Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
VMware Carbon Black Endpoint Security is a comprehensive endpoint protection platform (EPP) designed to safeguard enterprises from advanced cyber threats, malware, ransomware, and other forms of malicious attacks. Leveraging cloud-native architecture, it provides a robust set of tools to detect, prevent, investigate, and respond to cybersecurity incidents across environment. The solution stands out for its advanced behavioral analytics, real-time threat hunting, and customizable policies, making it a preferred choice for businesses seeking to fortify their defenses in the evolving cybersecurity landscape.
The cost/benefit factor has great relevance in Cb Defense implementations.
I am not really involved in the pricing of this product. But, from my understanding, it is OK for us.
The cost/benefit factor has great relevance in Cb Defense implementations.
I am not really involved in the pricing of this product. But, from my understanding, it is OK for us.
Palo Alto Networks delivers a complete solution that helps Tier-1 through Tier-3 analysts and SOC managers to optimize the entire incident life cycle while auto documenting and journaling all the evidence. More than 100+ integrations enable security orchestration workflows for incident management and other critical security operation tasks.
There is a perception that it is priced very high compared to other solutions.
From the cost perspective, I have heard that its price is a bit high as compared to other similar products.
There is a perception that it is priced very high compared to other solutions.
From the cost perspective, I have heard that its price is a bit high as compared to other similar products.
Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats.
I don't know the exact price, but for my region, it is very expensive.
In my opinion, the price is high, but if you want good products, you have to be willing to pay for them.
I don't know the exact price, but for my region, it is very expensive.
In my opinion, the price is high, but if you want good products, you have to be willing to pay for them.
Exabeam Fusion SIEM is a cloud-delivered solution that that enables you to:
-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
ServiceNow Security Operations is a cutting-edge security solution designed to elevate organizations' security incident response (SIR) processes through automation and orchestration. Going beyond traditional SOAR, this comprehensive Security Operations Suite integrates seamlessly with other ServiceNow products and offers a wide array of features. Its components include Security Incident Response (SIR), which automates incident workflows and offers pre-built playbooks; Security Configuration Compliance (SCC), continuously scanning and automating compliance tasks; Vulnerability Response (VR), prioritizing and remediating vulnerabilities; Threat Intelligence (TI), aggregating threat data for proactive threat hunting; and additional features like IT Service Management integration, Machine Learning and AI, reporting, and a mobile app. The benefits span improved incident response speed, reduced mean time to resolution, increased security posture, enhanced compliance, collaborative synergy between security and IT teams, and operational cost reductions.
This product is a good value for the money.
The solution is more expensive than BMC Remedy, the other ITSM tool available in the market.
This product is a good value for the money.
The solution is more expensive than BMC Remedy, the other ITSM tool available in the market.
Fortinet FortiSOAR (Security Orchestration, Automation, and Response) is a comprehensive security operations platform created to help SOC teams effectively respond to the growing volume of alarms, repetitive manual tasks, and resource shortage. This patented and customizable security operations workbench provides companies with automated playbooks, incident triaging, and real-time remediation to identify, defend, and counter threats. FortiSOAR effortlessly integrates with more than 350 security products and performs more than 3,000 actions to increase SOC team productivity. With this solution, response times are accelerated, containment is simplified, and mitigation times are cut from hours to seconds.
Pricing is fine compared to other solutions.
The solution offers both licensing and subscription models that are similar in price to other products.
Pricing is fine compared to other solutions.
The solution offers both licensing and subscription models that are similar in price to other products.
Detect file exfiltration via web browsers, USB, cloud apps, email, file link sharing, Airdrop, and more. See how files are moved and shared across your entire organization – without the need for policies, proxies or plugins. Incydr automatically identifies when files move outside your trusted environment, allowing you to easily detect when files are sent to personal accounts and unmanaged devices.
They were the best solution and surprisingly enough, the cheapest.
It is 100% worth the cost to get and keep the support, especially when setting it up.
They were the best solution and surprisingly enough, the cheapest.
It is 100% worth the cost to get and keep the support, especially when setting it up.
The Resilient Incident Response Platform (IRP) is the leading platform for orchestrating and automating incident response processes.
It is very expensive.
There is a license you need to pay for in order to use this product.
It is very expensive.
There is a license you need to pay for in order to use this product.
Trellix Helix is a cutting-edge product that revolutionizes the way businesses manage their data and streamline their operations. With its advanced features and user-friendly interface, Trellix Helix offers a comprehensive solution for businesses of all sizes. One of the key features of Trellix Helix is its powerful data management capabilities.
It could be cheaper, but that applies to every product.
FireEye Helix is a little expensive.
It could be cheaper, but that applies to every product.
FireEye Helix is a little expensive.
Swimlane is a leader in security orchestration, automation and response (SOAR). By automating time-intensive, manual processes and operational workflows and delivering powerful, consolidated analytics, real time dashboards and reporting from across your security infrastructure, Swimlane maximizes the incident response capabilities of over-burdened and understaffed security operations.
SECDO enables security teams to identify and remediate incidents fast. Using thread-level endpoint monitoring and causality analytics, SECDO provides visibility into every endpoint along with the context necessary for understanding whether a suspicious activity is a genuine threat. Unique deception techniques force threats like ransomware out into the open early, and trigger automated containment and remediation.
Be sure of the actual number of endpoints in your company.
The price of this solution is the highest in the market, although there are no costs in addition to the standard licensing fees.
Be sure of the actual number of endpoints in your company.
The price of this solution is the highest in the market, although there are no costs in addition to the standard licensing fees.
With InsightConnect, your team will get more done and respond to security events faster than ever before. And with significant time savings and productivity gains across overall security operations, you’ll go from overwhelmed to operating at maximum efficiency in no time flat.
D3 Security provides a full-lifecycle incident management platform—one that enables multiple detection sources, enriches standards-based workflows with threat intelligence, orchestrates response, and always guides its users to conclusive remediation. The system is unique in its ability to eliminate incident recurrence, through root cause and corrective action discovery, digital forensics case management, and by generating a foundation of actionable intelligence that supports policies, countermeasures and controls.
DFLabs' Security Orchestration, Automation and Response (SOAR) platform, IncMan SOAR, is designed for SOCs, CSIRTs and MSSPs to automate, orchestrate and measure security operations and incident response processes and tasks, all from within one single, intuitive platform. By integrating security tools, fusing intelligence, sharing knowledge and implementing seamless workflows, IncMan SOAR enables every security incident to be detected, responded to, and remediated in the fastest possible time frame.