Field Effect MDR Reviews

It's our cybersecurity solution for cloud, network, and endpoints. We do a weekly review of the endpoints, and because software is always changing and no software is secure, we are updating software all the time. We rely on them for our cybersecurity solution.

Covalence informs you of the threats and how to address them. They send emails and texts. They tell you what the level is. You can see the recommendations and ask for help. You can escalate. It's very helpful.

For a small business that doesn't have a full IT or cybersecurity department, their guys are there when you need them. If something comes up and gets identified by the system, you can reach out to a human if you need help doing the analysis. A couple of times, I ran software that did the analysis, and then I sent it back to them. They were able to review what the malware was and evaluate whether it was safe or not to proceed after it was clean.

For endpoint management, Covalence identifies operating systems that need updating to help us stay on top of everything. It's running in the background and does a packet-level analysis of everything that comes in. It also has an auto-response feature, so if something gets through and is clicked on, or somehow gets through the network, it gets isolated and quarantined, and we get notified. We've had one instance of that scenario where someone got an Excel spreadsheet that was malicious, and we were notified and it was quarantined. We worked with the forensic team at Covalence and ran a full review of that computer.

The packet-level analysis—knowing that everything that comes in is getting looked at—and the endpoint protection are the most valuable features. Whatever comes in, it can be as if your door is always open. If you're on the internet, things can creep in that you don't want. But Covalence is looking at everything that comes through.

And the auto-response is valuable, knowing that it's going to quarantine any malicious thing that happens to get through or when a user happens to click on something they shouldn't have clicked on. Email is the major vector of cyber attacks, and we do have training for that. But in the event that someone clicks on something they shouldn't, the system will isolate it and quarantine it. And their team does a post-event analysis.

They have experts available to do a forensic-level evaluation of what the issue is. Luckily, we haven't had any serious attacks. I don't know if that can be attributed 100 percent to Covalence, but we have peace of mind knowing it's there.

We use the tagging of alerts, recommendations, and observances, as well as the SEAS (suspicious email alert system). The tagging is a different way of categorizing threats. Endpoint management gives me the person that I need to deal with for a specific vulnerability. But the tagging identifies vulnerabilities at a vulnerability level. An example might be "out-of-date software soon," and then it would list out the 12 employees who are running that on their endpoints. If you approach it by endpoint, it's the opposite. It will say, "Here's the endpoint and all the vulnerabilities." The tagging helps me prioritize. Often, it's just an observance, such as someone using Tor browser for something. It comes in as text and email, and you can take care of it.

The area where they can make it better is by giving responses to the end-user. For example, when there is an alert to the administrator, I get it. I have to copy and paste everything to everyone, telling them, "Hey, your Zoom is out of date," or "Mac user, you have to update your iOS because there's a vulnerability." And then I have to follow up with them, and it's a real pain.

Also, with the email alert system, when people have suspicious emails they forward them. The analysis comes back, and I have access to it. But what I want is that if someone who is not the administrator sends in a suspicious email, they should get the email back with the response from Covalence. Now, it keeps that information in the administrator portal. But I want to get out of the way. If someone reports something, the answer should go back to that person, not to me. In some cases, it requires an admin to execute software updates, but I would like them to know exactly what they need to do to be up-to-date and have a vulnerability-free endpoint.

We have been using Field Effect Covalence for at least three years.

I don't think it's ever crashed. It's always running in the background. I get reports on how many scans and how many malicious things it has stopped. I have peace of mind knowing we have some protection running.

I would assume it's scalable, but it's not as if my company went from 40 to 5,000 employees. For us, the scalability is unknown.

The support is good because you never know when you're going to need help with something.

That time I mentioned, when someone in the warehouse got an email with a spreadsheet that came up as a high alert, we quarantined him, and then we did the analysis with their help. I called in and support said, "We're going to send you an executable to give us all the data from that computer so we can analyze it, see how they got in, and what toolkit they used for the Excel."

There was no repercussion, but it was great being able to call immediately and have a forensic-level guy on the line that could advise us.

And if I ever have questions, I can send an email, and they're really good about responding. That's when it's more of a casual question. But when something is pressing or urgent, that's when you call in.

They're good in both respects. They're very good. When I needed them, they were absolutely there.

Positive

We had something super-basic and rudimentary: a firewall and spam filter. That wasn't a model that was keeping up with cybersecurity threats. We went from having a super low-level, basic security setup to having an actual modern cybersecurity tool to help us identify and deal with threats.

Cybersecurity is a standard requirement now. It's not that you can just get away with a firewall and a spam filter. We knew a lot of companies that got hacked, and we wanted to be ahead of the curve. I brought it up and was doing some initial due diligence, and then our CFO said we needed a solution. I had told them before about Field Effect Covalence and that I reached out to all the majors, but the starting point for them was $24,000 a year.

The fact that Covalence is backed by experts who are constantly monitoring for attacks is very important to us. One of the reasons I selected Covalence was because their founder was a big name in cybersecurity. He was Canada's number-one cybersecurity guy, and he worked with a task force that was like the MI5-equivalent of cybersecurity back in the day. That was good to know.

Also, with this product, you have access to all of these features, whereas with other systems, it seemed like if something happened, you would have to pay a consultant some crazy rate per hour to sort out your situation. Whenever something happens or I have a question about one of the endpoints, they have people to help out.

I have an account manager, which is very helpful, and we do quarterly reviews. It's a complete solution for us as a small to midsized company. There were a lot of solutions out there for enterprises, because that's where the money is, but cyberattackers don't care if you are a small or midsized company. If they can get money out of you, they're going to hit you. They shoot things out, and wherever they land is is where they go. So this was the right solution for us, and we've been really happy with it so far.

The initial deployment of Covalence was super easy. I'm an IT generalist with a certain focus on integration, e-commerce, and SQL. The diagram instructed you  to plug the blue cable in next to the blue dot. It was super dumbed-down, which was perfect for me.

As for maintenance, there was one time when they updated the endpoint agent, but it was super easy because everything is monitored. I had to update all the endpoints, and it was pretty easy, but I didn't have to update the hardware.

I did it all by myself, without any help from anyone. It was really simple.

When we were searching, it was when cybersecurity was a huge topic and there was an unclear market. It wasn't like if I needed a CRM, Salesforce was absolutely the number one, or if I needed an e-commerce system, Shopify was absolutely the number one.

And most of what was out there was built for enterprises, and they would parse out the different components. You might get one component for one thing, another component for another thing, and a third component for another aspect of cybersecurity. Each one would be about $24,000 a year. That just wasn't affordable for a small to medium business at all.

I got in touch with Arctic Wolf, but they were for the big spender, at $24,000. A lot of other companies were in the same ballpark. It was a barrier to entry, and we couldn't just shop around and try this one this year and another one next year.

When it comes to managing Covalence, it's easy in the sense that all the information is there, but it's not automatic. You can't just plug it in and go to the golf course or take a nap. Someone has to review it and follow up, especially on the endpoints. It's like the weather: things change every day. New emails come in, and that's probably the biggest attack vector. There are always new threat actors. It's not difficult, but you need to monitor it and respond to whatever shows up on your dashboard. You need to keep all your systems up-to-date, patched, and secure. It helps.

For example, Zoom updates their software just about every week. Everyone knows, "Okay, we have to update soon," because Covalence runs a comparison of identified vulnerabilities, and they always show up.

Covalence doesn't cover physical assets, but it covers all the digital resources: networks, endpoints, and the cloud. It is installed and monitoring all the traffic on all of those systems. It is the product that does everything.

If you haven't heard of Field Effect, you should consider it. What sold me is that it is a complete solution that is priced competitively. And I'm not saying that I bought it on price alone, but it ticked all the boxes that I was looking for: endpoint, network, cloud, and it wasn't $24,000 a year. For a small company, that's a sizable amount. There just wasn't an SMB product that could compete with Covalence when I was looking. Maybe there is one out there now, but I have sat in on so many presentations and I didn't see any for small and medium-sized businesses like Covalence. Maybe now that the enterprise market is saturated, Arctic Wolf is coming out with a less feature-rich product priced for small-to-medium-sized businesses. But it's hard to compete with Covalence in that market based on its feature set and cost.

The big takeaway is that we haven't been paralyzed by a cyberattack. I know it's stopping things. I don't know if there was some threat actor who tried to attack us and then said to themselves, "Oh, man, these guys have Covalence." For me, it's a case of job security that we haven't been attacked. If anything happens, they're going to look at me as the VP of IT and say, "It's your fault." But we haven't been attacked, and we see all the vulnerabilities. It's all laid out. It's monitoring every endpoint and every packet. For me, that's peace of mind.

I'm a Field Effect reseller, and my clients use Covalence as an affordable fabric security solution. 

Covalence cuts down on the number of cybersecurity solutions you need because Field Effect is rigid. They're like, "It's all us or nothing." It's their Microsoft 365. They won't let you use your own EDR. It's all under one umbrella. They consolidate all the products into one service, which can be good and bad. It's good because you don't have to think about anything. It's bad because some larger organizations might want their own EDR products or endpoint security. Sometimes, it works; sometimes, it does not. 

Covalence's cloud protection element has been excellent. A lot of organizations are using 365. It's hard to find a secure solution for protecting accounts. We've gone down the path of trying to utilize other security solutions for that particular area. We've been disappointed and always come back to trying to implement Covalence when we can so we know people are safe.

The solution's expert monitoring is huge. Things happen when you sleep, so it's a big comfort knowing that people are watching who have the autonomy to act on things. It's a great augmentation to our own staff. Managing Covalence isn't that hard, but it notifies you of a lot of issues, and the vulnerability management aspect requires a lot of upkeep. It's challenging to keep everything 100 percent patched and stay on top of the vulnerabilities that they detect, but it's necessary. 

Some things are actions, some are recommendations, and some are observations. You are presented with these things, and you get some insight about the level of severity and whether or not it's something you need to jump on right away. It helps you prioritize the critical things by telling you an action that you must deal with immediately. 

Covalence should provide a live view of the endpoint because the endpoint view in the portal is 5 to 15 minutes behind the actual status of the endpoint and its vulnerabilities. When it doesn't update with the actual status, it makes managing those things harder because sometimes something gets updated, and one of those vulnerabilities has gone away, but that doesn't appear in the ARO. The ARO information becomes outdated. There should be more alignment between the actual view, the endpoint view, and the ARO list. It also lacks email security, so you have to implement other things. They cover a lot but not everything.

I have used Covalence for a little over two years now.

Performance and stability aren't issues. It doesn't really slow anything down. 

Covalence scales from small to large. That's not an issue.

I rate Field Effect's support nine out of 10. The response could be better. Their expertise is always excellent. When things come up, it's great to be able to plug into their team. They have a lot of expertise available to us that they share. We work together to get issues resolved, or they will mitigate the problems as soon as things are detected. They've never let us down. There were some bumps in the road in the beginning, but they seem to have passed. 

Positive

There weren't many options when we were looking to buy. I wasn't using anything equivalent in the past because it was just starting to get ramped up and things were starting to get back from the cybersecurity perspective. There were only large enterprise business solutions to choose from. There weren't options that fit into the SMB space. We were looking for something, came across Covalence, and gave it a try and it's worked out. 

Everything is hard when you first do it, but now deploying Covalence isn't a big deal. The deployment time depends on the size of the user base. There are just a couple of steps. The cloud part isn't difficult. Next, you deploy the endpoints. You may need to remove what's already there. It's all dictated by the number of users and systems. You must track down all those systems and ensure everybody gets that endpoint software. After deployment, it doesn't require a lot of maintenance. It's self-updating. 

The pricing isn't sized, so Field Effect doesn't make it easy for anything under 25 users. I'm not crazy about that.

I rate Field Effect Covalence nine out of 10. Many people out there try to do it themselves. They'll try to use a freeware or open-source solution to build their own thing. I see this in my industry a lot. People try to maximize profits by finding the most inexpensive solutions out there and combining them all under one solution. 

However, at the end of the day, your team has to monitor them 24/7. If you're not, what's the point? It doesn't work. Trying to talk somebody out of building a better mouse trap is always hard.

We leverage Field Effect Covalence for our customers' cybersecurity needs. We offer it as a value-added service to our clients, acting as a trusted reseller for Field Effect. For companies that have experienced security breaches or vulnerabilities, we prioritize recommending Field Effect Covalence's immediate deployment. Integrating Covalence enables swift remediation through its robust cybersecurity policies and tools. Moreover, we actively promote the adoption of Field Effect Covalence as a comprehensive security solution within our existing customer base, as we firmly believe in its efficacy.

We implement Field Effect Covalence to satisfy cybersecurity policies and remediate existing threats and incidences.

We've deployed Covalence in the cloud for some clients, but most have on-premise deployments due to our pre-existing on-premise equipment. While I anticipate a shift towards cloud adoption as clients transition to cloud services, our current focus remains on physical installations.

Covalence's backing by experts who constantly monitor for attacks and risks is a great advantage. I've had the pleasure of working with them for a long time, and their professionalism and expertise are truly commendable.

The tagging feature effectively prioritizes tickets by highlighting the most urgent issues. When someone receives a tagged alert, it automatically becomes a top priority. Observations, while important, are addressed later as resources permit.

Managing Covalence is easy and their support team is good if we run into a problem.

While Covalence doesn't proactively cover all our threat services, they've made significant strides over the years. Their continuous development efforts have expanded their capabilities beyond what we currently utilize. While we collaborate with their development team on specific needs, their overall coverage surpasses our current requirements.

Covalence saves us significant time by eliminating the need to manually search for vulnerabilities. Instead of hunting through side channels, we receive vulnerability reports directly, streamlining the process. Additionally, Covalence identifies outdated software, allowing us to automate updates previously handled manually. This automation, driven by Covalence's insights, saves us a considerable amount of back-end time by eliminating manual tasks.

We have implemented other cybersecurity solutions for our customers, including Darktrace, but have found them to be inadequate compared to Covalence, leading us to consolidate onto this superior platform.

Covalence has improved our client's security coverage. They love the solution.

Covalence keeps us informed about the most critical security threats and guides how to address them. We hold monthly meetings to discuss ongoing security concerns, and in case of urgent issues, we communicate directly with Covalence's team. Additionally, we maintain regular communication with their development, support, and admin teams.

Covalence delivers daily recommendations to help us reduce platform risk. These recommendations are crucial, as addressing them safeguards against potential threats. Therefore, they are of great importance to both us and our customers.

Covalence is an impressive product that has gained significant traction with customers. It provides valuable insights into our IT environment, enabling us to improve reselling, upgrades, and customer management. This is primarily due to the increased visibility it offers into our infrastructure, which was previously fragmented across multiple portals. Covalence consolidates this information into a single pane of glass, providing a centralized hub for accessing all relevant data. Furthermore, it integrates seamlessly with our ticketing system, event solutions, and various business processes.

Covalence's SEAS feature wasn't very user-friendly. I heard they're working on improvements to provide better user feedback, but I don't know if that's been implemented yet. Regardless, it's good to see they're addressing the issue.

I have been using Field Effect Covalence for almost five years.

We typically put our appliances in passive mode. And so they mirror traffic, but they do not interrupt traffic. I don't recall any customer having disruption because of the Covalence appliance.

Field Effect Covalence is easily scalable.

The technical support team is excellent. They are highly responsive and have a deep understanding of the product. It has been a pleasure working with them as one of the lead project managers.

Positive

We previously partnered with Darktrace, but our experience with Covalence was significantly more positive, leading us to switch.

The initial deployment is straightforward, and Field Effect has a supportive team to assist if needed. However, there are some preliminary steps we need to take in the portal, which typically takes about 30 minutes if we have all the necessary information. On-premises deployment time can vary depending on the specific circumstances, such as the number of locations, appliances, and internet links involved. Therefore, the deployment timeline ultimately depends on the company's infrastructure and configuration. The longest a deployment has taken us is a few days and the shortest was half an hour. One person from our team is required for the deployment. In some situations, there may be a person involved from the client's side because they have some information for us but most of the time we have all the information.

The licensing model itself is solid, but we're ironing out some inconsistencies in how customer profiles are configured. This is particularly relevant in a user-based model, where company headcount might be low while actual user counts are higher due to contractors or remote workers. It creates a gray area about which users get billed, but we're actively discussing solutions with Field Effect.

I would rate Field Effect Covalence an eight out of ten.

While Covalence rarely requires maintenance, we've encountered two instances requiring service in the past. In one case, an appliance overheated as a result of an external environmental factor and in the other, hardware failure necessitated a complete replacement. Fortunately, both replacements were handled promptly.

I suggest getting a demo. It is quite impressive. If anybody knows anything about cybersecurity, they'll see by the demo that Field Effect Covalence covers everything.

Before deploying Covalence, it's crucial to have thorough documentation to properly scope the project. The biggest pitfall is deploying Covalence into the wrong environment because of an inadequate understanding of the existing infrastructure. A thorough scoping meeting is essential to define what needs to be protected, and this often requires a detailed inventory of the current environment, which some organizations may lack.

We use Field Effect Covalence as our endpoint detection and response solution. We use the solution on our desktops to provide an additional layer of security.

We wanted to detect deviations from baseline behavior on our endpoints and provide an additional layer of security beyond our antivirus protection. We also wanted to enhance our security posture for Office 365 on-premises and in the cloud.

Covalence has different levels of behavior. At the lowest level, it alerts us to potential problems. At the next level, it makes recommendations and allows us to take immediate action. At the highest level, it takes automated actions and escalates issues to the Covalence team. We can reach out to the Covalence team for their input and experience on threats in our environment. It's like having an extension of our team that we can draw on for expertise.

Managing Covalence is extremely simple. We use the web portal to manage all aspects of the solution.

Covalence provides a single cybersecurity solution that proactively protects all our threat services as part of our layered security approach. Covalence provides a strong defense package which is part of that multilayered suite of protections.

Covalence saves our organization time by constantly monitoring for threats in the environment, deviations from baseline behaviors, and threats in the cloud against our Office 365 landscape. It generates action responses that are sent to the team. We no longer have to actively monitor for those threats. Covalence monitors them for us. We have replaced one full-time employee's time with Covalence.

Covalence not only identifies threats, but it offers remediation advice as well.

Focusing on the threats that are relevant to us and the threats that actually matter in our environment, allows us to target the resources that we have to address specific issues and threats.

Covalence in the context of the recommendations that it makes gives us additional information that we can use. They have made a positive impact on the security posture by allowing us to close additional gaps and strengthen our security posture.

The solution's advanced detection behaviors, automated notifications and responses, and automated remediation behaviors are valuable features.

The tagging of ARO closure has room for improvement. Covalence needs different categorizations for closing AROs.

I have been using Field Effect Covalence for nearly two years.

Field Effect Covalence is extremely stable.

Field Effect Covalence is scalable. We have had no issues scaling in our environment.

The technical support is excellent and extremely responsive.

Positive

The deployment was straightforward. Post evaluation, we rolled Covalence out on mass to all endpoints within our environment. One person was required for the deployment.

The implementation was completed in-house.

Covalence has provided a return on investment by actively intercepting two incidents that would have had a significant financial impact on our organization if allowed to play out.

Covalence is cost-effective.

We evaluated a range of different products and found that Covalence provided us with the best suite of tools, giving us the functionality and visibility we were looking for.

I would rate Field Effect Covalence nine out of ten.

Our environment is a Windows environment, and there are approximately 300 endpoints.

People should consider Field Effect Covalence, which is a robust, scalable, and dependable solution that is certainly worth reviewing. Talk to some users who are currently using Covalence to get their feedback.

Covalence is an enterprise-level solution that is both functionally rich and cost-effective.

While we focus on being a general managed service provider rather than a specialized security solutions provider, we take security seriously. Therefore, we leverage Field Effect Covalence to comprehensively manage and monitor our client sites from a security standpoint.

Our organization currently lacks dedicated expert resources to analyze the data from the equipment. While having the equipment and ingesting information is important, it's crucial to have qualified personnel properly review the data to avoid a high rate of false negatives. Without this, the output could be unreliable and generate excessive irrelevant tickets, creating a noisy and inefficient solution. This is where Covalence shines, as their team of experts constantly monitors the data and provides valuable insights, which is immensely beneficial.

Field Effect Covalence is one of the easiest security solutions to manage. It integrates seamlessly with our existing PSA, meaning it interacts directly with our ticketing system. This eliminates the need for duplicate data entry and simplifies the workflow. Covalence identifies the actual issues, suggests appropriate resolutions, and provides supporting documentation to explain why addressing the issue is important and relevant.

When information enters our ticketing system, we categorize it based on its urgency and the action required. If it demands immediate attention, it's labeled as an "action" with high severity. Medium-severity actions require review and potential resolution within the same day. Observations, on the other hand, signal potential issues that need monitoring and assessment to determine if intervention is necessary. Recommendations, like software patches, are suggested solutions for identified problems. However, these may not always be feasible due to non-compliant or legacy applications that lack updates. In such cases, a discussion with the client is crucial to determine the best course of action. Covalence tagging simplifies this process by clearly categorizing information into three types: Actions, Recommendations, and Observations. Each ARO is further classified by severity (high, medium, and low), making it clear what needs to be done upon entry into the ticketing system.

We've experienced two key benefits from implementing Field Effect Covalence. The first, from a business owner's perspective, is risk mitigation. As someone constantly focused on minimizing vulnerability, knowing Covalence regularly reviews client sites and generates actionable reports provides immense peace of mind. It highlights areas needing improvement—something our internal team might miss. Their deeper analysis ensures no security issues fall through the cracks, fulfilling our initial purpose for bringing them on board. Second, from a client perspective, Covalence's reporting tool allows us to present monthly reports demonstrating our compliance and commitment to their security. In cases where clients hesitate to address recurring findings, the reports document their reluctance, holding them accountable. Overall, Covalence simplifies risk mitigation for both ourselves and our clients. Their independent reports offer transparency, showcasing not just outstanding issues but also their resolution speed.

While we use Covalence for monitoring and recognizing the broadness of cybersecurity, believing a single tool can't cover everything, I think cybersecurity ultimately revolves around access and firewall management. However, various aspects arise, and for actual monitoring and oversight of client activity within their site, Covalence provides comprehensive coverage.

Covalence streamlines the work of security teams by significantly reducing the need for manual research. Each ticket generated by Covalence provides clear, step-by-step instructions for resolving any identified ARO. It pinpoints non-compliant devices or applications and highlights any outstanding requirements for resolving the issue. Additionally, Covalence provides supporting documentation to explain the rationale behind each recommendation, promoting well-informed decision-making. This comprehensive approach empowers even Level 1 and Level 2 technicians to effectively address AROs and achieve timely resolutions.

Field Effect's agent includes an EDR and DNS solution, eliminating the need for separate cybersecurity tools for those functionalities.

Regarding Covalence's recommendations, some mandate specific actions to avoid vulnerabilities. Others suggest further analysis, like the example of multiple end-user VPN products. Having numerous VPNs accessing corporate data on corporate devices poses a significant challenge. However, with adequate documentation, we can effectively present this issue to clients. Ultimately, focusing on a single approved VPN and eliminating others seems like the prudent course of action to enhance security. Another example of this focus-narrowing concept applies to web browsers. The more applications and browsers running on a client's system, the higher the risk of non-compliance and the need for updates. Minimizing unnecessary tools simplifies maintenance and enhances overall security. Covalence's recommendations, along with the supporting reports, provide valuable insights for clients to improve their security posture. Discussing these findings in detail offers guidance and empowers clients to make informed decisions regarding their security infrastructure.

Individually, each aspect of Field Effect Covalence might not hold much significance. However, when combined, they create a powerful and effective system. I appreciate the "set it and forget it" nature of Field Effect Covalence. The platform keeps a watchful eye on client security, and I have confidence that any potential issues will be identified and addressed. The system generates Action Recommendation and Observation reports, which provide detailed instructions for resolving any security concerns and ensuring client compliance. This makes it remarkably easy for network management companies like ours to seamlessly handle the security needs of our clients. 

I'd like improved visibility into the backend data where logs are stored, along with integrations with a wider range of products. Field Effect Covalence already integrates with Office 365 and AWS, and has recently added Fortinet and Duo. Expanding their integrations to cover even more products would be highly beneficial.

I have been using Field Effect Covalence for six years.

Field Effect Covalence is stable. We have not encountered any issues and we don't see what is happening in the backend.

Field Effect Covalence is highly scalable. While the core agent software remains constant, the infrastructure adapts to growing data volumes. When an organization surpasses the capacity of its current appliance, simply replacing it with a more powerful one seamlessly extends the platform's capabilities. Additionally, adding appliances to accommodate new branch offices or increased data intake is straightforward. In essence, scaling Covalence is often as simple as adding or upgrading hardware, making it a flexible and adaptable solution for businesses of all sizes.

As early adopters of Field Effect Covalence, we've received exceptional technical support from their team. Their responsiveness is impressive, regardless of the ticket complexity or time of day. Even nights and weekends haven't posed a challenge – they're always available to assist. 

Positive

Previously, we used a hosted SIEM solution. However, this required dedicated security expertise for management, and it generated a significant amount of irrelevant alerts. Outsourcing SIEM monitoring has proven to be far simpler and more effective. Aside from the convenience, it's also slightly cheaper than maintaining and supporting an in-house team. Additionally, offloading liability is a major advantage. Field Effect Covalence takes ownership of SIEM monitoring and assumes responsibility for security vigilance, which we always emphasize to our clients. That's why we made the switch.

Deployment is fairly straightforward, but it needs the right hands on the job. In other words, this isn't a task for a level-one technician. While level-one and level-two staff can be helpful with routine operations, the initial setup requires a bit more expertise — someone with networking knowledge and experience. It doesn't need to be the most senior person, but just not someone starting.

The deployment process takes just one day. It involves four hours of setting up the on-premises components, followed by agent deployment and gradual activation. From this perspective, the actual onboarding is distinct from the deployment itself. The deployment itself is relatively straightforward and completed within a day. Onboarding, however, takes a little longer. This is due to the initial "noise" of the system, where security catches previously undetected issues. This thoroughness is a positive, as it ensures nothing slips through the cracks. Therefore, onboarding requires time for things to settle down and establish a regular rhythm of handling typical support tickets.

One person can complete the full deployment.

In-house. 

We've lost clients due to their growth or acquisition. Some who experience significant expansion build their own full-time IT departments, while others join companies with existing IT infrastructure. Notably, regardless of the reason for departure, they've all chosen to retain Field Effect Covalence.

While Field Effect Covalence's pricing seems competitive for the market, the biggest hurdle lies in the lack of dedicated security budgets within many organizations. Convincing these companies to allocate further IT expenditure specifically for security can be tough. They often struggle to justify adding another line item when they're already paying for individual security tools. This fragmented approach can leave them without a comprehensive monitoring system, which ultimately is the most critical need. So, the primary challenge isn't the price point, but rather helping companies understand the value proposition of a holistic security solution and how it complements their existing infrastructure. Once that hurdle is cleared, the current pricing of Field Effect Covalence appears reasonable.

I would rate Field Effect Covalence a nine out of ten.

Our client base varies in size, with a range of 15 to 150 users per client. The average client has 25 users.

We have some minor housekeeping tasks related to endpoint agents that don't deploy correctly, but we don't have any ongoing maintenance responsibilities.

Field Effect Covalence is a fantastic Canadian company, a testament to Canadian innovation and success. The talented team behind it began their journey in government cybersecurity. Recognizing a crucial need in the small and medium-sized business space, they leveraged their expertise to create a solution that has truly taken off. For five years now, we've been using Covalence with every client, and not a single one has experienced a breach. This is remarkable, considering that 60 percent of SMBs face a breach at some point. It speaks volumes about the effectiveness of Covalence and the expertise of its founders.

Field Effect Covalence is a reliable solution for our security monitoring needs. We haven't found anything else that compares. I appreciate the program's simple interface and the company's efficient service delivery. What truly impresses me is their client interaction. They don't just provide alerts; they explain the cause and implications, identify security gaps, showcase Field Effect's prompt resolutions, and highlight the exceptional speed of their response. This transparency and responsiveness are truly outstanding.

We use Field Effect MDR to deliver managed IT services to our clients.  It can be deployed on-premises via a line network appliance. You can also use a virtual cloud appliance. It depends on the client's needs. They're flexible. 

We were using a highly regarded competing product, but the company decided to go directly to one of our largest clients, which is the kiss of death for a managed service provider. Once your partner decides to go directly to your client base, they have breached the partnership, so we decided to look for alternatives. After due diligence research, we found Field Effect MDR, which we weren't familiar with then. After going through the demos, we realized that this solution was broader in coverage than what we already had in place.

We saw the benefit within the first week because Field Effect identified a malware infection in our environment other solutions had missed. We were running blind in that area. When we deployed it, Field Effect found an actionable alert within the first couple of days that gave me a lot of peace of mind. I realized we had much broader visibility than I thought we had. The ability to catch that incident quickly, in real time and then block it in real time, helped me as a security officer rest easier at night knowing that we had this level of visibility and actionable response.

It's lowering our overall security risk levels and helping our clients level up their protections. It enables our clients to focus on business without worrying about the underlying cybersecurity posture. They can avoid a massive ransomware or a large-scale phishing event that costs them hundreds of thousands, if not millions, of dollars. 

Some companies provide all the tools that Field Effect has, but in different, point solutions. It's important that Field Effect is a consolidated solution enabling us to be as efficient as possible. Fragmenting the infrastructure too much creates administrative overhead because we need to be in three, four, or more portals and admin consoles. Consolidating our toolsets streamlines process while enabling us to leverage automation helping us scale as an organization. 

Field Effect's security analysts triage the incoming alerts as they come in and weed out false positives. That saves our engineers a lot of time because we're only getting the actionable information we need to act on, ensuring the client is protected most effectively. If we have a high-severity alert, we can knock it out. We know exactly what to do. Very low false positive rate.

In the previous solution, we had to devote more higher-level engineering resources to understand that system and support it properly. We faced a long-term scalability issue. By switching to Field Effect, we avoid spending extra time spinning wheels for something that doesn't matter. We're only spending effort on things that are identified and validated.

We replaced Cisco Umbrella and CrowdStrike with Field Effect. Those were the main ones, but we also replaced SentinelOne and Sophos. It broadened the coverage of the ecosystem. These previous solutions each covered little slices of the ecosystem, whereas Field Effect has a wider breadth. 

The most valuable aspect of Field MDR is the comprehensive visibility the solution offers. Most solutions cover the traditional threat landscape for endpoints, including computers, endpoints, servers, etc. However, there are also risk within the network environment, such as WiFi, mobile, the Internet of Things, smart TVs, video surveillance systems, etc., that have associated vulnerabilities. These devices may not be actively managed or protected in most environments. 

Field Effect MDR gives you visibility across the entire ecosystem. With this broad visibility, you can significantly lower your operational risk. Field Effect has a team of high-quality security analysts reviewing the initial triage to determine whether an alert is actionable. They clear out the false positives and feed our security operation center actionable alerts. It lets us save time because we're only dealing with real issues instead of weeding out the false positives and wasting time. 

Managing Field Effect is straightforward. We have a good internal process to manage this. It's mainly about having some automation in place to streamline things and having some processes for keeping my software and third-party patching up to date. A lot of security alerts fall in those areas. It helps us identify issues quickly and lower the overall risk for our client rate.

It groups alerts by risk levels. The nomenclature is straightforward and easy to understand. Our engineers and technicians are well-versed in the topic. 

Field Effect MDR could broaden the portfolio of supported cloud applications. They integrate about 15 to 20 out of the box, including Office 365, Azure, Salesforce and others. I'd love to see a consistent flow of new integrations, including line of business apps for critical industries and additional cloud applications that are commonly used. 

I have used Field Effect MDR for two years. 

I rate Field Effect support 10 out of 10. 

Positive

Field Effect MDR is a straightforward deployment. We can do it quickly with no issues on our end. Once you get an appliance, you can spin that up and plug it into the infrastructure. Once that appliance is in the environment, it's a question of deploying agents out to all the devices you need to manage. 

We need to leverage our deployment mechanism for that, and that process can be done quickly. At that point, it starts monitoring and you start finding security issues.

Field Effect is fairly priced from my perspective. You get a lot of bang for the buck with this and a level of visibility that provides you with greater peace of mind knowing that the system is carefully monitored. You also have automated responses for known malicious behavior at any time of the day. Someone could have their Office 365 mailbox compromised at 2 in the morning on a Saturday when most people are asleep or not paying attention, and the system can prevent an issue in an automated way. 

I rate Field Effect MDR 10 out of 10. 

We have integrated it with our Microsoft 365 deployment. We also use it on our endpoints, and we use it on our office network and email cloud solution.

Covalence saves me time because I don't have to threat-hunt. It does some of the threat-hunting for me. It finds the security issues we have, so we don't have to proactively investigate. Most of the investigation is done for us.

The fact that Covalence informs us of threats and how to address them really helps in large terms because we don't have security officers. It means that my operations team is actually able to deal with security issues. For an organization that doesn't invest a lot in IT, it's a worthwhile investment. I would recommend it.

For example, one type of recommendation is based on vulnerabilities, and the recommendation shows you what the vulnerability is and how to remediate it. That helps to reduce risk.

I like the proactive notifications and the security awareness that it gives. We mostly use it passively. I also like the Office 365 protection. There are user notifications about our cloud solutions and access, meaning authentication and possible breaches. Overall, the notifications and alerts are valuable.

There are also new features like the DNS protection, which is quite good.

In addition, the Covalence experts, who are constantly monitoring for attacks, are very important. During the day, their responses are very good. They are very useful.

Regarding managing the solution, it's very easy to use. We receive notifications via email, and one of my engineers uses the portal to look at the lot of them. They're very easy to understand and to take action on as well.

The tagging feature shows in the reports. The tags tell us some basic security action points. For example, they show us what we have faced during the week or the month, depending on the report, and how we can make our environment better. It is useful to us.

Our company has been using Field Effect Covalence for three years.

I've never seen any stability issues in the two years that I've been here.

Ever since I deployed the solution, I've never had to scale.

They could improve their support. My organization is in the Pacific time zone, and they operate on Eastern time. They provide support from 8 AM to 5 PM, and emergency support from 8 AM to 8 PM their time. Because this is a security solution, I would recommend that they extend their support hours and, for emergencies, even to 24/7 or 24/5.

Other than that, their support is quite thorough. They provide very excellent support. I had one negative incident, but that was a misunderstanding, so I don't see it negatively. I had a conversation with the head of support, and we managed to resolve that very easily. Generally, their support is very good.

Positive

We have appliances on-premises, we have its clients installed on our PCs, and we have connectors to our cloud, so we use it in a hybrid fashion.

The deployment of Covalence is quite easy. I was involved in deploying the appliances, and it was quite easy.

I have never seen it require any maintenance other than the replacement of the devices at end-of-life.

We were able to do it ourselves with help from their support team, but that help was minimal. They have very good support articles as well to provide that information.

Because I was remote at that time, I needed somebody to be onsite to connect the device physically, but if I had been onsite I would have done it all myself.

If a colleague were interested in a solution like this but said to me they had never heard of Field Effect, I would say that two years ago, no one had ever heard of ChatGPT. But when they gave it a try, it was amazing. I have already recommended Field Effect to one client and I would recommend it again.

My advice would be to look at your use cases and discuss them with Field Effect to see which solutions are best for you. I only use a small part of the solution, but they have penetration testing and are able to do other things that I may not use. Discuss your requirements with them, and work with them to build the best solution for you. That's the best approach.

I'm a customer of Covalence, but if I were running an MSP, this is one of the partners I'd pick.

We use Field Effect Covalence to safeguard our network and users across both our physical locations and cloud environments. Its integration seamlessly extends to all our tools, encompassing AWS, Azure, and Office 365. Additionally, we maintain physical appliances at our offices to further enhance security. Furthermore, Field Effect Covalence effectively tracks outstanding updates and security threats on our endpoint devices.

We sought to reduce our threat landscape, and Field Effect Covalence provided us with the visibility to do so. They provided valuable insights into the vulnerabilities we needed to address, enabling us to enhance our overall security posture.

It is extremely important that Covalence is backed by experts who are constantly monitoring for attacks and risks. This continuous monitoring is a cornerstone of our security posture. We highly value the thoroughness of their monitoring, which not only alerts us to errors for prompt action but also oversees the availability of the appliances at our installer locations. This vigilance ensures that even if a device goes offline in a remote area without readily available technical personnel, we are immediately notified and can address the issue promptly. Maintaining uninterrupted access to the platform is crucial for our operations.

Covalence is easy to manage. The online portal is intuitive and user-friendly, and their agents provide periodic check-ins to ensure we're always up-to-date on the latest features. Occasionally, we receive calls from company representatives who demonstrate new features and inquire about their potential impact on our operations. Overall, the platform is exceedingly user-friendly, and we've encountered no issues.

We utilize security threat tagging to prioritize action items for immediate attention. While we review recommendations to determine their implementation feasibility, we also identify higher-risk items that may not have immediate visibility. This tagging approach provides valuable insights, enabling us to address any overlooked issues.

Covalence is comprehensive. It's not the only tool that we use, but it is one of the most important, and it covers the majority of our use cases.

Covalence helps save us hours per month.

It has augmented what we would have had for cybersecurity previously.

Covalence's recommendations for remediating and responding to threats have positively impacted our security operations. For some time, this has enhanced our flexibility and provided us with greater insight into the situation. This flexibility has enabled us to take action on any outstanding items that may have previously lacked visibility in our insider intelligence.

Covalence's recommendations are crucial to our operations. We heavily rely on their guidance to improve our security posture and mitigate potential threats.

The ARO alerts are helpful to use almost daily to get a sense of what actions we need to take to expedite security measures. These alerts align with our security needs. When the updates are released, they show us whether our endpoints need to be patched, if there have been login attempts from suspicious locations, or if our systems are compromised. Since the alerts go directly to our inboxes, we can review them promptly and address any security concerns.

I would like Covalence to implement patch management as well.

It would be beneficial to add the ability to create groups for endpoint devices within the portal.

I have been using Field Effect Covalence for four years

I would rate the stability of Field Effect Covalence a ten out of ten.

Field Effect Covalence scales well.

Our customer support team is consistently prompt in responding to our inquiries via email or phone. We primarily communicate with them through email, and they are always quick to reply. Their expertise in addressing our concerns is consistent.

Positive

The deployment is straightforward.

The Covalence team helped us with the implementation.

Although Covalence is expensive, it provides good value for the price.

I would rate Field Effect Covalence ten out of ten.

Covalence only requires minimal patch updates with no other maintenance.

I highly recommend Field Effect Covalence. The amount of unseen threats is unbelievable and Field Effect Covalence brings them to light.