The initial aspect concerns two engines. The first one mentioned is available for searching behaviors directly. The second engine involves the Google Ade tool, which operates on the machine. The challenge arises when attempting to rectify protection rules, causing confusion. It would be beneficial to enhance Rigixs Query. I encounter difficulty removing certain entries in behavior or alerts; likewise, I am unable to add specific calls.
There is room for improvement in email security. It's a security issue. If you're aiming for XDR, covering the entire threat landscape is crucial. Email is a huge attack vector, and while they have a mailbox module, it's not as strong as the other server modules. So, email security needs to be more robust.
Security Operations Center (SOC) and Digital Forensics & Incident Response (DFIR) Manager at a tech services company with 1,001-5,000 employees
Real User
Mar 22, 2021
The detection is determined by the analyst. The analyst has to do the detection. It's not similar to FireEye Mandiant, which has pre-set detection. Still, Fidelis Elevate is improving. As of now, they are creating a lot of detection rules and tools for detecting malicious activity. Configuration, in terms of building the collector and communicating with endpoints, is complex. There is a lot of backend software that needs to be installed on all of the hardware as well.
Security Solutions Architect at a tech services company with 11-50 employees
MSP
Nov 24, 2020
One of the components of Fidelis is on the Windows Server. All the other components are on Linux. I would like to remove the Windows Server. I have had many conversations with Fidelis representatives. A lot of time is being spent with them. The reports in the endpoint area of Elevate can be improved.
I think the ADR, in general, can be improved. They need to work on the live response and investigative features. They also need to make the antivirus stronger. It does not have a good antivirus if you compare it to Bitdefender. We position the solution as an antivirus, but this part of the solution needs improvement. They need to generally enhance the features that they have, rather than adding anything new.
Fidelis Elevate integrates network visibility, data loss prevention, deception, and endpoint detection and response into one unified solution. Now your security team can focus on the most urgent threats and protect sensitive data rather than spending time validating and triaging thousands of alerts.
The initial aspect concerns two engines. The first one mentioned is available for searching behaviors directly. The second engine involves the Google Ade tool, which operates on the machine. The challenge arises when attempting to rectify protection rules, causing confusion. It would be beneficial to enhance Rigixs Query. I encounter difficulty removing certain entries in behavior or alerts; likewise, I am unable to add specific calls.
There is room for improvement in email security. It's a security issue. If you're aiming for XDR, covering the entire threat landscape is crucial. Email is a huge attack vector, and while they have a mailbox module, it's not as strong as the other server modules. So, email security needs to be more robust.
The detection is determined by the analyst. The analyst has to do the detection. It's not similar to FireEye Mandiant, which has pre-set detection. Still, Fidelis Elevate is improving. As of now, they are creating a lot of detection rules and tools for detecting malicious activity. Configuration, in terms of building the collector and communicating with endpoints, is complex. There is a lot of backend software that needs to be installed on all of the hardware as well.
One of the components of Fidelis is on the Windows Server. All the other components are on Linux. I would like to remove the Windows Server. I have had many conversations with Fidelis representatives. A lot of time is being spent with them. The reports in the endpoint area of Elevate can be improved.
I think the ADR, in general, can be improved. They need to work on the live response and investigative features. They also need to make the antivirus stronger. It does not have a good antivirus if you compare it to Bitdefender. We position the solution as an antivirus, but this part of the solution needs improvement. They need to generally enhance the features that they have, rather than adding anything new.
Update: The interface bug issue hasn't happened in last three months. This may be solved now, we hope. Support seems better.