Field Effect MDR Reviews

We use Field Effect Covalence for multiple cases including, our internal protection, standard client protection, and for incident response for all of our customers.

Along with the cloud product APIs & Endpoint Agents, the network Appliance can be deployed on-premises, in the cloud, and on hybrid platforms. On-premises solves for data sovereignty requirements. We have clients that use all three configurations.

The expert-backed monitoring of Field Effect Covalence is a crucial advantage. While many security products offer monitoring, it's the quality that sets Field Effect apart. Their data centers in Australia, the UK, Canada, and the US ensure real-time human oversight of traffic, eliminating the noise and false positives that plague other solutions. Having sold dozens of similar products, I can confidently say that Field Effect is the most effective and efficient in its class. Their alerts are actionable and accurate.

Field Effect Covalence is by far the easiest product to manage that I have ever dealt with.

The Action Recommendations Observations (ARO) feature of Covalence is a fundamental tool. It effectively guides people on how to prioritize tasks. "Actions" clearly indicate specific steps to take, while "recommendations" advise whether something deserves attention and what Covalence suggests doing about it. This flexibility is crucial, as not every observation translates to a problem requiring action. Some may simply require monitoring and context to determine the appropriate response. Compared to other priority systems in the market, ARO offers several advantages. Firstly, it facilitates clearer communication and understanding. Secondly, it empowers lower-skilled resources to address issues effectively, leading to cost savings. In essence, ARO serves not only as a valuable communication tool but also as a driver of profitability.

Covalence could be used as a single cybersecurity product for some organizations and it is the most important product in our stack but it is not our whole stack.

Covalence saves us a significant amount of time compared to other security systems we've used. We spend 50 percent less time managing Covalence because it eliminates false alarms. In the past, we'd constantly receive alerts that required us to investigate and ultimately dismiss as non-critical, like a door left open or a window unlocked. With Covalence, if it tells us something is wrong, it's truly wrong. No more wasted time on trivial issues. The way Covalence structures alerts and communicates information also allows us to dispatch the right resources efficiently. It automates many of the tasks we used to handle manually, taking the guesswork out of decision-making. It's as simple as following Covalence's instructions. Before, we'd have to verify the alert, determine the appropriate response, and then execute it. Covalence takes care of all that, which is a game-changer. For example, if Covalence detects an open door in a specific room, it automatically sends the right person to close and lock it. No more scrambling to figure out who to send or wasting time on unnecessary communication.

Covalence identifies and prioritizes critical threats, providing actionable intelligence and step-by-step instructions to mitigate them. This simplicity and efficiency are hallmarks of Covalence's effectiveness.

Covalence offers recommendations on how to mitigate risks proactively. While most MDR, XDR, and even EDR products simply alert us to ongoing threats, Covalence takes a preventative approach. They provide data that delves deeper into vulnerability management, highlighting outdated browsers, operating systems, and suspicious domain registrations that could be precursors to attacks. This focus on predictive and proactive measures helps prevent issues before they arise, setting Covalence apart from many other security products.

Investing in proactive security with Covalence has significantly enhanced our security posture. Preventing incidents before they occur is demonstrably the most cost-effective approach, as compared to the reactive expense of emergency response. By enabling us to address potential problems proactively, Covalence fosters a remarkably efficient and stress-free environment. This translates to happier customers, happier employees, and an overall phenomenal outcome.

I like how comprehensive Field Effect Covalence is. I like the SOC process and the customer service. There is not much that I don't like about Field Effect Covalence. Field Effect Covalence is the best product in its class, bar-none.

Field Effect mentioned including patching in their product roadmap, and that would be a significant game-changer for them. I'm not aware of any other product that offers all three functionalities: detection, vulnerability management, and integrated OS & 3rd party patching. This addition would be a major improvement and make Field Effect a truly unique offering in the market. I recently spoke with the CEO, and he expressed optimism about bringing this feature to the product. I would like Covalence to include patching.

We have been using Field Effect Covalence a little over two years.

We have never had issues with the stability of Field Effect Covalence.

Field Effect Covalence is meant for the SMB market but I have deployed the product for many enterprise clients and it performs equally well at scale.

The technical support is top-notch, super fast, and excellent.

Positive

We chose Field Effect Covalence after seeking an alternative to SentinelOne and CrowdStrike. While CrowdStrike offered robust security, its cost and size presented challenges. We ultimately desired an established solution with demonstrably greater efficacy.

The deployment is straightforward and we can usually deploy in one day.

One person is required for the deployment.

We are an integrator so we implement the solution in-house for ourselves and our customers.

Field Effect Covalence has paid for itself within six months of implementation.

Field Effect is considering revising its agreement terms. While the contract duration might change, the pricing remains highly attractive. In some cases, it's half the price of competing products, and at high volume, it can be as much as 50 percent less than CrowdStrike, for example. Covalence offers even greater efficiency and functionality, making it a more effective product with wider capabilities than its competitors. Combined with the significantly lower price, it becomes an extremely compelling option.

I have extensive experience selling security solutions in this field. I've likely marketed and implemented over 50 different products that compete with Field Effect Covalence. My experience includes solutions like Splunk, SumoLogic CrowdStrike, SentinelOne, Blackpoint, Perch, Artic Wolf, and RocketCyber, and I could readily name at least 20 more. With this background, I confidently consider myself an expert in security solutions. In my professional opinion, none of the competitive platforms I've encountered match the capabilities and effectiveness of Field Effect Covalence.

I would rate Field Effect Covalence a ten out of ten.

A minimal amount of maintenance is required. Covalence is self-sustaining.

Understandably, some people haven't heard of Field Effect Covalence. Several factors contribute to this. Firstly, the company is based in Canada, which may limit its reach in the US market. Secondly, they're still relatively young, having only been around for six years. Building brand awareness takes time, especially for a new company. However, I value effectiveness over popularity. I'd rather choose a less-known product that's demonstrably more effective than a widely recognized one that falls short in performance.

Field Effect has a proof-of-concept that boasts an incredible retention rate. While I don't recall the exact figure, it's around 95 percent of users who try it stick with it, which is truly remarkable. It's a phenomenal outcome that speaks volumes about the power of Covalence. Sometimes, the best way to understand its impact is not through detailed analysis, but simply by experiencing it firsthand. Install the POC and see. Field Effect Covalence is phenomenal, and you will love it.

We use it for our clients, outsourcing our security operation center requirements. We rely on their solutions to meet our cybersecurity needs. It helped us gain a deeper understanding of the security landscape within our clients' networks, focusing on the intricacies of each endpoint. This became particularly crucial during the shift to remote work amid the COVID-19 pandemic. At that time, we reached out to Covalence to assess its compatibility with our requirements, and I believe that collaboration has proven to be successful.

The primary advantage is the notable improvement in our response time to incidents. With the categorization and severity indication, we can swiftly and efficiently react to security incidents. The action tag significantly boosts the internal priority, facilitating a quicker response.

It's crucial for us that Covalence is supported by a team of experts who consistently monitor it for potential attacks and risks. This aspect holds significant value for us, as it aligns with our expectations from a security vendor. Knowing that knowledgeable professionals are actively overseeing the system provides me with a sense of reassurance and peace of mind. In the initial three months, there were a couple of incidents where they promptly intervened and assisted in identifying issues. It took us approximately three to six months to fully recognize and experience these benefits.

Coordinating and handling Covalence is a breeze; we haven't encountered any management issues. The installation and deployment processes are straightforward and hassle-free, causing no complications on our end.

We leverage the solution's tagging system for categorizing security threats as recommendations or observations, aligning seamlessly with our internal ticketing system. When any action, observation, or recommendation is flagged, it automatically generates a corresponding ticket. These tickets are then scheduled with our technicians based on priority for timely resolution.

The categorization of security threats through tagging is instrumental in addressing the most pressing issues. Immediate actions are our top priority, demanding immediate attention and analysis. Observations fall into a medium priority category, as they may or may not pose a significant risk. Recommendations are assessed when a technician is available, and prioritized based on urgency.

It serves as a comprehensive cybersecurity product that proactively safeguards all our services against threats. This is crucial because, without it, we would spend hours attempting to decipher and correlate information across various tools.

It aids our security team in saving time by providing more actionable alerts. Their effectiveness in filtering out false positives and non-invasive alerts is commendable, preventing our team from investing time in non-critical matters. We haven't quantified it with specific metrics, so I can't provide a precise figure. However, based on my experience, I have observed a substantial amount of savings overall.

It has taken the place of several cybersecurity solutions for us, including replacing a previous SOC vendor. We are currently in the process of transitioning from our antivirus vendor to Covalence.

It has significantly enhanced our security coverage, providing me with a sense of peace of mind. Managing three different vendors, each with its own security focus, used to be challenging. With Covalence, having visibility across all aspects and layers, they can efficiently correlate logs without our intervention.

It keeps us informed about the significant threats and provides guidance on addressing them. Each ARO includes recommendations. Leveraging the integration with ConnectWise, they automatically generate a ticket for us, complete with a checklist of recommendations.

The impact we observe on our security operations is notable. The checklists provided, especially geared towards system administration and help desk tasks, are particularly beneficial. These checklists simplify processes for our team, reducing the need for extensive cybersecurity training. It's advantageous to have a vendor that collaborates effectively with our team, making the implementation of security measures more seamless and efficient.

They offer recommendations for risk reduction, encompassing aspects such as vulnerability scanning, code assessment, and evaluation of security tool effectiveness. These recommendations, termed AROs are communicated through tickets. Our team then reviews and prioritizes these recommendations to address them accordingly. There are instances where misconfigurations may occur, whether intentionally or unintentionally by our team. Having a third-party vendor closely examine these configurations is valuable. Even if a risk is acknowledged, it provides us with an awareness of its existence and potential impact.

Their most valuable feature is the MDR capability. Unlike previous solutions, where we were solely informed of security incidents, Covalence's MDR allows for real-time incident prevention. This means that if the profiles are configured correctly, they can actively halt security incidents.

The significance lies in having a unified interface—a single pane of glass—where our security vendor can gain visibility into every facet of the network.

One limitation is that if someone takes their laptop outside the office building, the DNS firewall provides minimal coverage, and we are unable to generate reports.

I have been working with it three years.

It offers good stability capabilities. We haven't faced any issues related to that.

It is highly scalable. It safeguards all our organizations comprehensively, providing protection for every system in use. Our infrastructure includes a physical office and a Microsoft Azure environment in the cloud, creating a slightly complex setup—all effectively covered by Covalence. Currently, our user base consists of approximately fifteen individuals, and we have around thirty endpoints.

The technical support provided by Covalence is reliable. Whenever assistance is required, we either open a ticket or request help through the ARO. In the case of serious issues, they promptly respond. For less critical matters, their response time is generally within the next business day or as needed. I would rate it nine out of ten.

Positive

We were previously using Active Pulse Networks and ConnectWise security suite, employing two different solutions. The decision to switch arose primarily from their reactive nature; although they would alert us to potential issues, they lacked the capability to take proactive actions. This became evident, especially during the shift to a hybrid workforce due to COVID-19.

The initial setup is straightforward.

Deployment typically follows a client overview process where we gather details on the number of locations, users, and servers. We share this information with Covalence, and based on the complexity and needs, they recommend a suitable solution. This could involve an on-premises device for clients with physical offices or a cloud-based appliance hosted in Covalence's data center for those without a physical office. After deciding on the solution, we install the device on-site for on-premises deployment. Following this, we deploy agents to all workstations. Throughout the deployment process, there are regular check-ins and coordination with Covalence to ensure everything is on track and address any pending matters. From our end, a single technician is capable of handling the entire deployment process within approximately one month. However, for smaller clients, we can efficiently deploy agents on their systems within a week.

Maintenance typically involves updates. The agents are designed to auto-update, ensuring they receive the latest versions automatically. In rare instances where challenges may arise, we have the flexibility to create a script and perform manual updates for all agents. However, such occurrences are infrequent.

We have observed a positive return on investment considering the level of service we receive from them in relation to what our clients pay. Their approach to pricing is advantageous as they don't provide individual client-based pricing; instead, they offer bulk pricing for our total seats. This flexibility allows us to distribute the cost across multiple clients, making it affordable for small businesses. Consequently, small businesses can access enterprise-level security that might have been financially challenging for them otherwise. The quality of service and the benefits received by both sides of the business make the investment worthwhile.

The pricing is fair and reasonable. Covalence stands out for its focus on catering to the needs of SMBs, making it a more cost-effective choice in comparison to competitors. It offers flexibility by not imposing minimum user requirements and can accommodate even small businesses with just two users.

During our evaluation period, we were simultaneously testing ConnectWise along with another solution. Initially, a few of our clients were utilizing ConnectWise, but after testing both options, we decided to make the transition to Covalence. Initially, when we engaged with Active Pulse Networks, their pricing was reasonable. However, as they expanded, their solutions became more tailored for enterprise customers, leaving SMBs with higher costs. In contrast, Field Effect's pricing is more universal and suitable for both small and large businesses.

I would recommend it and suggest trying a demo and setting up a trial within the organization to experience how it works firsthand. Testing and experiencing it yourself are essential to truly understand its capabilities. My main advice is to invest more time in the scoping phase, particularly during the initial onboarding and scoping document creation. This will significantly contribute to the effectiveness of the system. Ensure that the organization profile is accurately set up to minimize the chances of miscommunication when addressing actual incidents. Overall, I would rate it nine out of ten.

I internally implement it to enhance our cybersecurity measures, especially given the management of numerous clients. The primary use cases involve comprehensive management and monitoring functions. It effectively oversees all incoming and outgoing internet traffic, providing a centralized control hub from the headquarters. Furthermore, it extends endpoint protection to all computers within the network. Additionally, the solution continuously monitors the Microsoft 365 environment around the clock. The synergy of these three functionalities offers an enhanced and constant overview of internet traffic, enabling the detection of any suspicious activities in real time.

One of the primary advantages is the assurance and peace of mind that comes from constant surveillance. Unlike the previous approach, which involved manually sifting through logs, having Covalence means there's always someone monitoring everything. Another significant benefit is the enhanced ability to meet security protocol objectives, especially when dealing with high-profile clients or pursuing government contracts. Covalence plays a crucial role in achieving compliance, addressing the stringent requirements set by cybersecurity insurance.

The realization of benefits from deployment is almost immediate. Once Covalence is deployed, it begins recording and monitoring right away. Within the initial three to five days, it establishes a comprehensive understanding of the data flow within the organization. In cases where there are issues, especially in a newly installed environment, it might take a few days to identify patterns. However, once up and running, any malicious activity triggers immediate recognition, allowing for swift response and mitigation.

An integral aspect of the solution's effectiveness lies in its backing by a team of dedicated experts. These professionals engage in continuous monitoring for potential attacks and risks, providing a crucial layer of security. The significance of this support becomes evident in the daily influx of alarms, where numerous alerts are generated regularly.

In terms of IT management, this product stands out as the most user-friendly solution I've encountered in years. Its ease of management and deployment is unparalleled.

It offers the convenience of a single cybersecurity product that proactively safeguards all the diverse services across our organization or for our clients. Notably, the latest updates to the Covalence client, installed on computers, are as effective as any standalone antivirus solution suggesting that, in the future, Covalence could serve as a comprehensive solution encompassing antivirus, malware protection, and cybersecurity monitoring.

It's crucial to rely on a single cybersecurity product for trust and efficiency. Managing multiple solutions for different aspects can be cumbersome, requiring constant monitoring of various portals. Covalence simplifies this by providing a centralized dashboard where everything is easily accessible in one place.

It significantly contributes to time savings for our security team. By leveraging an automatic scheduling system, we efficiently connect to client computers to address identified issues promptly. While the percentage of saved time might be less for a smaller operation like ours, where regular client connections are the norm, the real value lies in pinpointing where immediate attention is needed.

It has become our singular cybersecurity solution, leading us to phase out multiple other cybersecurity products. Specifically, we've begun removing Bitdefender solutions from clients who now utilize Covalence.

The communication with Covalence is primarily facilitated through our ticketing system, although critical incidents may prompt phone call alerts. They inform us of significant threats through various channels, and their active monitoring solution empowers them to take immediate action, such as shutting down compromised computers or Microsoft 365 accounts. This multi-faceted notification approach is highly beneficial, particularly when incidents occur outside regular working hours. It ensures prompt action even if we're not actively monitoring, a capability that wouldn't be possible without their service.

The swift response to evolving threats is crucial. Moreover, the simplicity of deploying and using their solution is a key factor that streamlines the provision of cybersecurity services to my clients, significantly easing my workload.

The impact on our security posture has been significant, greatly enhancing our overall cybersecurity coverage. By utilizing their products, I feel more confident that we are comprehensively protected, extending beyond a mere antivirus and malware solution.

The standout feature is its continuous 24/7 monitoring of all network traffic, providing unparalleled vigilance. It empowers end-users by enabling them to promptly report suspicious emails for a swift assessment of their legitimacy. Moreover, with the deployment of an office appliance, users gain access to DNS filtering, a powerful tool that not only restricts access to specific websites but also actively scans for and blocks access to harmful sites.

The solution's categorization of security threats into actions, recommendations, or observations is a crucial feature. The seamless integration of AROs into my system is noteworthy. When Covalence identifies issues, whether related to software updates, vulnerabilities, or potentially malicious transactions, it automatically generates tickets within my ticketing system. This integration allows our team to promptly verify the nature of the issue, particularly in cases where certainty is not absolute.

In terms of improvement, there are instances where the ARO responses are slightly slower than preferred. While I understand the necessity for human review in certain cases, there is a consideration for enhancing the speed, especially for situations where a quicker response, perhaps within three to four minutes, could be more beneficial based on the nature of the attack.

I have been working with it for approximately four years.

It is generally stable, no notifications or issues have arisen in the deployment and ongoing use of the surveillance system. Unlike many applications that may conflict with legal or accounting software, or antivirus solutions that could impact day-to-day usage, Covalence has not posed any such problems.

It is highly scalable. We've successfully deployed it in various firms, ranging from those with seventy to eighty users to others with ten, fifteen, or twenty users, and the performance has been consistent across all scenarios. There are no noticeable issues or challenges related to scalability.

I am highly satisfied with their level of customer service and support. It's one of the best ones in the market. I would rate it ten out of ten.

Positive

The initial setup is straightforward. The assistance provided during the implementation phase is noteworthy, making the process seamless. Once implemented, the ongoing maintenance is remarkably straightforward, requiring minimal intervention on my part to ensure that it remains up-to-date and operational.

The implementation process is straightforward and user-friendly – we simply plug it into the current network, and the system takes care of the rest. Deploying agents is equally hassle-free, requiring the installation of a small piece of software on all computers, after which it autonomously manages itself. Installing the 365 connectors is a quick three to five-minute task, easily handled by any IT administrator. The strategy for deployment involves an initial assessment to determine whether there are on-premise servers or a physical office network, in addition to cloud services that need protection. Once this assessment is completed, the decision is made on whether to deploy a physical appliance or a virtual appliance. The next step is to order and deploy the chosen appliance. The overarching strategy depends on the specific needs, such as protecting the headquarters and multiple clients. 

The deployment time varies depending on the number of clients. For clients with a small server, the process takes approximately an hour. After installing all the connectors, the Covalence agents are automatically delivered to computers as they are turned on. For remote workers, coordinating the connection and ensuring the installation of the Covalence agents typically takes a couple of hours to three hours. 

Maintenance is minimal and lightweight. Periodically, Field-Effect may contact us for assistance with specific updates, and after they perform the updates, they provide information on any machines that encountered issues with the new agents.

The clients who benefit most from the ROI are those dealing with security clearance levels mandating strict compliance. For them, the immediate return is evident in the alleviation of IT issues related to cybersecurity compliance.

The shift to a per-user pricing model and the introduction of a base price for the on-premises or virtual appliance has been particularly advantageous. This pricing structure aligns well with the needs of almost all my clients, especially smaller companies, eliminating the challenges associated with block pricing.

My advice for risk reduction is centered on leveraging the recommendations provided by each ARO. Every ARO not only identifies a potential issue but also offers a recommended fix or solution. For instance, if they detect a certain protocol enabled on a server, they not only provide mitigating factors but also suggest possible methods to turn off or protect the service.

I would recommend it due to the simplicity of deployment, the comprehensive monitoring solution, reliable tech support, and the user-friendly tools for integrating plugins into email programs like Outlook for added functionalities. When discussing these features, coupled with the straightforward pricing structure, it becomes easy to convey the benefits in comparison to other products on the market. The implementation process is notably one of the simplest in the industry, making the overall adoption of the solution hassle-free. Overall, I would rate it nine out of ten.

It's our cybersecurity solution for cloud, network, and endpoints. We do a weekly review of the endpoints, and because software is always changing and no software is secure, we are updating software all the time. We rely on them for our cybersecurity solution.

Covalence informs you of the threats and how to address them. They send emails and texts. They tell you what the level is. You can see the recommendations and ask for help. You can escalate. It's very helpful.

For a small business that doesn't have a full IT or cybersecurity department, their guys are there when you need them. If something comes up and gets identified by the system, you can reach out to a human if you need help doing the analysis. A couple of times, I ran software that did the analysis, and then I sent it back to them. They were able to review what the malware was and evaluate whether it was safe or not to proceed after it was clean.

For endpoint management, Covalence identifies operating systems that need updating to help us stay on top of everything. It's running in the background and does a packet-level analysis of everything that comes in. It also has an auto-response feature, so if something gets through and is clicked on, or somehow gets through the network, it gets isolated and quarantined, and we get notified. We've had one instance of that scenario where someone got an Excel spreadsheet that was malicious, and we were notified and it was quarantined. We worked with the forensic team at Covalence and ran a full review of that computer.

The packet-level analysis—knowing that everything that comes in is getting looked at—and the endpoint protection are the most valuable features. Whatever comes in, it can be as if your door is always open. If you're on the internet, things can creep in that you don't want. But Covalence is looking at everything that comes through.

And the auto-response is valuable, knowing that it's going to quarantine any malicious thing that happens to get through or when a user happens to click on something they shouldn't have clicked on. Email is the major vector of cyber attacks, and we do have training for that. But in the event that someone clicks on something they shouldn't, the system will isolate it and quarantine it. And their team does a post-event analysis.

They have experts available to do a forensic-level evaluation of what the issue is. Luckily, we haven't had any serious attacks. I don't know if that can be attributed 100 percent to Covalence, but we have peace of mind knowing it's there.

We use the tagging of alerts, recommendations, and observances, as well as the SEAS (suspicious email alert system). The tagging is a different way of categorizing threats. Endpoint management gives me the person that I need to deal with for a specific vulnerability. But the tagging identifies vulnerabilities at a vulnerability level. An example might be "out-of-date software soon," and then it would list out the 12 employees who are running that on their endpoints. If you approach it by endpoint, it's the opposite. It will say, "Here's the endpoint and all the vulnerabilities." The tagging helps me prioritize. Often, it's just an observance, such as someone using Tor browser for something. It comes in as text and email, and you can take care of it.

The area where they can make it better is by giving responses to the end-user. For example, when there is an alert to the administrator, I get it. I have to copy and paste everything to everyone, telling them, "Hey, your Zoom is out of date," or "Mac user, you have to update your iOS because there's a vulnerability." And then I have to follow up with them, and it's a real pain.

Also, with the email alert system, when people have suspicious emails they forward them. The analysis comes back, and I have access to it. But what I want is that if someone who is not the administrator sends in a suspicious email, they should get the email back with the response from Covalence. Now, it keeps that information in the administrator portal. But I want to get out of the way. If someone reports something, the answer should go back to that person, not to me. In some cases, it requires an admin to execute software updates, but I would like them to know exactly what they need to do to be up-to-date and have a vulnerability-free endpoint.

We have been using Field Effect Covalence for at least three years.

I don't think it's ever crashed. It's always running in the background. I get reports on how many scans and how many malicious things it has stopped. I have peace of mind knowing we have some protection running.

I would assume it's scalable, but it's not as if my company went from 40 to 5,000 employees. For us, the scalability is unknown.

The support is good because you never know when you're going to need help with something.

That time I mentioned, when someone in the warehouse got an email with a spreadsheet that came up as a high alert, we quarantined him, and then we did the analysis with their help. I called in and support said, "We're going to send you an executable to give us all the data from that computer so we can analyze it, see how they got in, and what toolkit they used for the Excel."

There was no repercussion, but it was great being able to call immediately and have a forensic-level guy on the line that could advise us.

And if I ever have questions, I can send an email, and they're really good about responding. That's when it's more of a casual question. But when something is pressing or urgent, that's when you call in.

They're good in both respects. They're very good. When I needed them, they were absolutely there.

Positive

We had something super-basic and rudimentary: a firewall and spam filter. That wasn't a model that was keeping up with cybersecurity threats. We went from having a super low-level, basic security setup to having an actual modern cybersecurity tool to help us identify and deal with threats.

Cybersecurity is a standard requirement now. It's not that you can just get away with a firewall and a spam filter. We knew a lot of companies that got hacked, and we wanted to be ahead of the curve. I brought it up and was doing some initial due diligence, and then our CFO said we needed a solution. I had told them before about Field Effect Covalence and that I reached out to all the majors, but the starting point for them was $24,000 a year.

The fact that Covalence is backed by experts who are constantly monitoring for attacks is very important to us. One of the reasons I selected Covalence was because their founder was a big name in cybersecurity. He was Canada's number-one cybersecurity guy, and he worked with a task force that was like the MI5-equivalent of cybersecurity back in the day. That was good to know.

Also, with this product, you have access to all of these features, whereas with other systems, it seemed like if something happened, you would have to pay a consultant some crazy rate per hour to sort out your situation. Whenever something happens or I have a question about one of the endpoints, they have people to help out.

I have an account manager, which is very helpful, and we do quarterly reviews. It's a complete solution for us as a small to midsized company. There were a lot of solutions out there for enterprises, because that's where the money is, but cyberattackers don't care if you are a small or midsized company. If they can get money out of you, they're going to hit you. They shoot things out, and wherever they land is is where they go. So this was the right solution for us, and we've been really happy with it so far.

The initial deployment of Covalence was super easy. I'm an IT generalist with a certain focus on integration, e-commerce, and SQL. The diagram instructed you  to plug the blue cable in next to the blue dot. It was super dumbed-down, which was perfect for me.

As for maintenance, there was one time when they updated the endpoint agent, but it was super easy because everything is monitored. I had to update all the endpoints, and it was pretty easy, but I didn't have to update the hardware.

I did it all by myself, without any help from anyone. It was really simple.

When we were searching, it was when cybersecurity was a huge topic and there was an unclear market. It wasn't like if I needed a CRM, Salesforce was absolutely the number one, or if I needed an e-commerce system, Shopify was absolutely the number one.

And most of what was out there was built for enterprises, and they would parse out the different components. You might get one component for one thing, another component for another thing, and a third component for another aspect of cybersecurity. Each one would be about $24,000 a year. That just wasn't affordable for a small to medium business at all.

I got in touch with Arctic Wolf, but they were for the big spender, at $24,000. A lot of other companies were in the same ballpark. It was a barrier to entry, and we couldn't just shop around and try this one this year and another one next year.

When it comes to managing Covalence, it's easy in the sense that all the information is there, but it's not automatic. You can't just plug it in and go to the golf course or take a nap. Someone has to review it and follow up, especially on the endpoints. It's like the weather: things change every day. New emails come in, and that's probably the biggest attack vector. There are always new threat actors. It's not difficult, but you need to monitor it and respond to whatever shows up on your dashboard. You need to keep all your systems up-to-date, patched, and secure. It helps.

For example, Zoom updates their software just about every week. Everyone knows, "Okay, we have to update soon," because Covalence runs a comparison of identified vulnerabilities, and they always show up.

Covalence doesn't cover physical assets, but it covers all the digital resources: networks, endpoints, and the cloud. It is installed and monitoring all the traffic on all of those systems. It is the product that does everything.

If you haven't heard of Field Effect, you should consider it. What sold me is that it is a complete solution that is priced competitively. And I'm not saying that I bought it on price alone, but it ticked all the boxes that I was looking for: endpoint, network, cloud, and it wasn't $24,000 a year. For a small company, that's a sizable amount. There just wasn't an SMB product that could compete with Covalence when I was looking. Maybe there is one out there now, but I have sat in on so many presentations and I didn't see any for small and medium-sized businesses like Covalence. Maybe now that the enterprise market is saturated, Arctic Wolf is coming out with a less feature-rich product priced for small-to-medium-sized businesses. But it's hard to compete with Covalence in that market based on its feature set and cost.

The big takeaway is that we haven't been paralyzed by a cyberattack. I know it's stopping things. I don't know if there was some threat actor who tried to attack us and then said to themselves, "Oh, man, these guys have Covalence." For me, it's a case of job security that we haven't been attacked. If anything happens, they're going to look at me as the VP of IT and say, "It's your fault." But we haven't been attacked, and we see all the vulnerabilities. It's all laid out. It's monitoring every endpoint and every packet. For me, that's peace of mind.

I'm a Field Effect reseller, and my clients use Covalence as an affordable fabric security solution. 

Covalence cuts down on the number of cybersecurity solutions you need because Field Effect is rigid. They're like, "It's all us or nothing." It's their Microsoft 365. They won't let you use your own EDR. It's all under one umbrella. They consolidate all the products into one service, which can be good and bad. It's good because you don't have to think about anything. It's bad because some larger organizations might want their own EDR products or endpoint security. Sometimes, it works; sometimes, it does not. 

Covalence's cloud protection element has been excellent. A lot of organizations are using 365. It's hard to find a secure solution for protecting accounts. We've gone down the path of trying to utilize other security solutions for that particular area. We've been disappointed and always come back to trying to implement Covalence when we can so we know people are safe.

The solution's expert monitoring is huge. Things happen when you sleep, so it's a big comfort knowing that people are watching who have the autonomy to act on things. It's a great augmentation to our own staff. Managing Covalence isn't that hard, but it notifies you of a lot of issues, and the vulnerability management aspect requires a lot of upkeep. It's challenging to keep everything 100 percent patched and stay on top of the vulnerabilities that they detect, but it's necessary. 

Some things are actions, some are recommendations, and some are observations. You are presented with these things, and you get some insight about the level of severity and whether or not it's something you need to jump on right away. It helps you prioritize the critical things by telling you an action that you must deal with immediately. 

Covalence should provide a live view of the endpoint because the endpoint view in the portal is 5 to 15 minutes behind the actual status of the endpoint and its vulnerabilities. When it doesn't update with the actual status, it makes managing those things harder because sometimes something gets updated, and one of those vulnerabilities has gone away, but that doesn't appear in the ARO. The ARO information becomes outdated. There should be more alignment between the actual view, the endpoint view, and the ARO list. It also lacks email security, so you have to implement other things. They cover a lot but not everything.

I have used Covalence for a little over two years now.

Performance and stability aren't issues. It doesn't really slow anything down. 

Covalence scales from small to large. That's not an issue.

I rate Field Effect's support nine out of 10. The response could be better. Their expertise is always excellent. When things come up, it's great to be able to plug into their team. They have a lot of expertise available to us that they share. We work together to get issues resolved, or they will mitigate the problems as soon as things are detected. They've never let us down. There were some bumps in the road in the beginning, but they seem to have passed. 

Positive

There weren't many options when we were looking to buy. I wasn't using anything equivalent in the past because it was just starting to get ramped up and things were starting to get back from the cybersecurity perspective. There were only large enterprise business solutions to choose from. There weren't options that fit into the SMB space. We were looking for something, came across Covalence, and gave it a try and it's worked out. 

Everything is hard when you first do it, but now deploying Covalence isn't a big deal. The deployment time depends on the size of the user base. There are just a couple of steps. The cloud part isn't difficult. Next, you deploy the endpoints. You may need to remove what's already there. It's all dictated by the number of users and systems. You must track down all those systems and ensure everybody gets that endpoint software. After deployment, it doesn't require a lot of maintenance. It's self-updating. 

The pricing isn't sized, so Field Effect doesn't make it easy for anything under 25 users. I'm not crazy about that.

I rate Field Effect Covalence nine out of 10. Many people out there try to do it themselves. They'll try to use a freeware or open-source solution to build their own thing. I see this in my industry a lot. People try to maximize profits by finding the most inexpensive solutions out there and combining them all under one solution. 

However, at the end of the day, your team has to monitor them 24/7. If you're not, what's the point? It doesn't work. Trying to talk somebody out of building a better mouse trap is always hard.

We leverage Field Effect Covalence for our customers' cybersecurity needs. We offer it as a value-added service to our clients, acting as a trusted reseller for Field Effect. For companies that have experienced security breaches or vulnerabilities, we prioritize recommending Field Effect Covalence's immediate deployment. Integrating Covalence enables swift remediation through its robust cybersecurity policies and tools. Moreover, we actively promote the adoption of Field Effect Covalence as a comprehensive security solution within our existing customer base, as we firmly believe in its efficacy.

We implement Field Effect Covalence to satisfy cybersecurity policies and remediate existing threats and incidences.

We've deployed Covalence in the cloud for some clients, but most have on-premise deployments due to our pre-existing on-premise equipment. While I anticipate a shift towards cloud adoption as clients transition to cloud services, our current focus remains on physical installations.

Covalence's backing by experts who constantly monitor for attacks and risks is a great advantage. I've had the pleasure of working with them for a long time, and their professionalism and expertise are truly commendable.

The tagging feature effectively prioritizes tickets by highlighting the most urgent issues. When someone receives a tagged alert, it automatically becomes a top priority. Observations, while important, are addressed later as resources permit.

Managing Covalence is easy and their support team is good if we run into a problem.

While Covalence doesn't proactively cover all our threat services, they've made significant strides over the years. Their continuous development efforts have expanded their capabilities beyond what we currently utilize. While we collaborate with their development team on specific needs, their overall coverage surpasses our current requirements.

Covalence saves us significant time by eliminating the need to manually search for vulnerabilities. Instead of hunting through side channels, we receive vulnerability reports directly, streamlining the process. Additionally, Covalence identifies outdated software, allowing us to automate updates previously handled manually. This automation, driven by Covalence's insights, saves us a considerable amount of back-end time by eliminating manual tasks.

We have implemented other cybersecurity solutions for our customers, including Darktrace, but have found them to be inadequate compared to Covalence, leading us to consolidate onto this superior platform.

Covalence has improved our client's security coverage. They love the solution.

Covalence keeps us informed about the most critical security threats and guides how to address them. We hold monthly meetings to discuss ongoing security concerns, and in case of urgent issues, we communicate directly with Covalence's team. Additionally, we maintain regular communication with their development, support, and admin teams.

Covalence delivers daily recommendations to help us reduce platform risk. These recommendations are crucial, as addressing them safeguards against potential threats. Therefore, they are of great importance to both us and our customers.

Covalence is an impressive product that has gained significant traction with customers. It provides valuable insights into our IT environment, enabling us to improve reselling, upgrades, and customer management. This is primarily due to the increased visibility it offers into our infrastructure, which was previously fragmented across multiple portals. Covalence consolidates this information into a single pane of glass, providing a centralized hub for accessing all relevant data. Furthermore, it integrates seamlessly with our ticketing system, event solutions, and various business processes.

Covalence's SEAS feature wasn't very user-friendly. I heard they're working on improvements to provide better user feedback, but I don't know if that's been implemented yet. Regardless, it's good to see they're addressing the issue.

I have been using Field Effect Covalence for almost five years.

We typically put our appliances in passive mode. And so they mirror traffic, but they do not interrupt traffic. I don't recall any customer having disruption because of the Covalence appliance.

Field Effect Covalence is easily scalable.

The technical support team is excellent. They are highly responsive and have a deep understanding of the product. It has been a pleasure working with them as one of the lead project managers.

Positive

We previously partnered with Darktrace, but our experience with Covalence was significantly more positive, leading us to switch.

The initial deployment is straightforward, and Field Effect has a supportive team to assist if needed. However, there are some preliminary steps we need to take in the portal, which typically takes about 30 minutes if we have all the necessary information. On-premises deployment time can vary depending on the specific circumstances, such as the number of locations, appliances, and internet links involved. Therefore, the deployment timeline ultimately depends on the company's infrastructure and configuration. The longest a deployment has taken us is a few days and the shortest was half an hour. One person from our team is required for the deployment. In some situations, there may be a person involved from the client's side because they have some information for us but most of the time we have all the information.

The licensing model itself is solid, but we're ironing out some inconsistencies in how customer profiles are configured. This is particularly relevant in a user-based model, where company headcount might be low while actual user counts are higher due to contractors or remote workers. It creates a gray area about which users get billed, but we're actively discussing solutions with Field Effect.

I would rate Field Effect Covalence an eight out of ten.

While Covalence rarely requires maintenance, we've encountered two instances requiring service in the past. In one case, an appliance overheated as a result of an external environmental factor and in the other, hardware failure necessitated a complete replacement. Fortunately, both replacements were handled promptly.

I suggest getting a demo. It is quite impressive. If anybody knows anything about cybersecurity, they'll see by the demo that Field Effect Covalence covers everything.

Before deploying Covalence, it's crucial to have thorough documentation to properly scope the project. The biggest pitfall is deploying Covalence into the wrong environment because of an inadequate understanding of the existing infrastructure. A thorough scoping meeting is essential to define what needs to be protected, and this often requires a detailed inventory of the current environment, which some organizations may lack.

We use Field Effect Covalence as our endpoint detection and response solution. We use the solution on our desktops to provide an additional layer of security.

We wanted to detect deviations from baseline behavior on our endpoints and provide an additional layer of security beyond our antivirus protection. We also wanted to enhance our security posture for Office 365 on-premises and in the cloud.

Covalence has different levels of behavior. At the lowest level, it alerts us to potential problems. At the next level, it makes recommendations and allows us to take immediate action. At the highest level, it takes automated actions and escalates issues to the Covalence team. We can reach out to the Covalence team for their input and experience on threats in our environment. It's like having an extension of our team that we can draw on for expertise.

Managing Covalence is extremely simple. We use the web portal to manage all aspects of the solution.

Covalence provides a single cybersecurity solution that proactively protects all our threat services as part of our layered security approach. Covalence provides a strong defense package which is part of that multilayered suite of protections.

Covalence saves our organization time by constantly monitoring for threats in the environment, deviations from baseline behaviors, and threats in the cloud against our Office 365 landscape. It generates action responses that are sent to the team. We no longer have to actively monitor for those threats. Covalence monitors them for us. We have replaced one full-time employee's time with Covalence.

Covalence not only identifies threats, but it offers remediation advice as well.

Focusing on the threats that are relevant to us and the threats that actually matter in our environment, allows us to target the resources that we have to address specific issues and threats.

Covalence in the context of the recommendations that it makes gives us additional information that we can use. They have made a positive impact on the security posture by allowing us to close additional gaps and strengthen our security posture.

The solution's advanced detection behaviors, automated notifications and responses, and automated remediation behaviors are valuable features.

The tagging of ARO closure has room for improvement. Covalence needs different categorizations for closing AROs.

I have been using Field Effect Covalence for nearly two years.

Field Effect Covalence is extremely stable.

Field Effect Covalence is scalable. We have had no issues scaling in our environment.

The technical support is excellent and extremely responsive.

Positive

The deployment was straightforward. Post evaluation, we rolled Covalence out on mass to all endpoints within our environment. One person was required for the deployment.

The implementation was completed in-house.

Covalence has provided a return on investment by actively intercepting two incidents that would have had a significant financial impact on our organization if allowed to play out.

Covalence is cost-effective.

We evaluated a range of different products and found that Covalence provided us with the best suite of tools, giving us the functionality and visibility we were looking for.

I would rate Field Effect Covalence nine out of ten.

Our environment is a Windows environment, and there are approximately 300 endpoints.

People should consider Field Effect Covalence, which is a robust, scalable, and dependable solution that is certainly worth reviewing. Talk to some users who are currently using Covalence to get their feedback.

Covalence is an enterprise-level solution that is both functionally rich and cost-effective.

While we focus on being a general managed service provider rather than a specialized security solutions provider, we take security seriously. Therefore, we leverage Field Effect Covalence to comprehensively manage and monitor our client sites from a security standpoint.

Our organization currently lacks dedicated expert resources to analyze the data from the equipment. While having the equipment and ingesting information is important, it's crucial to have qualified personnel properly review the data to avoid a high rate of false negatives. Without this, the output could be unreliable and generate excessive irrelevant tickets, creating a noisy and inefficient solution. This is where Covalence shines, as their team of experts constantly monitors the data and provides valuable insights, which is immensely beneficial.

Field Effect Covalence is one of the easiest security solutions to manage. It integrates seamlessly with our existing PSA, meaning it interacts directly with our ticketing system. This eliminates the need for duplicate data entry and simplifies the workflow. Covalence identifies the actual issues, suggests appropriate resolutions, and provides supporting documentation to explain why addressing the issue is important and relevant.

When information enters our ticketing system, we categorize it based on its urgency and the action required. If it demands immediate attention, it's labeled as an "action" with high severity. Medium-severity actions require review and potential resolution within the same day. Observations, on the other hand, signal potential issues that need monitoring and assessment to determine if intervention is necessary. Recommendations, like software patches, are suggested solutions for identified problems. However, these may not always be feasible due to non-compliant or legacy applications that lack updates. In such cases, a discussion with the client is crucial to determine the best course of action. Covalence tagging simplifies this process by clearly categorizing information into three types: Actions, Recommendations, and Observations. Each ARO is further classified by severity (high, medium, and low), making it clear what needs to be done upon entry into the ticketing system.

We've experienced two key benefits from implementing Field Effect Covalence. The first, from a business owner's perspective, is risk mitigation. As someone constantly focused on minimizing vulnerability, knowing Covalence regularly reviews client sites and generates actionable reports provides immense peace of mind. It highlights areas needing improvement—something our internal team might miss. Their deeper analysis ensures no security issues fall through the cracks, fulfilling our initial purpose for bringing them on board. Second, from a client perspective, Covalence's reporting tool allows us to present monthly reports demonstrating our compliance and commitment to their security. In cases where clients hesitate to address recurring findings, the reports document their reluctance, holding them accountable. Overall, Covalence simplifies risk mitigation for both ourselves and our clients. Their independent reports offer transparency, showcasing not just outstanding issues but also their resolution speed.

While we use Covalence for monitoring and recognizing the broadness of cybersecurity, believing a single tool can't cover everything, I think cybersecurity ultimately revolves around access and firewall management. However, various aspects arise, and for actual monitoring and oversight of client activity within their site, Covalence provides comprehensive coverage.

Covalence streamlines the work of security teams by significantly reducing the need for manual research. Each ticket generated by Covalence provides clear, step-by-step instructions for resolving any identified ARO. It pinpoints non-compliant devices or applications and highlights any outstanding requirements for resolving the issue. Additionally, Covalence provides supporting documentation to explain the rationale behind each recommendation, promoting well-informed decision-making. This comprehensive approach empowers even Level 1 and Level 2 technicians to effectively address AROs and achieve timely resolutions.

Field Effect's agent includes an EDR and DNS solution, eliminating the need for separate cybersecurity tools for those functionalities.

Regarding Covalence's recommendations, some mandate specific actions to avoid vulnerabilities. Others suggest further analysis, like the example of multiple end-user VPN products. Having numerous VPNs accessing corporate data on corporate devices poses a significant challenge. However, with adequate documentation, we can effectively present this issue to clients. Ultimately, focusing on a single approved VPN and eliminating others seems like the prudent course of action to enhance security. Another example of this focus-narrowing concept applies to web browsers. The more applications and browsers running on a client's system, the higher the risk of non-compliance and the need for updates. Minimizing unnecessary tools simplifies maintenance and enhances overall security. Covalence's recommendations, along with the supporting reports, provide valuable insights for clients to improve their security posture. Discussing these findings in detail offers guidance and empowers clients to make informed decisions regarding their security infrastructure.

Individually, each aspect of Field Effect Covalence might not hold much significance. However, when combined, they create a powerful and effective system. I appreciate the "set it and forget it" nature of Field Effect Covalence. The platform keeps a watchful eye on client security, and I have confidence that any potential issues will be identified and addressed. The system generates Action Recommendation and Observation reports, which provide detailed instructions for resolving any security concerns and ensuring client compliance. This makes it remarkably easy for network management companies like ours to seamlessly handle the security needs of our clients. 

I'd like improved visibility into the backend data where logs are stored, along with integrations with a wider range of products. Field Effect Covalence already integrates with Office 365 and AWS, and has recently added Fortinet and Duo. Expanding their integrations to cover even more products would be highly beneficial.

I have been using Field Effect Covalence for five years.

Field Effect Covalence is stable. We have not encountered any issues and we don't see what is happening in the backend.

Field Effect Covalence is highly scalable. While the core agent software remains constant, the infrastructure adapts to growing data volumes. When an organization surpasses the capacity of its current appliance, simply replacing it with a more powerful one seamlessly extends the platform's capabilities. Additionally, adding appliances to accommodate new branch offices or increased data intake is straightforward. In essence, scaling Covalence is often as simple as adding or upgrading hardware, making it a flexible and adaptable solution for businesses of all sizes.

As early adopters of Field Effect Covalence, we've received exceptional technical support from their team. Their responsiveness is impressive, regardless of the ticket complexity or time of day. Even nights and weekends haven't posed a challenge – they're always available to assist. 

Positive

Previously, we used a hosted SIEM solution. However, this required dedicated security expertise for management, and it generated a significant amount of irrelevant alerts. Outsourcing SIEM monitoring has proven to be far simpler and more effective. Aside from the convenience, it's also slightly cheaper than maintaining and supporting an in-house team. Additionally, offloading liability is a major advantage. Field Effect Covalence takes ownership of SIEM monitoring and assumes responsibility for security vigilance, which we always emphasize to our clients. That's why we made the switch.

Deployment is fairly straightforward, but it needs the right hands on the job. In other words, this isn't a task for a level-one technician. While level-one and level-two staff can be helpful with routine operations, the initial setup requires a bit more expertise — someone with networking knowledge and experience. It doesn't need to be the most senior person, but just not someone starting.

The deployment process takes just one day. It involves four hours of setting up the on-premises components, followed by agent deployment and gradual activation. From this perspective, the actual onboarding is distinct from the deployment itself. The deployment itself is relatively straightforward and completed within a day. Onboarding, however, takes a little longer. This is due to the initial "noise" of the system, where security catches previously undetected issues. This thoroughness is a positive, as it ensures nothing slips through the cracks. Therefore, onboarding requires time for things to settle down and establish a regular rhythm of handling typical support tickets.

One person can complete the full deployment.

We've lost clients due to their growth or acquisition. Some who experience significant expansion build their own full-time IT departments, while others join companies with existing IT infrastructure. Notably, regardless of the reason for departure, they've all chosen to retain Field Effect Covalence.

While Field Effect Covalence's pricing seems competitive for the market, the biggest hurdle lies in the lack of dedicated security budgets within many organizations. Convincing these companies to allocate further IT expenditure specifically for security can be tough. They often struggle to justify adding another line item when they're already paying for individual security tools. This fragmented approach can leave them without a comprehensive monitoring system, which ultimately is the most critical need. So, the primary challenge isn't the price point, but rather helping companies understand the value proposition of a holistic security solution and how it complements their existing infrastructure. Once that hurdle is cleared, the current pricing of Field Effect Covalence appears reasonable.

I would rate Field Effect Covalence a nine out of ten.

Our client base varies in size, with a range of 15 to 150 users per client. The average client has 25 users.

We have some minor housekeeping tasks related to endpoint agents that don't deploy correctly, but we don't have any ongoing maintenance responsibilities.

Field Effect Covalence is a fantastic Canadian company, a testament to Canadian innovation and success. The talented team behind it began their journey in government cybersecurity. Recognizing a crucial need in the small and medium-sized business space, they leveraged their expertise to create a solution that has truly taken off. For five years now, we've been using Covalence with every client, and not a single one has experienced a breach. This is remarkable, considering that 60 percent of SMBs face a breach at some point. It speaks volumes about the effectiveness of Covalence and the expertise of its founders.

Field Effect Covalence is a reliable solution for our security monitoring needs. We haven't found anything else that compares. I appreciate the program's simple interface and the company's efficient service delivery. What truly impresses me is their client interaction. They don't just provide alerts; they explain the cause and implications, identify security gaps, showcase Field Effect's prompt resolutions, and highlight the exceptional speed of their response. This transparency and responsiveness are truly outstanding.