Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.
The product is free of charge and comes integrated into Windows.
The solution is free.
The product is free of charge and comes integrated into Windows.
The solution is free.
Microsoft Intune is a comprehensive cloud-based service that allows you to remotely manage mobile devices and mobile applications without worrying about the security of your organization’s data. Device and app management can be used on company-owned devices as well as personal devices.
Consider the Microsoft Enterprise Mobility Suite rather than choosing specific sub-components, e.g. only Microsoft Intune.
Microsoft Intune is a cost effective choice. It is less expensive than other products on the market.
Consider the Microsoft Enterprise Mobility Suite rather than choosing specific sub-components, e.g. only Microsoft Intune.
Microsoft Intune is a cost effective choice. It is less expensive than other products on the market.
CrowdStrike Falcon is a comprehensive endpoint protection platform, primarily designed to meet the evolving cybersecurity needs of modern enterprises. It employs machine learning, behavioral analytics, and integrated threat intelligence to combat a wide range of cyber threats. CrowdStrike Falcon stands out for its cloud-native architecture, ensuring real-time protection and threat intelligence, essential for safeguarding dynamic environments. Its lightweight agent architecture minimizes system performance impact while offering extensive network visibility.
I do not have experience with the cost or licensing of the product.
The pricing will depend upon your volume of usage.
I do not have experience with the cost or licensing of the product.
The pricing will depend upon your volume of usage.
Microsoft Entra ID, previously known as Azure AD (Active Directory), is Microsoft's cloud-based identity and access management (IAM) solution. Designed to help organizations of all sizes manage user identities and create an intelligent security perimeter around their cloud and on-premise resources. Microsoft Entra ID or Azure AD is integral to the Microsoft 365 and Azure ecosystems. It provides a robust set of capabilities to manage users and groups and secure access to applications in a centralized, streamlined manner.
Microsoft Entra ID (Azure AD) is a login system, morphing into a sophisticated identity and access management (IAM) solution for the modern, hybrid workplace. Imagine a single vault for all your digital keys – that's the essence of Entra ID's identity management. It acts as a central repository for user identities, encompassing usernames, passwords, and even additional attributes like department or employee role.
These capabilities enabled simplified administration using a unified platform for adding, modifying, and deleting user accounts. Users no longer need to remember login credentials for a plethora of applications. Entra ID streamlines access by using the same identity across various cloud services and on-premises resources (if integrated). Centralized identity management allows for stricter enforcement of security policies and password complexity requirements across the organization.
Authentication sits at the heart of the solution, ensuring only authorized users gain access to sensitive resources. It employs a multi-pronged approach:
For organizations with on-premises infrastructure, Microsoft Entra ID (Azure AD) offers hybrid identity options. This allows for a smooth integration between on-premises Active Directory and Entra ID, providing a consistent identity for users across both environments. It enables organizations to leverage their existing investments in on-premises infrastructure while taking advantage of cloud scalability and flexibility.
In conclusion, Microsoft Entra ID (Azure AD) is a comprehensive IAM solution that addresses the complex challenges of managing and securing identities in a cloud-centric world. Its blend of ease of use, security, and integration capabilities makes it an essential component of modern IT infrastructure, supporting both operational efficiency and strategic business objectives.
The licensing cost is a bit prohibitive.
Licensing is easy.
The licensing cost is a bit prohibitive.
Licensing is easy.
Microsoft Defender for Office 365 is a comprehensive security solution designed to protect organizations against advanced threats in their email, collaboration, and productivity environments. It combines the power of Microsoft's threat intelligence, machine learning, and behavioral analytics to provide real-time protection against phishing, malware, ransomware, and other malicious attacks.
It's a user-base subscription.
From the pricing point of view, like any other product in the market, there is scope for negotiation.
It's a user-base subscription.
From the pricing point of view, like any other product in the market, there is scope for negotiation.
Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.
I'm not privy to that information, but I know it's probably close to a million dollars a year.
We are using the free version of the Azure Security Center.
I'm not privy to that information, but I know it's probably close to a million dollars a year.
We are using the free version of the Azure Security Center.
IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost.
found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price.
Microsoft Defender for Cloud Apps is a comprehensive security solution that provides protection for cloud-based applications and services. It offers real-time threat detection and response, as well as advanced analytics and reporting capabilities. With Defender for Cloud Apps, organizations can ensure the security of their cloud environments and safeguard against cyber threats. Whether you're running SaaS applications, IaaS workloads, or PaaS services, Microsoft Defender for Cloud Apps can help you secure your cloud environment and protect your business from cyber threats.
We have an educational licensing agreement. It's a customer agreement for multiple years.
This product is not expensive.
We have an educational licensing agreement. It's a customer agreement for multiple years.
This product is not expensive.
Palo Alto Networks WildFire is a highly effective cloud-based advanced threat protection (ATP) solution that organizations in a wide variety of fields trust to help them keep safe from digital threats. It is designed to enable businesses to confront even the most evasive threats and resolve them. It combines many techniques to maximize the level of threat protection available to users.
It IS a bit expensive, but I think you get what you pay for. Value is there.
It's not particularly cheap, but it is absolutely worth it.
It IS a bit expensive, but I think you get what you pay for. Value is there.
It's not particularly cheap, but it is absolutely worth it.
Cynet has pioneered the security industry’s first all-in-one security platform purposely built for organizations that need the ability to effortlessly identify, block and respond to all types of attacks inside the perimeter - defending endpoints, network, files and users - without the heavy burden of deep cyber expertise and the overhead of integrating and managing multiple products. Our approach converges and brings synergy with technology: endpoint protection, EDR, vulnerability management, deception, threat intelligence and network and end-user analytics, and expertise: a 24/7 cyber SWAT team for incident response, malware analysis, threat hunting and forensics. Cynet deploys in hours and simplifies management with automated monitoring to complement any sized staff.
It gives you a high level of protection at a very good price.
Everything is included in this one solution and the pricing is pretty competitive.
It gives you a high level of protection at a very good price.
Everything is included in this one solution and the pricing is pretty competitive.
Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.
The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.
Palo Alto Networks VM-Series is a highly effective advanced threat protection (ATP) solution and firewall that can be hosted on cloud computing technologies designed by many different companies. It decreases the amount of time that it will take administrators to respond to threats. Users that deploy VM-series have 70% less downtime than those who use similar firewalls. Neither protection nor efficiency are concerns when this next-generation firewall is in play.
For what you get, it does do what it says. It is a good value for an enterprise firewall.
The licensing is pretty much like everyone else.
For what you get, it does do what it says. It is a good value for an enterprise firewall.
The licensing is pretty much like everyone else.
There are additional costs associated with the integrator.
The licensing costs is around 10,000 dollars.
There are additional costs associated with the integrator.
The licensing costs is around 10,000 dollars.
Exabeam Fusion SIEM is a cloud-delivered solution that that enables you to:
-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
Securonix Security Analytics SNYPR is a next-generation security analytics platform that transforms big data into actionable security intelligence, enabling you to take care of so much more than simply your SIEM (security information and event management) needs. In addition, it contains all of the tools that you may need to enable your organization to successfully handle both log management as well as UEBA (user and entity behavior analytics)-related tasks. The SNYPR management platform gives users the ability to combine security orchestration, automation, and response, security information and event management, network traffic analysis, and user and entity behavior analytics. This single technical environment does away with your need for multiple security, management, and analytics solutions.
We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000.
We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service.
We have a license from our 5.0, so that license just continued. We paid them the extra cloud-hosting costs for a year which were about $300,000.
We have an annual license. We pay $200,000 for the base licensing and we pay another $50,000 for the software as a service.
Log360 is your one-stop solution for all log management and network security challenges. It is an integrated solution that combines EventLog Analyzer and ADAudit Plus into a single console to help you manage your Active Directory auditing and network security easily.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
There is a cost for each feature used.
Its pricing is definitely huge compared to some of the other SIEMs. Its price should be improved.
Detect the undetectable and stop evasive attacks. Trellix Network Detection and Response (NDR) helps your team focus on real attacks, contain intrusions with speed and intelligence, and eliminate your cybersecurity weak points.
Its price is lower compared to similar solutions.
We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing.
Its price is lower compared to similar solutions.
We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing.
Microsoft Entra ID Protection uses advanced machine learning to identify sign-in risks and unusual user behavior to block, challenge, limit, or allow access.
The pricing is competitive in the SMA segment and runs $5-$6 per user.
The price of Azure AD is not expensive.
The pricing is competitive in the SMA segment and runs $5-$6 per user.
The price of Azure AD is not expensive.
NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.
It’s cheaper to run virtual machines in a VMware environment.
The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).
It’s cheaper to run virtual machines in a VMware environment.
The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).
Microsoft Entra Permissions Management is a cloud infrastructure entitlement management (CIEM) solution that provides comprehensive visibility into permissions assigned to all identities – users and workloads – actions, and resources across cloud infrastructures. It detects, right-sizes, and monitors unused and excessive permissions and enables Zero Trust security through least privilege access in Microsoft Azure, AWS, and GCP.
We are a Fortune 500 company, so we always negotiate with Microsoft.
We are a Fortune 500 company, so we always negotiate with Microsoft.
We believe the future of global identity will not be centralized in a single company or government, but rather a trust fabric of centralized and decentralized approaches. Open standards like those found in Entra Verified ID, will be required to ensure interoperability. We will leverage Microsoft’s existing penetration into F500 and governments to bootstrap and then extend from our 500M user footprint to 9B+. By leading the way, we can become the preferred provider that builds on Microsoft Entra ID's best-in-class security and compliance to now include best-in-class verifiability and privacy.
By design, XSIAM operates across both cloud and enterprise security operations, providing true end-to-end-management of threats, wherever they originate. While companies born in the cloud benefit from the scale and automation of XSIAM and the ease of integration with public cloud and SaaS telemetry, organizations with legacy SIEM deployments can seamlessly transition to XSIAM as the next-generation autonomous SOC platform.
In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate.
The solution comes at a significant cost.
In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate.
The solution comes at a significant cost.
LogRhythm UEBA enables your security team to quickly and effectively detect, respond to, and neutralize both known and unknown threats. Providing evidence-based starting points for investigation, it employs a combination of scenario analytics techniques (e.g., statistical analysis, rate analysis, trend analysis, advanced correlation), and both supervised and unsupervised machine learning (ML).
Licensing is on a yearly basis. It's not expensive compared to its competitors.
The pricing is nice when compared to other products in the industry.
Licensing is on a yearly basis. It's not expensive compared to its competitors.
The pricing is nice when compared to other products in the industry.
Silverfort is a unified identity protection platform that helps organizations protect their networks and cloud environments from identity-based attacks. The platform uses agentless and proxyless technology to continuously monitor all access of users and service accounts across both cloud and on-premise environments, analyze risk in real time using an AI-based engine, and enforce adaptive authentication and access policies.
Varonis Datalert prevents data breaches and alert on suspicious activity, stop ransomware, and defend your data from insider threats. It monitors enterprise assets for suspicious activity and unusual behavior, detecting critical events and compromised assets on your core infrastructure: Windows, UNIX/Linux, NAS, Active Directory, SharePoint, Exchange, and Office 365. It detects insider threats and cyber threats by analyzing data, account activity, and user behavior and automate responses to suspicious activity and alert on unusual behavior - using deep analysis of metadata, machine learning, and advanced User Behavior Analytics (UBA).
Licensing is on an annual basis. Maintenance and renewal fees are separate. Varonis Datalert is quite expensive.
Licensing is on an annual basis. Maintenance and renewal fees are separate. Varonis Datalert is quite expensive.
More than 90% of targeted attacks start with email—and these threats are always evolving. Proofpoint Targeted Attack Protection (TAP) helps you stay ahead of attackers with an innovative approach that detects, analyzes and blocks advanced threats before they reach your inbox. This includes ransomware and other advanced email threats delivered through malicious attachments and URLs. And zero-day threats, polymorphic malware, weaponized documents and phishing attacks. TAP provides adaptive controls to isolate the riskiest URL clicks. TAP also detects threats and risks in cloud apps, connecting email attacks related to credential theft or other attacks.
Symantec Advanced Threat Protection is a single unified solution that uncovers, prioritizes, and remediates advanced attacks. The product fuses intelligence from endpoint, network, and email control points, as well as Symantec’s massive global sensor network, to stop threats that evade individual security products. It leverages your existing Symantec Endpoint Protection and Symantec Email Security.cloud investments, so it does not require the deployment of any new agents. You can deploy a new installation of Symantec Advanced Threat Protection and start to discover suspicious activity in under an hour. Using the proven technology in Symantec Insight reputation based detection, Symantec SONAR behavioral analysis with the new Symantec Cynic sandbox and file analysis platform, Symantec Advanced Threat Protection provides better detection and prioritization than other vendors, allowing security analysts to “zero in” on just those specific security events of importance.
Pricing is good. It is nice to have a great product at a fair price.
I do not have experience with the pricing or licensing of the product.
Pricing is good. It is nice to have a great product at a fair price.
I do not have experience with the pricing or licensing of the product.
Microsoft Defender Threat Intelligence is a comprehensive security solution that provides organizations with real-time insights into the latest cyber threats. Leveraging advanced machine learning and artificial intelligence capabilities, it offers proactive threat detection and response, enabling businesses to stay one step ahead of attackers. With Microsoft Defender Threat Intelligence, organizations gain access to a vast array of threat intelligence data, including indicators of compromise (IOCs), security incidents, and emerging threats. This data is collected from a wide range of sources, such as Microsoft's global sensor network, industry partners, and security researchers, ensuring comprehensive coverage and accuracy. The solution's advanced analytics and machine learning algorithms analyze this threat intelligence data in real-time, identifying patterns, trends, and anomalies that may indicate a potential security breach. By continuously monitoring the network and endpoints, Microsoft Defender Threat Intelligence can quickly detect and respond to threats, minimizing the impact of attacks and reducing the time to remediation.
They offer two license plans: Microsoft Defender for endpoints and Microsoft Defender for businesses.
The product’s pricing is worth it.
They offer two license plans: Microsoft Defender for endpoints and Microsoft Defender for businesses.
The product’s pricing is worth it.
Microsoft Purview Insider Risk Management utilizes more than 100 ready-to-use indicators and machine learning models to effectively detect critical security risks originating from insiders, including IP theft, data leakage, and security violations. The solution enables organizations to expedite risk mitigation through enriched investigation tools and Adaptive Protection, which automatically enforces protection controls. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Uncover Hidden Threats
The product is expensive, but it is better than the rest of them in the industry.
Our licensing fees for this solution are approximately one million dollars per year.
The product is expensive, but it is better than the rest of them in the industry.
Our licensing fees for this solution are approximately one million dollars per year.
Microsoft Entra External ID, part of Microsoft Entra, provides highly secure digital experiences for partners, customers, citizens, patients, or any users outside your organization with customization controls. Combine external identities and user directories in one portal to seamlessly manage access across the organization.
Bitdefender Sandbox Analyzer is a security solution that enhances the organization posture against sophisticated or targeted attacks through advanced detection and reporting capabilities of elusive, persistent threats that try to penetrate your network.
BloodHound Enterprise is a powerful security tool designed to identify and mitigate potential risks within an organization's Active Directory environment. Its primary use case is to analyze the complex and interconnected relationships among users, groups, and computers, enabling administrators to proactively identify security vulnerabilities and prevent potential attacks.
Singularity Identity, a component of the Singularity platform, provides threat detection & response (ITDR) capabilities to defend Active Directory and domain-joined endpoints in real-time from adversaries aiming to gain persistent, elevated privilege and move covertly. Singularity Identity provides actionable, high-fidelity insight as attacks emerge from managed and unmanaged devices. It detects identity misuse and reconnaissance activity happening within endpoint processes targeting critical domain servers, service accounts, local credentials, local data, network data, and cloud data. On-agent cloaking and deception techniques slow the adversary down while providing situational awareness and halting adversarial attempts at lateral movement. Singularity Identity helps you detect and respond to identity-based attacks, providing early warning while misdirecting them away from production assets.
The price is affordable.
SentinelOne seemed to offer more while being priced lower than its competitors.
The price is affordable.
SentinelOne seemed to offer more while being priced lower than its competitors.
Dtex includes advanced user behavior intelligence. This intelligence automatically baselines normal user activity and identifies anomalies. This allows Dtex to detect and alert on the "unknown unknowns" - never-before-seen suspicious behavior.
Change Auditor Threat Detection offers a unique approach to user threat detection by modeling individual user behavior patterns to detect anomalous activity that might indicate suspicious users or compromised accounts. By analyzing user activity, using proprietary advanced learning technology, user and entity behavior analytics (UEBA), and sophisticated, scoring algorithms, Change Auditor Threat Detection ranks the highest risk users in your organization, identifies potential user threats and reduces the noise from false positive alerts. Overcome the gaps left behind by native auditing tools and keep your environment secure.
ArcSight User Behavior Analytics offers enterprises the ability to monitor and detect from internal and external security threats and fraud.
ArcSight Analytics is a bit expensive compared with other tools in terms of licensing costs, training, hardware implementation, and support.
The monthly licensing fee is around $20,000. There aren't any costs in addition to the standard licensing fee.
ArcSight Analytics is a bit expensive compared with other tools in terms of licensing costs, training, hardware implementation, and support.
The monthly licensing fee is around $20,000. There aren't any costs in addition to the standard licensing fee.
Emotet, Trickbot, GandCrab – Malware is increasingly finding its way into the email inbox of companies and organizations. CEO fraud, forged invoices and fake application emails are the most common methods used by cybercriminals to smuggle malware into corporate systems. Important files are encrypted, sensitive information is copied or confidential business transactions are monitored. Ransomware, spyware and viruses manipulate or damage operational and production processes, which can cause considerable (financial) damage to the companies targeted. With the comprehensive features of Advanced Threat Protection, even the most sophisticated cyber attacks have no chance.