What is our primary use case?
It's our cybersecurity solution for cloud, network, and endpoints. We do a weekly review of the endpoints, and because software is always changing and no software is secure, we are updating software all the time. We rely on them for our cybersecurity solution.
How has it helped my organization?
Covalence informs you of the threats and how to address them. They send emails and texts. They tell you what the level is. You can see the recommendations and ask for help. You can escalate. It's very helpful.
For a small business that doesn't have a full IT or cybersecurity department, their guys are there when you need them. If something comes up and gets identified by the system, you can reach out to a human if you need help doing the analysis. A couple of times, I ran software that did the analysis, and then I sent it back to them. They were able to review what the malware was and evaluate whether it was safe or not to proceed after it was clean.
What is most valuable?
For endpoint management, Covalence identifies operating systems that need updating to help us stay on top of everything. It's running in the background and does a packet-level analysis of everything that comes in. It also has an auto-response feature, so if something gets through and is clicked on, or somehow gets through the network, it gets isolated and quarantined, and we get notified. We've had one instance of that scenario where someone got an Excel spreadsheet that was malicious, and we were notified and it was quarantined. We worked with the forensic team at Covalence and ran a full review of that computer.
The packet-level analysis—knowing that everything that comes in is getting looked at—and the endpoint protection are the most valuable features. Whatever comes in, it can be as if your door is always open. If you're on the internet, things can creep in that you don't want. But Covalence is looking at everything that comes through.
And the auto-response is valuable, knowing that it's going to quarantine any malicious thing that happens to get through or when a user happens to click on something they shouldn't have clicked on. Email is the major vector of cyber attacks, and we do have training for that. But in the event that someone clicks on something they shouldn't, the system will isolate it and quarantine it. And their team does a post-event analysis.
They have experts available to do a forensic-level evaluation of what the issue is. Luckily, we haven't had any serious attacks. I don't know if that can be attributed 100 percent to Covalence, but we have peace of mind knowing it's there.
We use the tagging of alerts, recommendations, and observances, as well as the SEAS (suspicious email alert system). The tagging is a different way of categorizing threats. Endpoint management gives me the person that I need to deal with for a specific vulnerability. But the tagging identifies vulnerabilities at a vulnerability level. An example might be "out-of-date software soon," and then it would list out the 12 employees who are running that on their endpoints. If you approach it by endpoint, it's the opposite. It will say, "Here's the endpoint and all the vulnerabilities." The tagging helps me prioritize. Often, it's just an observance, such as someone using Tor browser for something. It comes in as text and email, and you can take care of it.
What needs improvement?
The area where they can make it better is by giving responses to the end-user. For example, when there is an alert to the administrator, I get it. I have to copy and paste everything to everyone, telling them, "Hey, your Zoom is out of date," or "Mac user, you have to update your iOS because there's a vulnerability." And then I have to follow up with them, and it's a real pain.
Also, with the email alert system, when people have suspicious emails they forward them. The analysis comes back, and I have access to it. But what I want is that if someone who is not the administrator sends in a suspicious email, they should get the email back with the response from Covalence. Now, it keeps that information in the administrator portal. But I want to get out of the way. If someone reports something, the answer should go back to that person, not to me. In some cases, it requires an admin to execute software updates, but I would like them to know exactly what they need to do to be up-to-date and have a vulnerability-free endpoint.
For how long have I used the solution?
We have been using Field Effect Covalence for at least three years.
What do I think about the stability of the solution?
I don't think it's ever crashed. It's always running in the background. I get reports on how many scans and how many malicious things it has stopped. I have peace of mind knowing we have some protection running.
What do I think about the scalability of the solution?
I would assume it's scalable, but it's not as if my company went from 40 to 5,000 employees. For us, the scalability is unknown.
How are customer service and support?
The support is good because you never know when you're going to need help with something.
That time I mentioned, when someone in the warehouse got an email with a spreadsheet that came up as a high alert, we quarantined him, and then we did the analysis with their help. I called in and support said, "We're going to send you an executable to give us all the data from that computer so we can analyze it, see how they got in, and what toolkit they used for the Excel."
There was no repercussion, but it was great being able to call immediately and have a forensic-level guy on the line that could advise us.
And if I ever have questions, I can send an email, and they're really good about responding. That's when it's more of a casual question. But when something is pressing or urgent, that's when you call in.
They're good in both respects. They're very good. When I needed them, they were absolutely there.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We had something super-basic and rudimentary: a firewall and spam filter. That wasn't a model that was keeping up with cybersecurity threats. We went from having a super low-level, basic security setup to having an actual modern cybersecurity tool to help us identify and deal with threats.
Cybersecurity is a standard requirement now. It's not that you can just get away with a firewall and a spam filter. We knew a lot of companies that got hacked, and we wanted to be ahead of the curve. I brought it up and was doing some initial due diligence, and then our CFO said we needed a solution. I had told them before about Field Effect Covalence and that I reached out to all the majors, but the starting point for them was $24,000 a year.
The fact that Covalence is backed by experts who are constantly monitoring for attacks is very important to us. One of the reasons I selected Covalence was because their founder was a big name in cybersecurity. He was Canada's number-one cybersecurity guy, and he worked with a task force that was like the MI5-equivalent of cybersecurity back in the day. That was good to know.
Also, with this product, you have access to all of these features, whereas with other systems, it seemed like if something happened, you would have to pay a consultant some crazy rate per hour to sort out your situation. Whenever something happens or I have a question about one of the endpoints, they have people to help out.
I have an account manager, which is very helpful, and we do quarterly reviews. It's a complete solution for us as a small to midsized company. There were a lot of solutions out there for enterprises, because that's where the money is, but cyberattackers don't care if you are a small or midsized company. If they can get money out of you, they're going to hit you. They shoot things out, and wherever they land is is where they go. So this was the right solution for us, and we've been really happy with it so far.
How was the initial setup?
The initial deployment of Covalence was super easy. I'm an IT generalist with a certain focus on integration, e-commerce, and SQL. The diagram instructed you to plug the blue cable in next to the blue dot. It was super dumbed-down, which was perfect for me.
As for maintenance, there was one time when they updated the endpoint agent, but it was super easy because everything is monitored. I had to update all the endpoints, and it was pretty easy, but I didn't have to update the hardware.
What about the implementation team?
I did it all by myself, without any help from anyone. It was really simple.
Which other solutions did I evaluate?
When we were searching, it was when cybersecurity was a huge topic and there was an unclear market. It wasn't like if I needed a CRM, Salesforce was absolutely the number one, or if I needed an e-commerce system, Shopify was absolutely the number one.
And most of what was out there was built for enterprises, and they would parse out the different components. You might get one component for one thing, another component for another thing, and a third component for another aspect of cybersecurity. Each one would be about $24,000 a year. That just wasn't affordable for a small to medium business at all.
I got in touch with Arctic Wolf, but they were for the big spender, at $24,000. A lot of other companies were in the same ballpark. It was a barrier to entry, and we couldn't just shop around and try this one this year and another one next year.
What other advice do I have?
When it comes to managing Covalence, it's easy in the sense that all the information is there, but it's not automatic. You can't just plug it in and go to the golf course or take a nap. Someone has to review it and follow up, especially on the endpoints. It's like the weather: things change every day. New emails come in, and that's probably the biggest attack vector. There are always new threat actors. It's not difficult, but you need to monitor it and respond to whatever shows up on your dashboard. You need to keep all your systems up-to-date, patched, and secure. It helps.
For example, Zoom updates their software just about every week. Everyone knows, "Okay, we have to update soon," because Covalence runs a comparison of identified vulnerabilities, and they always show up.
Covalence doesn't cover physical assets, but it covers all the digital resources: networks, endpoints, and the cloud. It is installed and monitoring all the traffic on all of those systems. It is the product that does everything.
If you haven't heard of Field Effect, you should consider it. What sold me is that it is a complete solution that is priced competitively. And I'm not saying that I bought it on price alone, but it ticked all the boxes that I was looking for: endpoint, network, cloud, and it wasn't $24,000 a year. For a small company, that's a sizable amount. There just wasn't an SMB product that could compete with Covalence when I was looking. Maybe there is one out there now, but I have sat in on so many presentations and I didn't see any for small and medium-sized businesses like Covalence. Maybe now that the enterprise market is saturated, Arctic Wolf is coming out with a less feature-rich product priced for small-to-medium-sized businesses. But it's hard to compete with Covalence in that market based on its feature set and cost.
The big takeaway is that we haven't been paralyzed by a cyberattack. I know it's stopping things. I don't know if there was some threat actor who tried to attack us and then said to themselves, "Oh, man, these guys have Covalence." For me, it's a case of job security that we haven't been attacked. If anything happens, they're going to look at me as the VP of IT and say, "It's your fault." But we haven't been attacked, and we see all the vulnerabilities. It's all laid out. It's monitoring every endpoint and every packet. For me, that's peace of mind.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.