Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else.
The licensing requirements are not very clear from the outset.
VMware Carbon Black Endpoint Security is a comprehensive endpoint protection platform (EPP) designed to safeguard enterprises from advanced cyber threats, malware, ransomware, and other forms of malicious attacks. Leveraging cloud-native architecture, it provides a robust set of tools to detect, prevent, investigate, and respond to cybersecurity incidents across environment. The solution stands out for its advanced behavioral analytics, real-time threat hunting, and customizable policies, making it a preferred choice for businesses seeking to fortify their defenses in the evolving cybersecurity landscape.
The cost/benefit factor has great relevance in Cb Defense implementations.
I am not really involved in the pricing of this product. But, from my understanding, it is OK for us.
The cost/benefit factor has great relevance in Cb Defense implementations.
I am not really involved in the pricing of this product. But, from my understanding, it is OK for us.
AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
Palo Alto Networks delivers a complete solution that helps Tier-1 through Tier-3 analysts and SOC managers to optimize the entire incident life cycle while auto documenting and journaling all the evidence. More than 100+ integrations enable security orchestration workflows for incident management and other critical security operation tasks.
There is a perception that it is priced very high compared to other solutions.
From the cost perspective, I have heard that its price is a bit high as compared to other similar products.
There is a perception that it is priced very high compared to other solutions.
From the cost perspective, I have heard that its price is a bit high as compared to other similar products.
Exabeam Fusion SIEM is a cloud-delivered solution that that enables you to:
-Leverage turnkey threat detection, investigation, and response
-Collect, search and enhance data from anywhere
-Detect threats missed by other tools, using market-leading behavior analytics
-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages
-Enhance productivity and reduce response times with automation
-Meet regulatory compliance and audit requirements with ease
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
They have a great model for pricing that can be based either on user count or gigabits per day.
If the customer has only a few users in some environment, then Exabeam is cheaper than competitors. But it can get expensive when adding more users.
Cisco SecureX is an integrated security platform that connects the breadth of Cisco's integrated security portfolio and the customer's infrastructure to create a consistent experience. The solution unifies visibility, enables automation, and strengthens your security across network, endpoints, cloud, and applications. Cisco SecureX is embedded within every Cisco Security product and supports integrations with SIEM and SOAR, so customers will not need to replace any solution or worry about layering on new technology.
For the value you get, the pricing of the solution is excellent.
It would be nice if they had a different pricing model. Most of our budget for projects goes towards Cisco.
For the value you get, the pricing of the solution is excellent.
It would be nice if they had a different pricing model. Most of our budget for projects goes towards Cisco.
ThreatConnect Threat Intelligence Platform (TIP) is a comprehensive solution designed to help organizations effectively manage and analyze threat intelligence data. With its advanced capabilities, TIP enables users to collect, enrich, and analyze threat data from various sources, providing valuable insights and actionable intelligence.
One of the key features of TIP is its ability to aggregate threat data from multiple sources, including open-source feeds, commercial feeds, and internal sources. This allows organizations to have a holistic view of the threat landscape and identify potential risks and vulnerabilities. TIP also supports the integration of third-party tools and feeds, further enhancing its capabilities.
TIP provides powerful enrichment capabilities, allowing users to enrich threat data with additional context and information. This includes the ability to automatically correlate threat data with indicators of compromise (IOCs), threat actors, and other relevant information. The enrichment process helps organizations gain a deeper understanding of threats and enables them to make more informed decisions.
With its advanced analytics capabilities, TIP enables users to analyze threat data and identify patterns, trends, and anomalies. This includes the ability to perform advanced queries, create custom dashboards and reports, and visualize data in a meaningful way. These analytics capabilities help organizations identify emerging threats, prioritize response efforts, and proactively mitigate risks.
ThreatConnect Threat Intelligence Platform also provides collaboration features, allowing users to share threat intelligence with internal teams, partners, and the broader security community. This includes the ability to create and manage secure communities, share indicators and reports, and collaborate on investigations. By fostering collaboration, TIP helps organizations leverage collective intelligence and improve their overall security posture.
The price of this product is in the mid-range, not too expensive, nor inexpensive.
The price could be better.
The price of this product is in the mid-range, not too expensive, nor inexpensive.
The price could be better.
ServiceNow Security Operations is a cutting-edge security solution designed to elevate organizations' security incident response (SIR) processes through automation and orchestration. Going beyond traditional SOAR, this comprehensive Security Operations Suite integrates seamlessly with other ServiceNow products and offers a wide array of features. Its components include Security Incident Response (SIR), which automates incident workflows and offers pre-built playbooks; Security Configuration Compliance (SCC), continuously scanning and automating compliance tasks; Vulnerability Response (VR), prioritizing and remediating vulnerabilities; Threat Intelligence (TI), aggregating threat data for proactive threat hunting; and additional features like IT Service Management integration, Machine Learning and AI, reporting, and a mobile app. The benefits span improved incident response speed, reduced mean time to resolution, increased security posture, enhanced compliance, collaborative synergy between security and IT teams, and operational cost reductions.
This product is a good value for the money.
The solution is more expensive than BMC Remedy, the other ITSM tool available in the market.
This product is a good value for the money.
The solution is more expensive than BMC Remedy, the other ITSM tool available in the market.
Fortinet FortiSOAR (Security Orchestration, Automation, and Response) is a comprehensive security operations platform created to help SOC teams effectively respond to the growing volume of alarms, repetitive manual tasks, and resource shortage. This patented and customizable security operations workbench provides companies with automated playbooks, incident triaging, and real-time remediation to identify, defend, and counter threats. FortiSOAR effortlessly integrates with more than 350 security products and performs more than 3,000 actions to increase SOC team productivity. With this solution, response times are accelerated, containment is simplified, and mitigation times are cut from hours to seconds.
Pricing is fine compared to other solutions.
The solution offers both licensing and subscription models that are similar in price to other products.
Pricing is fine compared to other solutions.
The solution offers both licensing and subscription models that are similar in price to other products.
By design, XSIAM operates across both cloud and enterprise security operations, providing true end-to-end-management of threats, wherever they originate. While companies born in the cloud benefit from the scale and automation of XSIAM and the ease of integration with public cloud and SaaS telemetry, organizations with legacy SIEM deployments can seamlessly transition to XSIAM as the next-generation autonomous SOC platform.
In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate.
The solution comes at a significant cost.
In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate.
The solution comes at a significant cost.
The Resilient Incident Response Platform (IRP) is the leading platform for orchestrating and automating incident response processes.
It is very expensive.
There is a license you need to pay for in order to use this product.
It is very expensive.
There is a license you need to pay for in order to use this product.
Logpoint is a cutting-edge security information and event management (SIEM) solution that is designed to be intuitive and flexible enough to be used by an array of different businesses. It is capable of expanding according to its users' needs.
Our licensing fees are about $10,000 USD per month, which I think is fair.
It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value.
Our licensing fees are about $10,000 USD per month, which I think is fair.
It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value.
Fidelis Elevate integrates network visibility, data loss prevention, deception, and endpoint detection and response into one unified solution. Now your security team can focus on the most urgent threats and protect sensitive data rather than spending time validating and triaging thousands of alerts.
It's quite expensive but we can customize it to reduce the price.
Fidelis Endpoint is an expensive product. My company makes yearly payments toward the licensing cost of the solution.
It's quite expensive but we can customize it to reduce the price.
Fidelis Endpoint is an expensive product. My company makes yearly payments toward the licensing cost of the solution.
Compared to other Antivirus products, the cost of this solution is a bit high.
This solution is priced in the mid-range.
Compared to other Antivirus products, the cost of this solution is a bit high.
This solution is priced in the mid-range.
Swimlane is a leader in security orchestration, automation and response (SOAR). By automating time-intensive, manual processes and operational workflows and delivering powerful, consolidated analytics, real time dashboards and reporting from across your security infrastructure, Swimlane maximizes the incident response capabilities of over-burdened and understaffed security operations.
Tines helps the world's most security-conscious companies automate their repetitive workflows. With a laser-focus on automation, Tines is powerful, flexible, and robust enough to run all of the security team’s critical workflows.
Siemplify offers the ability to: Manage security operations from a single platform, build repeatable, automated security processes, and track, measure and improve SOC performance.
Torq no-code security automation unifies and automates the security stack to drive unparalleled protection and productivity. Torq provides enterprise-scale automation and orchestration with a simple no-code platform.
Pricing for this solution could be made lower.
The solution is very inexpensive so there is great cost savings to using it.
Pricing for this solution could be made lower.
The solution is very inexpensive so there is great cost savings to using it.
SECDO enables security teams to identify and remediate incidents fast. Using thread-level endpoint monitoring and causality analytics, SECDO provides visibility into every endpoint along with the context necessary for understanding whether a suspicious activity is a genuine threat. Unique deception techniques force threats like ransomware out into the open early, and trigger automated containment and remediation.
Be sure of the actual number of endpoints in your company.
The price of this solution is the highest in the market, although there are no costs in addition to the standard licensing fees.
Be sure of the actual number of endpoints in your company.
The price of this solution is the highest in the market, although there are no costs in addition to the standard licensing fees.
The cybersecurity landscape is growing more complex by the day with the arrival of new threats and new tools supposedly designed for combating them. The problem is it’s all creating more noise and confusion for security professionals to sort through.
I've told CRITICALSTART that I think the managed service they provide is cheaper than it should be. It's a really good deal.
It costs a lot for what we felt comfortable to spend.
I've told CRITICALSTART that I think the managed service they provide is cheaper than it should be. It's a really good deal.
It costs a lot for what we felt comfortable to spend.
With InsightConnect, your team will get more done and respond to security events faster than ever before. And with significant time savings and productivity gains across overall security operations, you’ll go from overwhelmed to operating at maximum efficiency in no time flat.
No defense can stop every attack. When something does get through, Proofpoint Threat Response takes the manual labor and guesswork out of incident response to help you resolve threats faster and more efficiently. Get an actionable view of threats, enrich alerts, and automate forensic collection and comparison. For verified threats, quarantine and contain users, hosts, and malicious email attachments - automatically or at the push of a button.
It's quite affordable to have it with this much functionality and ease to administrate.
It's quite affordable to have it with this much functionality and ease to administrate.
D3 Security provides a full-lifecycle incident management platform—one that enables multiple detection sources, enriches standards-based workflows with threat intelligence, orchestrates response, and always guides its users to conclusive remediation. The system is unique in its ability to eliminate incident recurrence, through root cause and corrective action discovery, digital forensics case management, and by generating a foundation of actionable intelligence that supports policies, countermeasures and controls.
Cyware Fusion and Threat Response
A threat response automation platform that combines cyber fusion, advanced orchestration, and automation to stay ahead of increasingly sophisticated cyber threats affecting enterprises in real-time
IBM Cloud Pak for Security is comprised of containerized software pre-integrated with Red Hat OpenShift. The platform connects to your existing security tools – and through the use of open standards – allows you to search for threat indicators across your hybrid, multicloud environment.
DFLabs' Security Orchestration, Automation and Response (SOAR) platform, IncMan SOAR, is designed for SOCs, CSIRTs and MSSPs to automate, orchestrate and measure security operations and incident response processes and tasks, all from within one single, intuitive platform. By integrating security tools, fusing intelligence, sharing knowledge and implementing seamless workflows, IncMan SOAR enables every security incident to be detected, responded to, and remediated in the fastest possible time frame.
With Cofense Triage, you can orchestrate and automate your response to attacks. Our platform analyzes and categorizes user-reported emails, enables incident responders to investigate and respond. Automated playbooks and workflows coordinate your response. It’s the faster, more efficient way to stop phishing attacks in progress.
Security automation platform for the entire threat lifecycle. Automate repetitive, time consuming and mundane security tasks at machine speeds and enterprise scale, and free your security analysts to focus on higher value security activities.
