Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
VMware Carbon Black Endpoint Security is a comprehensive endpoint protection platform (EPP) designed to safeguard enterprises from advanced cyber threats, malware, ransomware, and other forms of malicious attacks. Leveraging cloud-native architecture, it provides a robust set of tools to detect, prevent, investigate, and respond to cybersecurity incidents across environment. The solution stands out for its advanced behavioral analytics, real-time threat hunting, and customizable policies, making it a preferred choice for businesses seeking to fortify their defenses in the evolving cybersecurity landscape.
The cost/benefit factor has great relevance in Cb Defense implementations.
I am not really involved in the pricing of this product. But, from my understanding, it is OK for us.
The cost/benefit factor has great relevance in Cb Defense implementations.
I am not really involved in the pricing of this product. But, from my understanding, it is OK for us.
Palo Alto Networks delivers a complete solution that helps Tier-1 through Tier-3 analysts and SOC managers to optimize the entire incident life cycle while auto documenting and journaling all the evidence. More than 100+ integrations enable security orchestration workflows for incident management and other critical security operation tasks.
There is a perception that it is priced very high compared to other solutions.
From the cost perspective, I have heard that its price is a bit high as compared to other similar products.
There is a perception that it is priced very high compared to other solutions.
From the cost perspective, I have heard that its price is a bit high as compared to other similar products.
Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.
I do not have experience with the licensing of the product.
In terms of cost, this is a good choice for our needs.
I do not have experience with the licensing of the product.
In terms of cost, this is a good choice for our needs.
Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats.
I don't know the exact price, but for my region, it is very expensive.
In my opinion, the price is high, but if you want good products, you have to be willing to pay for them.
I don't know the exact price, but for my region, it is very expensive.
In my opinion, the price is high, but if you want good products, you have to be willing to pay for them.
Exabeam Fusion SIEM is a cloud-delivered solution that that enables you to:
-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
ThreatConnect Threat Intelligence Platform (TIP) is a comprehensive solution designed to help organizations effectively manage and analyze threat intelligence data. With its advanced capabilities, TIP enables users to collect, enrich, and analyze threat data from various sources, providing valuable insights and actionable intelligence.
One of the key features of TIP is its ability to aggregate threat data from multiple sources, including open-source feeds, commercial feeds, and internal sources. This allows organizations to have a holistic view of the threat landscape and identify potential risks and vulnerabilities. TIP also supports the integration of third-party tools and feeds, further enhancing its capabilities.
TIP provides powerful enrichment capabilities, allowing users to enrich threat data with additional context and information. This includes the ability to automatically correlate threat data with indicators of compromise (IOCs), threat actors, and other relevant information. The enrichment process helps organizations gain a deeper understanding of threats and enables them to make more informed decisions.
With its advanced analytics capabilities, TIP enables users to analyze threat data and identify patterns, trends, and anomalies. This includes the ability to perform advanced queries, create custom dashboards and reports, and visualize data in a meaningful way. These analytics capabilities help organizations identify emerging threats, prioritize response efforts, and proactively mitigate risks.
ThreatConnect Threat Intelligence Platform also provides collaboration features, allowing users to share threat intelligence with internal teams, partners, and the broader security community. This includes the ability to create and manage secure communities, share indicators and reports, and collaborate on investigations. By fostering collaboration, TIP helps organizations leverage collective intelligence and improve their overall security posture.
The price of this product is in the mid-range, not too expensive, nor inexpensive.
The price could be better.
The price of this product is in the mid-range, not too expensive, nor inexpensive.
The price could be better.
Fortinet FortiSOAR (Security Orchestration, Automation, and Response) is a comprehensive security operations platform created to help SOC teams effectively respond to the growing volume of alarms, repetitive manual tasks, and resource shortage. This patented and customizable security operations workbench provides companies with automated playbooks, incident triaging, and real-time remediation to identify, defend, and counter threats. FortiSOAR effortlessly integrates with more than 350 security products and performs more than 3,000 actions to increase SOC team productivity. With this solution, response times are accelerated, containment is simplified, and mitigation times are cut from hours to seconds.
Pricing is fine compared to other solutions.
The solution offers both licensing and subscription models that are similar in price to other products.
Pricing is fine compared to other solutions.
The solution offers both licensing and subscription models that are similar in price to other products.
Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness XDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.
They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend.
It is highly scalable. It can be bought based on your requirements.
They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend.
It is highly scalable. It can be bought based on your requirements.
The Resilient Incident Response Platform (IRP) is the leading platform for orchestrating and automating incident response processes.
It is very expensive.
There is a license you need to pay for in order to use this product.
It is very expensive.
There is a license you need to pay for in order to use this product.
Compared to other Antivirus products, the cost of this solution is a bit high.
This solution is priced in the mid-range.
Compared to other Antivirus products, the cost of this solution is a bit high.
This solution is priced in the mid-range.
Trellix Helix is a cutting-edge product that revolutionizes the way businesses manage their data and streamline their operations. With its advanced features and user-friendly interface, Trellix Helix offers a comprehensive solution for businesses of all sizes. One of the key features of Trellix Helix is its powerful data management capabilities.
It could be cheaper, but that applies to every product.
FireEye Helix is a little expensive.
It could be cheaper, but that applies to every product.
FireEye Helix is a little expensive.
Swimlane is a leader in security orchestration, automation and response (SOAR). By automating time-intensive, manual processes and operational workflows and delivering powerful, consolidated analytics, real time dashboards and reporting from across your security infrastructure, Swimlane maximizes the incident response capabilities of over-burdened and understaffed security operations.
Tines helps the world's most security-conscious companies automate their repetitive workflows. With a laser-focus on automation, Tines is powerful, flexible, and robust enough to run all of the security team’s critical workflows.
Siemplify offers the ability to: Manage security operations from a single platform, build repeatable, automated security processes, and track, measure and improve SOC performance.
The cybersecurity landscape is growing more complex by the day with the arrival of new threats and new tools supposedly designed for combating them. The problem is it’s all creating more noise and confusion for security professionals to sort through.
I've told CRITICALSTART that I think the managed service they provide is cheaper than it should be. It's a really good deal.
It costs a lot for what we felt comfortable to spend.
I've told CRITICALSTART that I think the managed service they provide is cheaper than it should be. It's a really good deal.
It costs a lot for what we felt comfortable to spend.
With InsightConnect, your team will get more done and respond to security events faster than ever before. And with significant time savings and productivity gains across overall security operations, you’ll go from overwhelmed to operating at maximum efficiency in no time flat.
No defense can stop every attack. When something does get through, Proofpoint Threat Response takes the manual labor and guesswork out of incident response to help you resolve threats faster and more efficiently. Get an actionable view of threats, enrich alerts, and automate forensic collection and comparison. For verified threats, quarantine and contain users, hosts, and malicious email attachments - automatically or at the push of a button.
It's quite affordable to have it with this much functionality and ease to administrate.
It's quite affordable to have it with this much functionality and ease to administrate.