macOS and Windows, but they don't cover Linux and some of the Unix products.

    Pricing is also an issue. Its pricing is not as aggressive as it could be, and its price makes it difficult to sell. Customers feel that they can get an antivirus for a lower price, even though it is not a similar product. It is technically different. 

    Their SLAs can be better. They have to give you 24/7 support, but their SLAs are not very good. They should be better documented, and the offerings should also be a little bit better. What happens is that the SLAs end up in the hands of the intermediary, seller, or the local partner of Deep Instinct in a country. The customers want very fast SLAs in a very short time, but Deep Instinct doesn't give them at the same speed. Having said that, SLAs are important when you have a lot of issues, but this product doesn't have too many issues, so it is not a big concern. However, for a customer who doesn't know the product, it could be a concern.

    For how long have I used the solution?

    I have been using this solution for a year or so.

    What do I think about the stability of the solution?

    It is totally stable. There is no problem with its stability.

    What do I think about the scalability of the solution?

    It is scalable. Our clients are medium to large organizations. 

    How are customer service and technical support?

    Their support is pretty good. Their documentation is also all in order.

    How was the initial setup?

    It is pretty straightforward to have it working. Its deployment is very fast. You put the agent into a computer or mobile phone, and it is very light. Everything is connected and registered in the console, and the console will do an audit and follow up with every unit in the network. You can get those statistics and information out of the console.

    What about the implementation team?

    It is pretty simple to deploy and maintain. It doesn't really need maintenance. Many other competitor products have very frequent revisions or upgrades of the product, sometimes even in the same month or week, whereas with this product, there are at the most two revisions or upgrades in a year. It is very simple to administer it.

    What's my experience with pricing, setup cost, and licensing?

    Its pricing is too high, but that is not because of the product. It is expensive because of the cost of the console. You need a console to control the whole thing, but the console is expensive. You have to split this cost among all possible users. Normally, to be able to make it economically attractive, you need at least 1,000 agents, PCs, or users. If you have a customer with 300 to 500 agents, PCs, or users, it becomes too pricey.

    What other advice do I have?

    It is very simple to get it working and keep it working.

    I would rate Deep Instinct a nine out of ten. It is a great product.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
    Buyer's Guide
    Deep Instinct
    July 2022
    Learn what your peers think about Deep Instinct. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
    610,229 professionals have used our research since 2012.
    Administrator at BAPS Swaminarayan Sanstha
    Real User
    Top 20
    Provides a structured approach for detecting and preventing threats, but doesn't work in clustered mode and needs an option to segregate clients into different logical entities
    Pros and Cons
    • "It has given us a more structured approach for detecting and preventing threats. It has machine learning-based detection and prevention. Their engines, in even older versions, are able to pick these viruses and malware. They have posted a lot of use cases online for detecting different viruses and malware that have been out for many years."
    • "The Deep Instinct client stops working when you have two servers and you add high availability or Windows Failover Cluster mode. It doesn't work in a clustered mode. I haven't yet had time to go back and talk with their support and get it fixed. It would be good if they can make the installation independent of an actual user. Currently, its installation is dependent on the actual user being logged in. For example, a computer has to be logged in for the installation to happen. If it is not logged in, then on the cloud platform, it is going to show that the client is offline. On the management side of the cloud platform, we would like to have the administrators segregated by logical entities. We have told them that on their cloud management platform, we would like to be able to segregate clients into different logical entities or organizations so that the administrators are able to manage only those entities that are within their designated organization."

    What is our primary use case?

    We are using Deep Instinct for malware protection on servers and workstations. We are using its latest version.

    What is most valuable?

    It has given us a more structured approach for detecting and preventing threats. It has machine learning-based detection and prevention. Their engines, in even older versions, are able to pick these viruses and malware. They have posted a lot of use cases online for detecting different viruses and malware that have been out for many years. 

    What needs improvement?

    The Deep Instinct client stops working when you have two servers and you add high availability or Windows Failover Cluster mode. It doesn't work in a clustered mode. I haven't yet had time to go back and talk with their support and get it fixed.

    It would be good if they can make the installation independent of an actual user. Currently, its installation is dependent on the actual user being logged in. For example, a computer has to be logged in for the installation to happen. If it is not logged in, then on the cloud platform, it is going to show that the client is offline. 

    On the management side of the cloud platform, we would like to have the administrators segregated by logical entities. We have told them that on their cloud management platform, we would like to be able to segregate clients into different logical entities or organizations so that the administrators are able to manage only those entities that are within their designated organization.

    For how long have I used the solution?

    I have been using this solution for four months.

    What do I think about the stability of the solution?

    It is stable. There are no issues related to its stability. 

    What do I think about the scalability of the solution?

    We haven't scaled it yet. We have 250 or so endpoints, which include workstations, servers, etc.

    How are customer service and technical support?

    Tech support is provided by our MSP, Cyberforce. They are based out of Austin. They are also providing the solution. They respond very quickly, and they are good. I would rate them a nine out of ten.

    Which solution did I use previously and why did I switch?

    We didn't use any other solution.

    How was the initial setup?

    It was very straightforward and simple. You can obviously do the installation through the command line. It is not a typical EXE file that you just double click and install. 

    We have NinjaRMM as our remote management tool for all endpoints. We were able to create a script on NinjaRMM and just do an automated install to Ninja. In a matter of 15 minutes, we had installed it over 200 servers or workstations.

    What's my experience with pricing, setup cost, and licensing?

    We are a nonprofit. The MSP had provides pretty decent nonprofit rates for us. This was one of the key factors that made us choose Deep Instinct over its competitors who were significantly more expensive.

    Which other solutions did I evaluate?

    We compared Deep Instinct with Cylance and CrowdStrike, and we ended up going with Deep Instinct. We felt it was going to give us better coverage, and the cloud management platform was also much easier to use.

    What other advice do I have?

    It is definitely worth looking at before you make a decision. 

    I would rate Deep Instinct a seven out of ten. There are a few kinks, but it is a new company, so we can't expect everything from day one. With that understanding, we accepted some of the shortfalls.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Owner at a computer software company with 1-10 employees
    Reseller
    Top 20
    Eradicates ransomware using non-signature-based detection, but the reporting could be enhanced
    Pros and Cons
    • "The most valuable feature is its ability to detect and eradicate ransomware using non-signature-based methods."
    • "If the client is working remotely and doesn't have a VPN then the deployment is difficult to do."

    What is our primary use case?

    We are a software reseller and managed service company, and Deep Instinct is one of the EDR solutions that we implement for our customers. It is one of two EDR solutions that we offer to our client base as a managed service and a 24/7 basis.

    The primary use case is ransomware control.

    How has it helped my organization?

    We think of this product as a fishing net that fits into the computer and has all of the capabilities and understanding of what ransomware and malware look like. It reacts to the look of ransomware, as opposed to trying to detect it by using a signature.

    In our experience, it is a whole different concept that is extremely effective.

    What is most valuable?

    The most valuable feature is its ability to detect and eradicate ransomware using non-signature-based methods. It is not a traditional EDR.

    What needs improvement?

    My primary concern is that there are elements of the MSSP model that need updating. Specifically, there are some technical controls that need to be updated and it means that rolling it out is a little bit more complicated than it has to be. If the client is working remotely and doesn't have a VPN then the deployment is difficult to do.

    In the future, I would like to see additional reporting made available.

    Adding a firewall would negate the need for some products by other vendors. More generally, adding traditional endpoint security features over time would mean that we would not have to support multiple platforms.

    For how long have I used the solution?

    We have been using Deep Instinct for eight months.

    What do I think about the stability of the solution?

    The stability seems to be fine. Occasionally, we have to consider the brain of the solution, which is the component agent that goes to the endpoint. It remains stable because you're only pushing it out three or four times a year. Because it is not signature or EDR-based, you don't have updates.

    What do I think about the scalability of the solution?

    Scalability with this product is superb. We currently have about 2,000 clients who are using Deep Instinct.

    Which solution did I use previously and why did I switch?

    We also work with FortiEDR.

    How was the initial setup?

    The initial setup is very straightforward.

    The length of time required for deployment depends on the number of users that the client has. We have some clients with 500 to 1,000 users, whereas one of our clients only has eight. I would say that you can finish deploying this product in less than half a day, regardless of size.

    What's my experience with pricing, setup cost, and licensing?

    We are satisfied with the pricing. 

    What other advice do I have?

    The most complicated part about endpoint security these days has to do with COVID because you have so many people who are working remotely, and they made the transition without a lot of forethought. The cloud-based deployment helps because if you are in an on-premises environment, it's extremely complicated unless they have VPNs.

    Overall, this is a good product and it is extremely effective. That said, changes to the deployment process and making the reports a little prettier would be a good way to improve it. Functionally, it meets our requirements, but it doesn't have all of the bells and whistles that other products have.

    I would rate this solution a seven out of ten.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Threat Intelligence and Forensics Investigation Specialist at True Digital Group
    Real User
    Top 5
    Provides very good detections for PowerShell and active scripts; has a user friendly UI
    Pros and Cons
    • "Good detections for PowerShell. and good user interface."
    • "Some features are too resource intensive."

    What is our primary use case?

    I'm a security consultant and we are customers of Deep Instinct. 

    What is most valuable?

    The user interface is a good feature. It shows which process has been accessed and the flow. The detections for PowerShell are also pretty good as is the active scripts detection feature. 

    What needs improvement?

    Some of the features are very resource intensive, such as the ransomware detection. It consumed so much of the resource on the endpoints that we have disabled those functions. If they could improve the detection logic so that those elements would consume less resource, that'd be effective. They could also improve the reporting feature so it coul be more like you find in Maltego or IBM's i2. They could introduce a graph feature to coordinate between search and those things, perhaps a dashboard of some kind.

    For how long have I used the solution?

    I've been using this solution for almost a year and a half. 

    What do I think about the stability of the solution?

    This is a stable solution. 

    What do I think about the scalability of the solution?

    This is a scalable solution. We have around 3,000 endpoints and one person in our company who deals with maintenance. 

    How are customer service and technical support?

    We had difficulty connecting with them and initially we were not sure who to contact. It took around eight to 10 hours to get hold of that person so support could be improved. 

    What other advice do I have?

    I would not recommend this solution for small companies but for companies that deal with sensitive data, I would recommend it as an additional layer of security. It cannot be used as a stand alone product from my perspective, but it can be used with a defense-in-depth approach.

    I would rate this solution an eight out of 10. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Gian Michele Roletto - PeerSpot reviewer
    SOC Manager at Nais Srl
    Real User
    Top 5Leaderboard
    Good threat identification, but the documentation could be improved
    Pros and Cons
    • "The support is very good. They reply and respond very quickly."
    • "They have a manual, but it is not excessive."

    What is our primary use case?

    It is currently in the testing phase for two of my customers, one with a large enterprise and another medium-sized company. We have tested both to understand which company is best suited for this solution.

    What is most valuable?

    It's a new solution that is beneficial for the endpoint because they have a new perspective on cyber security. 

    The agent and this platform do not require the endpoint to be connected to the network because the agent is designed to understand the threat, and tags it. 

    When the platform is connected to the network, he receives new mathematics as well as other tools to check the threat.

    What needs improvement?

    The documentation could be improved. They have a manual, but it is not excessive.

    For how long have I used the solution?

    I have been working with Deep Instinct for approximately one year. It's a new solution in Italy that has been released for one year.

    What do I think about the stability of the solution?

    For the moment, stability is not a question, for the amount that it is being used. We hope that it continues to be stable.

    How are customer service and support?

    The support is very good. They reply and respond very quickly.

    What other advice do I have?

    I would rate Deep Instinct a seven out of ten. It is a good solution and a good idea, but it is a very, new platform, and we must determine whether or not it is a truly effective security platform. We need more time to understand it.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
    Flag as inappropriate
    Buyer's Guide
    Download our free Deep Instinct Report and get advice and tips from experienced pros sharing their opinions.
    Updated: July 2022
    Buyer's Guide
    Download our free Deep Instinct Report and get advice and tips from experienced pros sharing their opinions.