Coming October 25: PeerSpot Awards will be announced! Learn more
Buyer's Guide
Security Orchestration Automation and Response (SOAR)
September 2022
Get our free report covering Splunk, Fortinet, IBM, and other competitors of Palo Alto Networks Cortex XSOAR. Updated: September 2022.
634,550 professionals have used our research since 2012.

Read reviews of Palo Alto Networks Cortex XSOAR alternatives and competitors

Technical Support Engineer at Professional Technologies Kenya
Reseller
Top 5Leaderboard
MVISION Insights enables customers to see what's out there and we're getting less false positives
Pros and Cons
  • "We get fewer false positives than with other solutions."
  • "Features such as full drive encryption are lacking in the cloud version."

What is our primary use case?

We're using this solution for its antivirus and device control. We are partners with McAfee and resellers, and I am an engineer. 

What is most valuable?

The MVISION Insights is a good feature because it gives users the ability to see what's out there, which is what our customers are looking for. I know that they are adding ISO application control which is also a good feature.

What needs improvement?

There are some features available with the on-premise version that are unfortunately not available on cloud such as encryption. For now, there is only management for native encryption and not full drive encryption. I'd like to see more integration and a lighter antivirus; most of the complaints from customers relate to the search utilization.

There needs to be more integration. Customers want to see MVISION Cloud integrated with things like SIEM, whether it's Microsoft, Fortinet, or something else.

What do I think about the stability of the solution?

The solution is stable, quite a number of our customers are running it and there haven't really been any problems. 

What do I think about the scalability of the solution?

The solution is scalable. 

How are customer service and support?

The technical support is very good and they respond quite quickly. 

How was the initial setup?

The initial setup is very easy and the system only requires one person that has reasonable knowledge to manage it. 

What's my experience with pricing, setup cost, and licensing?

I think that licensing costs are reasonable and you get your money's worth.  

Which other solutions did I evaluate?

Companies like Palo Alto and Check Point have amazing SOAR solutions; in the case of Check Point it's an EDR type solution. I think McAfee MVISION is much better now that we have things like Insights. McAfee's advantage is that there are fewer false positives compared to some of these other vendors, so I'd say they're doing well.

What other advice do I have?

There is a trade-off between the on-prem version and the cloud version. Some features that are available on-prem are not available on cloud but there are other features we can get on cloud that are not available on-prem. I believe this is a good solution and rate it nine out of 10. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Cyber Security Solution Architect at a tech services company with 11-50 employees
Real User
Top 20
Easy to create playbooks, easy to deploy, and good integration capabilities and searching methodologies
Pros and Cons
  • "I like the integration capabilities of Phantom. It has a lot of integrations with other products. Its searching methodologies are also good. It is also easy to understand and easy to create playbooks."
  • "I haven't used it fully, but based on my usage, I could not find simulation tools and features. It currently lacks simulation features, which are important for me for creating a playbook. It is also very expensive for my region."

What is our primary use case?

My primary use case was for the MITRE ATT&CK parameters. I have some experience with MITRE ATT&CK for SIEM and SOAR solutions.

What is most valuable?

I like the integration capabilities of Phantom. It has a lot of integrations with other products.

Its searching methodologies are also good. It is also easy to understand and easy to create playbooks.

What needs improvement?

I haven't used it fully, but based on my usage, I could not find simulation tools and features. It currently lacks simulation features, which are important for me for creating a playbook.

It is also very expensive for my region.

For how long have I used the solution?

I have been using this solution for one year.

What do I think about the scalability of the solution?

I didn't focus on that feature, so I cannot say anything about that.

How are customer service and technical support?

I don't have any experience with their technical support. My customer was using it in their company, and I had some experience with this solution over there while managing their security solutions, but I didn't get in touch with Splunk specialists.

How was the initial setup?

Its initial setup is straightforward. It is similar to most of the solutions. I didn't have any complexity.

What's my experience with pricing, setup cost, and licensing?

I don't know the exact price, but for my region, it is very expensive.

What other advice do I have?

I would recommend this solution, but it also depends on the price. Splunk is number one for SIEM or SOAR. Another solution that I would recommend is Palo Alto XSOAR. 

I would rate Splunk Phantom a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Security Orchestration Automation and Response (SOAR)
September 2022
Get our free report covering Splunk, Fortinet, IBM, and other competitors of Palo Alto Networks Cortex XSOAR. Updated: September 2022.
634,550 professionals have used our research since 2012.