Morphisec Reviews

We purchased Morphisec primarily to help mitigate and protect us against Ryuk ransomware back in December when that was running really rampant. The antivirus that we were using at that point was outdated. We were looking to move to a new vendor, and we needed something as a stopgap to supplement our current antivirus. Morphisec fit that bill perfectly. It had features that our antivirus did not. It had an immediate deployment and immediate return on investment that we just would not be able to get if we were to turn around and try to deploy a full-blown antivirus across the entire environment. Morphisec was quick, simple, and did not conflict with anything that we already had. It also did not cause any additional delays in our virtualized environment, which was a huge concern for our infrastructure team. It just fit perfectly.

We've detected things that our antivirus was not picking up. We had no visibility or control over anything that was running in process memory. Morphisec immediately started blocking things that should not have been running in process memory. It also gave us visibility into the Windows Defender antivirus that we did not have without increasing our Microsoft licensing and gave us some basic control over Defender as well. We previously used McAfee.

The fact that Morphisec uses deterministic attack prevention that does not require human intervention has affected our security team's operations by making things much simpler. We don't have to really track down various alerts anymore, they've just stopped. At that point, we can go in and we can clean up whatever needs to be cleaned up. There are some things that Morphisec detects that we can't really remove, it's parts of Internet Explorer, but it's being blocked anyway. So we're happy with that.

It's very important to us that it offers visibility into and control over Windows 10, native device control, disc encryption, and personal firewall. We're actually in the process now of deploying the control over the firewall so that we can consolidate to a single pane of glass for our antivirus and controls. It will help us through leveraging group policy, which can fail, especially if the machine drops off of the domain, we have a significantly larger remote than we did a year ago. We have machines that don't necessarily get the policies they need to get when they need to get them. Morphisec fixed that.

The level of control from Morphisec Guard compared to Windows 10 Native Security tools is a bit more basic than the Windows 10 Native Controls. You basically enable the firewall or you disable it, based on the various profiles. I have not yet seen a way to create exceptions in the firewall or rules and things like that but those can be pushed through group policy, regardless. As long as the firewall is enabled, it's functioning and it's doing better than if there was no policy applied at all.

Morphisec Guard enabled us to see at a glance whether our users have device control and disk encryption enabled properly. It is especially important with our remote workforce. Disc encryption is an absolute must. And the device control, USB devices, is also an absolute must.

It has reduced the amount of time we spend investigating false positives. It reduced our amount of chasing antivirus alerts by about 80% a week.

Our team's overall workload has also been reduced by about 30% on a weekly basis of our workload, we would spend a lot of time tracking alerts.

It has enabled us to take Morphisec and leverage one product where we would have had to have had at least two previously. I don't really have numbers for what that would look like. We didn't really investigate too many other vendors in that space, but it's probably at least 50% savings over what we would have needed. So it has helped us to save money on our security stack.

Some of the filters for the console need improvement. There are alerts that show up and just being able to acknowledge that we've seen those and not turn them off, but dismiss them, would be a huge benefit.

We've been using Morphisec for about six months now. It is installed on our endpoints and servers. We have a SaaS version of the console.

I've had 100% availability anytime I've needed to go look. I have not had any issues in any of our environments with the agents.

Scalability is very easy. We can just call and say that we need more licenses and they give us more licenses and we can push that agent out. It's the same executable file we have on our file shares. We just expand however many we need, to as large as we want to go.

We have about 8,000 endpoints, 2,500 servers, and 4,000 virtualized desktops.

Our next step would be to purchase the Linux agent and get that on the few Linux servers and appliances that we have.

The technical support has been fantastic. Any feature requests I've had, any issues I've run into, which have been very minimal, they've had an immediate response. Turnaround for feature requests is really, really fast. I've seen it within the next update which they do monthly. They provide great technical support. 

We looked at Bitdefender, Trend Micro, and Microsoft Defender. We are still using Microsoft Defender in conjunction with Morphisec in a small pilot group. We're still evaluating where we want to go for a true antivirus solution. So, we still have a small deployment of Defender.

Deployment was the biggest difference between Morphisec and the other solutions. It was far simpler to deploy Morphisec without having to remove another antivirus, without having to make a large-scale project, or look for compatibility. It works on all supported operating systems. It works in conjunction with other antiviruses. We didn't have to create exceptions and there were no conflicts with the antivirus we were running and Morphisec. So that really helped us make that decision, purchase this, roll it out, and have it supplement our existing technologies. And it gave us an almost immediate return on investment.

The initial setup was very straightforward. We deployed it via group policy. We had it deployed across the entire environment in about three days.

There are no additional costs to standard licensing. We've had full support. I get biweekly calls with my technical account manager and we purchased the licenses for everything we needed for a single cost.

If you have the ability to get Morphisec into their environment, it's going to be a hundred percent return on investment. I would recommend it every time.

If you can, get it and run with it, because it's great. It's been eye-opening, the things that other antiviruses were missing, and we've seen it protect against zero days. We've seen it protect against ransomware that other antiviruses have not even seen.

I would rate Morphisec a ten out of ten. 

We do a multi-layered security approach. Morphisec is really our last layer of defense. It is our insurance policy. So, if a vulnerability gets through the user, network security layer, and antivirus, then Morphisec will then come into the fight.

We have it deployed across all of our workstations and server environments. We have 800 workstation licenses and 75 server licenses. 

Right now, we are using 100% on-prem. We have just converted to Office 365. With that, we will be doing cloud hosting as well

In the last month, we have had two instances that Morphisec stopped, one with Internet Explorer (IE) and the second with another update. We don't know the specific vulnerability that was exploited. We shouldn't be using Internet Explorer here. So, it notified us:

1. We had a user using IE.
2. It prevented something. 

I don't know what vulnerability within IE that it was attacking, but it did go to attack a vulnerability, and Morphisec prevented that.

Morphisec makes use of deterministic attack prevention that doesn’t require investigation of security alerts. It changes the memory locations of where certain applications run. If you think of Excel, opening a PDF, running an Excel macro, or opening a web page and clicking on a link, all of those actions run in a certain area of memory. Morphisec changes the memory locations of where those run. 

If an attack comes in and the hackers are doing a vulnerability on an Excel macro, for example, they know macros are always deployed in a certain area of memory. They write their hacks to that area of memory. Morphisec removes that area of memory and deploys all macros into a different place. When the macro goes to run, it runs in that old area of memory, which no longer is running Excel macros. It basically goes to deploy and blows up, so nothing happens. By morphing the memory location, the hack still gets through, i.e., it doesn't stop the hack from getting through. However, when it goes to run, it doesn't do anything. From that standpoint, it's really looking at: If something happens, it is the last line of defense. 

We have a number of other applications that are more forward-thinking where we are looking at logs and training people as well as doing network security. But if a hacker actually gets through all of those different protocols and goes to deploy a vulnerability or malicious piece of code, it will deploy but not do anything. The reason it won't do anything is because Morphisec has moved that process to a different area. So, it is really after the fact. 

Morphisec is really good about sending us alerts of security incidents that have happened in the world, saying, "Okay, here is an incident that is happening. It is a zero-day and Morphisec protected it in our labs." They send those out as they come up. I usually get one a week. 

We heard there was a company that had deployed Morphisec on most of their servers, but not all of their servers. They actually got hit by a hacker. All of their servers that had Morphisec running were 100% protected. All of the servers that did not have Morphisec got hit. From my standpoint, we have Morphisec across the board. We are acquiring a few other companies, and one of the first things that we are doing is deploying Morpiesec to all the servers and workstations in those other companies.

What it does is valuable. A vulnerability might be able to potentially get through and still not be able to run. This is not a question of "If," but a question of "When" someone will get through. If they do get through into our environment, we are comfortable knowing that our last line of defense is Morphisec. A lot of times, without Morphisec, we wouldn't know until we knew. You either get the encryption or it could take a long time to understand. This solution is more of a peace of mind for us.

Morphisec stops attacks without needing knowledge of the threat type or reliance on indicators of compromise. Their development team has developed the security capabilities over a large number of different vulnerabilities, e.g., Adobe Acrobat or Excel macros. We don't have to be experts on any of these. More importantly, the zero-days concern me. All our other security software says that they can stop zero-day threats, but hackers are really good and this is really profitable for them. When the zero-day threats actually get used, it's nice knowing that we have Morphisec. 

We don't have false positives with Morphisec.

From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time.

I tried to sign up for something, but I am still not getting any alerts when Morphisec releases a new version or when our console has been updated. So, I would like to be cognizant when any changes are being made or feature enhancements are added. It would just be helpful to be alerted when that stuff comes out.

Until we migrated to their cloud platform, I wasn't even aware that some of the updates were being pushed out. Then, I came to find out that we were two iterations behind a major release. So, getting those updates or bulletins are very helpful.

If I look at the dashboard, I can see one or two applications hit every once in a while for things like Internet Explorer or some Visual Basic Scripts. I can see that stuff is being prevented, but I don't know exactly if it is securing us in any way that we wouldn't have already had in place. Overall, I don't know 100% if it's increasing our security posture, but it does give us a nice peace of mind.

We have been using it for two years.

It seems very stable and rock-solid because it is not causing any issues.

I don't require any maintenance on our side.

There haven't been any issues with scalability since we have been on the cloud platform. We do not have to maintain the on-premises servers anymore. It is hosted in an AWS environment, which should be pretty easy to deploy once we add more employees.

Our technical resource is the solo admin at this current time. Two other people have access, but there is not much that we look at or review on it. We just make sure it gets deployed on all our endpoints. That is the only thing we really monitor. As for looking at the console, unless there is something that we need to look at, we are not really reviewing it.

We get security bulletins and an email that says, "Hey, this vulnerability just took down whatever company." So, we get technical bulletins that say, "This new zero-day vulnerability just came out, we have tested and stopped it."

The technical support is pretty solid. I did have some issues after we migrated from versions, switching to the cloud version. I ran into a few deployment issues that turned out to be a bad package. They were able to help me with that. They have been pretty good. Anytime I have an issue or question, they are pretty responsive.

Before Morphisec, we did not use anything greater than our normal antivirus or malware protection.

The initial deployment was pretty straightforward. It was basically just following the included documentation and working with the admin at the time. We set up a package to push the install out to all our machines. Then, anything that was outside the default library. I added to the protector plan. Certain applications, like Notepad, weren't included in the original deployment. This is stuff that is specific to our environment, like Power BI.

Our deployment took about two weeks.

My technical resource was the one who implemented Morphisec.

It has given us peace of mind that we won't be on the news. We do a good job with backups, but if we don't have to use them, that is much better. If the federal government and major corporations who have full-on security teams can get hacked and are vulnerable, then I am not going to say we are not vulnerable. So, for us, it is just a question of when. With Morphisec, at least when it does happen, I feel confident that we have in place solutions that will not only prevent it, but also let us know when something has happened.

Morphisec has 100% enabled our team to focus on other responsibilities or affected productivity. It has reduced our workload by one full-time employee. 

Our return on investment is that we haven't needed to have a full-time employee manage it. It hasn't taken away from our other initiatives. Efficiency is really where the savings is. We are getting peace of mind at a decent cost. We can see it working, and it doesn't take full-time resources to manage it.

It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately.

Through the years, we looked at Darktrace as well as two or three others. They came with astronomical price tags, while I think Morphisec hit the better price point.

It was not just the initial price tag, but the number of people required to manage the solution. On some of the other solutions, we were able to knock down the pricing considerably, but we needed one to two full-time employees, which we don't have, just to manage the solution. With Morphisec, our technical resource is the main person who works on it. He spends less than two percent of his time managing Morphisec. It is plug and play. It doesn't take a lot of resources, which gives us more time savings as well as being more efficient.

Ease of implementation and ongoing management of the solution were the two top priorities. Our secondary priority would have been cost.

Make sure you implement it on all machines, workstations, and servers. Don't buy it and miss some machines.

Morphisec says they haven't been hacked. From the instances that I have seen when doing research, I find that to be true. Time will tell, but so far it has been working for us.

We will be implementing the Morphisec Guard probably next month. We are just rolling out Microsoft Defender right now. We are evaluating it now. I think we have also started replacing our former antivirus. 

Windows Defender and Morphisec go hand in hand, at least from an antivirus standpoint. Morphisec was built to work with Defender, and Defender is a pretty good product. So, that is what we will be using moving forward. From an antivirus standpoint, we just switched our antivirus to Defender within the last month. Between Defender and Morphisec, we don't really have another antivirus need after that.

I would rate this solution as a seven or eight out of 10.

We use version 4. It's not the absolute leading edge, but it was the first version that they supported with Linux.

We use both environments to protect our corporate Windows assets and we also use them to protect our production Linux servers. We're using an on-prem option where we installed the Morphisec server on one of our own pieces.

Our primary use case of Morphisec is to prevent in-memory attacks that would be conducted from ransomware. It's used for frontline and back-end protection. We have it installed on our front-facing web servers and on the backend database servers as well.

Morphisec has given me a lot more visibility into if my employees are actually encountering ransomware. Luckily, to date, we have not actually had any positives come through. We have had false positives, but at least it has given me the peace of mind that upon the investigation that we have not been exploited or have had ransomware, for that matter.

In the future, it'll help me with ensuring that viruses are not inundating our machines as well. Right now I have to go through a separate interface for that.

Morphisec makes use of deterministic attack prevention that doesn't require the investigation of security alerts. Anything that's suspected gets blocked immediately on the machine, which is nice. It allowed us to go back and see what was going on in that situation. And if it was in fact a false positive, then either we figure out a different way to execute whatever the person was trying to do or we can whitelist the event.

Morphisec does not save us at this point from paying for a higher-tier license to get visibility into Defender AV alerts. I'm sure once we get upgraded, absolutely it will, from what I've seen.

It reduced the amount of time we spend investigating false positives. In the past, we haven't had any legitimate ransomware attacks, all we have had is a false positives pop-up. But knowing that ransomware, once it's on a machine, pretty much tanks it, I'd say it saves me hours upon hours of having to recover individual machines, and of course, it could become exponential requirements if there was more than one machine affected. At the very least when it could be one server, it would definitely save me hours of labor up the scale if I had 80 machines that I had to fix. But, that would be a serious time issue. The protection itself saves me potentially an exponential number of hours trying to recover the organization.

Morphisec reduced our team's workload. Instead of having to go to multiple UIs, or instead of having to do manual investigations, I should say rather. It's at least put stuff to the forefront. More so, after we do the upgrade. 

Morphisec has absolutely helped save money on our security stack. The ransomware at the end of the day can cost organizations millions upon millions of dollars. Investing in tools like Morphisec is a great reduction in that cost. If I can spend $10,000 in a year to protect assets that could be ransomed for $20,000,000, that's definitely a bet that one should pursue. Morphisec absolutely it's worth the investment.

It gives us 99% peace of mind in terms of knowing our systems are not being ransomwared. Once we get the upgrade, I'm sure it'll give me much more peace of mind in terms of the antivirus functionalities, knowing that there are no viruses on our machines, as well. But, for now, the only thing I can definitively say is that it gives me confidence that in terms of ransomware attacks, we are not going to be susceptible.

The in-memory attack features have been the most valuable. As we transition to a newer version, I'm excited to see the antivirus reporting functionality search come into effect. We are planning on updating and renewing our contract with them.

My company offers online and mobile banking services. Much like your own bank or credit union, the company has apps and a web interface and provides that to various credit unions and banks. As such, we have direct connections into the various financial institutions' banking courses. We see our environment as a prime area, or vector of attack against this course. We've installed Morphisec over two different production data centers, and it's hooked into our workstations. 

Morphisec's new version provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. The version that we're on right now does not. That's one of the things I'm excited about getting in the upgrade.

This is extremely important to my work. My team is very small. We have four guys across two data centers. Our data centers are through Rackspace, but we are the primary people that interface it. We have a team of four people that own those two data centers and make sure services are functional. We have a small team and having as much information in one basic user interface is critical.

The ease of use is great. It's a basic UI. It clearly tells us how many of our agents are checked in and how many are not. It gives us a very simple UI to be able to see attacks over time-series data, and to be able to drill down very quickly to see which assets or computers are affected. We can see what user was on there and what application was at play. So, in terms of being able to drill down really quickly, they're great.

It would be useful for them if they had some kind of network discovery. That kind of functionality I think would give IT administrators a little bit more confidence that they have 100 percent coverage, and it gives them something to audit against. Network discovery would be one area I would definitely suggest that they put some effort into.

I have been using Morphisec for around a year and a half. 

So far it's been extremely stable. Their UI has never crashed once. The agents do check in regularly. Overall, I have not had a single issue with them which is the way it should be.

We have the Ansible playbook for doing the automated install on Linux. At this point, we tell it what server to install to and it does it. In terms of scalability, it's really easy. It's pretty straightforward.

There are four users using this solution including the director of DevOps, the director of Software Engineering, and we have a DevOps Engineer and a Corporate IT Engineer.

The DevOps side folks and the software engineering guy are focused mainly on what our production systems are saying through the UI here, while the corporate IT guy is focusing much more on the Windows workstations. That said, if we do notice an attack, all four of us come together to analyze what we're seeing there.

We don't require any staff for deployment and maintenance.

At this point, we have to do the installations of any updates to the Morphisec server, or the Morphisec clients. But for that one person is enough to handle that. It's either me or the IT administrator, but it's really not that painful. 

The Windows corporate machine is the weakest spot because we don't have automation configuration managers for the Windows side. But, on the Linux side, as far as running updates, it's very straightforward. A couple of commands and run through the Samson playbook and off it all goes.

We do have plans to increase usage. So, as we transitioned to AWS, we're planning on having them with us right off the bat. 

It's critical to our security portfolio. 

We contacted technical support a couple of times towards the start, and just had to do with installation. When we first started working with them, it was using a release candidate of their latest stuff. So, it was just a couple of back and forth exchanges, but they were very attentive and forthcoming.

The setup was straightforward. With our Linux environment, our production Linux environments, we were able to deploy using Ansible playbooks to automate, and then on the windows side, they have a number of options available to us. However, because we don't have, on the corporate side, any kind of configuration management tool or whatever, I did have to have my IT admins go in and run a PowerShell script that made the appropriate calls for set up scripts so that they're set up. In terms of our own windows deployment, it was more of a manual process. But, I can tell you from experience with larger organizations and all as well, that the packages that were provided to us could have easily been loaded into a configuration management tool and pushed out much more automatedly.

Once we had things going, I mean, we had everything installed I think, in a total of 10 minutes. That's running these installations concurrently of course, or in parallel. And on the windows side, I'd say over the course of a week, we are able to manually go into all of our workstations and get this installed. Being the COVID environment that it is right now, a lot of our employees are working remotely. A lot of that overhead in that week was simply negotiating when we can actually have the employee make their machine available, remotely.

Our first and foremost deployment was on our Linux front-end servers. We're thinking, get our production environment for a layer of protection right off the bat. So, we protected our web front end as most attackers would be coming through the front door, essentially, aka those web boxes. So, we figured that if we deployed there first that we'd get a nice level of protection.

From there, we did the installations of the windows front end or the endpoints of the window on the corporate side, just to make sure that employees that would be interfacing our source code, or our production environments, would have protection in place, not only to protect their own assets but to also protect the rest of the network that they'd be interfacing with. From there, we went back and upgraded or installed the backend Morphisec agents.

We did our own deployment.

If there was a valid attack one could easily say that they could have tried to ransom us 20 million dollars.

We pay per year, and per endpoint. So, if it's a Windows server, it has its own skew. Versus, a Linux server has its own skew. Pricing is a little bit different between those.

To cover 100 Windows endpoints we're at $5,699. It all comes with the annual maintenance and support crew.

We had looked at a couple of options, but none of them actually seemed to be really what we were looking for because Morphisec handles everything in-memory as things are going. Whereas it seems like a lot of those other tools out there, like Kaspersky and the like seem to be more reactive.

My advice would be to really consider the reality. It's not a question of if you're going to get attacked by ransomware, it's a question of when. And while this seems like something that would be easy to kick down the road, in terms of evaluating the overall battlefield if you will, a ransomware attack will take down your organization. There's no doubt about it.

I would advise you to realize that with that inevitability and how much of your environment it can takedown or render useless. This would probably be one of the higher, first choices, and first endeavors you should make as you go into your source of security portfolio.

The biggest takeaway from this that I've had is, never underestimate would-be attackers. You have something on the internet, they're going to go for it. The other lesson I've learned is that sometimes users of computers do weird things, or do things differently than others would normally. That leaves the door open for would-be attackers of having tools like this in place. It will help you avoid headaches down the road.

I would rate Morphisec a nine out of ten.

We've been using Morphisec as a layered defense in our security plan. We have beefy firewalls and another antivirus; Morphisec isn't technically an antivirus. It's a protection agent. It's one of the layers of our security plan. We use it to defend ourselves from any sort of CryptoLocker attacks or ransomware drive-bys, and it should catch auto-executes that come from ads. We haven't been breached, as far as I'm aware.

We started with it on-prem and we had no complaints. It made sense. A cost analysis was done and on-premises cost less than the cloud, which is how things normally are. We used our own network so the cost was cut because they didn't have to use any of the load on their servers or network. It was all on us. But about a year ago they approached us and we were torn away from the on-premises solution. They made such a compelling cost-savings case for us to go to the cloud that it made sense to go to the cloud. We also got another service from them along with the protector, some sort of BI.

We're using it on all of our endpoints, servers and desktops that users touch. For servers that don't get touched by users, we don't have Morphisec on them because we just don't need it.

I wouldn't be doing Morphisec any favors saying, "Well I can't tell if it's working because the rest of our security posture seems to be taking care of anything else that gets through." Maybe it's not working at all. I can't tell. It would be useful to set up a virtual machine—and this is something I should bring up with our Morphisec person—and get some triggers that are actually on our dashboard so we can prove to management that Morphisec is doing what they said it was going to do. Worst case scenario, we have an infected virtual machine that I just blow away. The short answer is that we haven't seen it protect us from something yet. 

It hasn't taken anything off my plate. It's just a "gun under my pillow at night". It's something that we can tell our cyber-insurance people, "We have this, and this was used." In "Pretend-Land," where we got compromised, we can say, "We have all these layers of security and it managed to get through all of them, so we did our due diligence. Now please pay us for our losses."

What's valuable is really the whole kit and caboodle of the Morphisec agent. What it does is genius, in a way, until the bad guys get wise to it. You set it up and then you watch the dashboard. There isn't really much tinkering. As long as you did the install correctly, it should be pointing at your server and it will tell you a bunch of information on each client.

We have only had four attacks in the last year, "attacks" being some benign PDF from a vendor that, for some reason, were triggered. There were no actual attacks. They were just four false positives, or something lowly like adware. There have been false positives with both the on-premises solution and the cloud solution.

I'd rather see false positives than not seeing anything. If I see nothing then I literally cannot tell if it's working or not. But there are some false positives that are ambiguous enough to be caught.

We have been using Morphisec for about two years.

I don't look at the dashboard every day, but the on-premises solution was flawless. If the network was down between the clients and the server in our local area, we would be in trouble. But Morphisec's AWS implementation has been stable as a rock.

I believe it's scalable. I don't know what the upper limit is. Our company is a medium-sized business, with about 100 end-users and 500 employees in total. Morphisec easily holds those 100 users.

All the end-users are using the solution, meaning the solution is attempting to protect them from the silly mistakes that they make. But there are only two of us who actually look at the dashboard.

The business is growing so we do increase the number of clients. Whenever we add a new computer, we add Morphisec to it. Once we get to version 5, we'll revisit the ATP integration.

We didn't have a solution before Morphisec for this specific layer of defense, for the CryptoLocker/ransomware niche. We had an antivirus.

The demos worked great. They would open a bad file on a virtual machine and we watched the CryptoLocker being stopped in real time. It's hard to compare with that.

The initial setup was definitely straightforward. It has to go on every computer. There's a different installer for desktops versus servers. You just choose which one is which. We use PDQ Deploy, and a script that the onboarding technician helped us with, and it worked. It ran perfectly. We even have scripts for uninstalling it and installing the newer version, and Morphisec assisted us with that. It was definitely easy to do.

Before I saw the version 5 update and the notes on that, about how it's going to update automatically, I'd say the implementation was a slight pain. It wasn't a huge pain but you can't really get away from how you have to install this on all your computers. However, they actually made that process very easy, and I can do it with just a couple clicks to almost an entire organization, as long as computers are online.

Over the course of a day, it took about two hours to get the script going and select all the computers for each kind of installer. I kept running it over the course of the day because certain computers would be turned off or they were restarting. I had to do a good couple of runs of it, but it was very simple and quick.

Since there was nothing already doing what Morphisec does, on the computers, and Morphisec plays well with the current antivirus that we are using, we just installed on each computer remotely and it started working. We watched the dashboard fill right up in a matter of minutes.

We're not on the latest version but I'm actually excited for the latest version because it will do away with the manual updating process. The clients will start to update themselves. We will have to wait until one of our Morphisec representatives reaches out to us so that we can get the installer for the newest version. Version 5 is where it begins self-updating. Until now, I've had to manually update each time we wanted to do an update. The new one will mean I won't need to be worrying about updating or if the versions are out of date.

In terms of working with the solution, if Morphisec says, "Hey you're going over the number of licenses," we look to see how many are offline and we look at the versions. We look at it just to make sure that everything is going okay. We have alerts for when there's a threat. We get emailed saying, "Hey, look at this. There's a threat going on on XYZ computer."

I haven't seen ROI because I haven't seen a threat that it has protected against, exactly. If you're always wearing a bulletproof vest and you never get shot, was the vest worth it? I'd rather have it than not have it.

We looked across the rest of the security field and we spent more money on Morphisec than other solutions that do a similar thing, but the demos that we've seen were impressive enough to sway management. The technology behind it is clever enough for us to think it's cutting edge. It didn't save us money but we spent money on it because we thought it would be a good product.

The way that they explained how their solution works was more in-depth than other solutions that we were looking at. It looks cleaner. It has a good UI for the dashboard. It's not overbearing with security tabs and a lot of other stuff. It tells you, "Here's the list of all of your protectors. Here are all the threats. Here's the dashboard that gives you a little bit of everything," but not in an overwhelming way.

It sells itself, honestly. My advice to others looking into implementing Morphisec would be to use PDQ Deploy. The hardest part was getting all of the endpoints protected in a timely manner, but Morphisec assisted us with that. They suggested PDQ Deploy, which is a great tool. Implementation went so smoothly because of that.

Morphisec provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard, although we're not currently utilizing that feature. We're definitely interested in it. The reason we're not using it is because you have to purchase the upgraded version of Defender for Microsoft. We thought it was the regular Defender that each one comes with, but it's actually ATP, Advanced Threat Protection. That's what integrates with Morphisec. We're just waiting for the CFO to say, "All right, who wants a bigger budget?" and we'll say, "Yes, us, please: ATP." We would do it if we could bend our CFO's arm to get that kind of protection.

Our primary use case is to have it for more protection than Defender can give us. We wanted more protection against the threats that are out there with malware and ransomware being the biggest. It's to supplement threat protection in addition to having Microsoft Defender. 

We only use the agent. We've transitioned from on-prem to the cloud this year.

We haven't had an issue since we've had Morphisec, so it's working. If we see something, we'll ask them about it, and then if we need to, we'll look at the machine. Generally though, if we find something, we tend to re-image a machine as opposed to fixing it. We just wipe it.

Morphisec gives me even more than Microsoft can give me, even if I were to pay. It doesn't technically save us money because we're paying for a Microsoft package that comes with Defender. 

It has reduced the team's workload by a couple of hours a week. It also saves money on our security stack. It's cheaper than others. It saves between $10,000 to $15,000 yearly. 

We liked the ability to see both the Defender and Morphisec through a single console to see the problems that might be going on.

It provides full visibility into security events and from both solutions in one dashboard. I'm not a big security guy, if I have a threat that looks like there's a problem, I will ask Morphisec to dissect it for me, and tell me what might be happening. Because it tends to be all hash codes, so I can tell what's going on. They've been pretty good with that.

I haven't been able to get the cloud deployment to work. When there's an update, I'm supposed to be able to roll it out for the cloud solution, but right now I'm continuing to use our SCCM solution to update it.

I have been using Morphisec for a year and a half. 

They've been very good. We've been able to see any problems that we have easily. We've been able to deploy new solutions. The migration from on-prem to cloud was very easy because Morphisec did it for us. They migrated the data. When I do have problems, if I need it, I can call them. They've been right there for me.

The agent that is installed on the endpoints stable doesn't take up a lot of resources. 

I haven't had any problems scaling it. I only have about 3,100 devices to deploy it to plus seven servers. 

In terms of maintenance, I just look at the reports and see what's happening and if there's something that's going to need attention.

Technical support was very helpful. I just told them I had a problem and they went and found the solutions.

I have had other solutions. We were just on the Defender and we added Morphisec to that. 

The initial setup was straightforward. For the original, we built the on-prem solution, which was a single install that they provided, and then we deployed our clients through our SCCM. We just did it with an MSI file. It was very straightforward. It took half a day. 

We deployed it ourselves. 

The ROI is that we haven't had any outbreaks. It's working.

Pricing was competitive. There were no additional costs to standard licensing. 

We looked at a full Malwarebytes deployment and Sophos. We liked the price and then supplemental for the Defender since we were already paying for Microsoft.

We were going to be required to remove Defender, which would have been extra steps, and that almost never goes smoothly. Plus we were concerned about the size of some of the clients and how well they were going to perform for us. They had older machines.

It's been a good experience. Morphisec has been helpful and we haven't had any outbreaks since running it. The install was easy. Updates have been pretty easy.

I would rate Morphisec a ten out of ten.