Vice President & Deputy Chief Security Officer at Lumen Technologies
Real User
Top 20
Jul 10, 2025
In terms of areas for improvement, Zafran Security is doing a really great job as a new and emerging company. Oftentimes, new companies try to be everything to everyone or overload the system with features, drifting from the core mission. Zafran Security has stayed the course, remaining nimble and responsive to feature requests. I'm struggling to think about what could be done better because we're happy with the technology, features, and support. In terms of what can be done better, I suggest increased automation and prioritization of new industry threats, especially those related to zero-day vulnerabilities. These come out daily, and they are one of our biggest use cases. We struggle with combing through open-source intelligence, news articles, government partners, and industry peer groups, relying on Zafran Security to help us quickly identify risks for zero-days. Faster automation and prioritization of industry threats is an area where improvement would be beneficial.
Sr. Information Security Analyst at a healthcare company with 501-1,000 employees
Real User
Top 10
May 20, 2025
The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements. Overall, you get some dashboards and widgets to start with that are helpful, but customization was lacking. It is definitely a weaker point of the product right now, but am confident this will be changing soon!
Vice President, Information Security at a financial services firm with 1,001-5,000 employees
Real User
Top 20
Apr 10, 2025
Zafran is a new startup. Features are continuously being added or improved. 1) Continued integrations with existing (less popular) security tools. Not everyone is using the Gartner Magic Quadrant upper right corner security tools, so additional tools will continue to be onboarded as requested. 2) Bringing in anything considered a gap or weakness. This includes AppSec tools using CWEs and System Configuration tools based on CIS Benchmarks to further determine if an exploit is currently blocked or prevented across the entire vulnerability spectrum.
Works at a healthcare company with 10,001+ employees
User
Top 10
Mar 12, 2025
While Zafran Security is already a powerful tool, there are areas where it could be further improved to provide even greater value. One key area for enhancement is the searching capabilities within its vulnerabilities module. By incorporating the ability to create Boolean searches, users would gain the ability to apply more complex filters and customize their search criteria. This would greatly enhance the precision and efficiency with which security teams can identify and prioritize vulnerabilities. Having such tailored search capabilities would save time and resources by narrowing down vast lists of vulnerabilities to those that meet specific parameters relevant to our unique risk environment. Additionally, integrating more robust reporting and visualization tools would be advantageous. Enhanced dashboards that offer customizable visual representations of risk configurations and threat landscapes would facilitate better communication with stakeholders, making it easier to explain vulnerabilities and the rationale behind certain security measures. This would also aid in demonstrating the improvements and value derived from existing security investments to leadership and non-technical team members.
Zafran Security integrates with existing security tools to identify and mitigate vulnerabilities effectively, proving that most critical vulnerabilities are not exploitable, optimizing threat management.
Zafran Security introduces an innovative operating model for managing security threats and vulnerabilities. By leveraging the threat exposure management platform, it pinpoints and prioritizes exploitable vulnerabilities, reducing risk through immediate remediation. This platform enhances your...
In terms of areas for improvement, Zafran Security is doing a really great job as a new and emerging company. Oftentimes, new companies try to be everything to everyone or overload the system with features, drifting from the core mission. Zafran Security has stayed the course, remaining nimble and responsive to feature requests. I'm struggling to think about what could be done better because we're happy with the technology, features, and support. In terms of what can be done better, I suggest increased automation and prioritization of new industry threats, especially those related to zero-day vulnerabilities. These come out daily, and they are one of our biggest use cases. We struggle with combing through open-source intelligence, news articles, government partners, and industry peer groups, relying on Zafran Security to help us quickly identify risks for zero-days. Faster automation and prioritization of industry threats is an area where improvement would be beneficial.
The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements. Overall, you get some dashboards and widgets to start with that are helpful, but customization was lacking. It is definitely a weaker point of the product right now, but am confident this will be changing soon!
Zafran is a new startup. Features are continuously being added or improved. 1) Continued integrations with existing (less popular) security tools. Not everyone is using the Gartner Magic Quadrant upper right corner security tools, so additional tools will continue to be onboarded as requested. 2) Bringing in anything considered a gap or weakness. This includes AppSec tools using CWEs and System Configuration tools based on CIS Benchmarks to further determine if an exploit is currently blocked or prevented across the entire vulnerability spectrum.
While Zafran Security is already a powerful tool, there are areas where it could be further improved to provide even greater value. One key area for enhancement is the searching capabilities within its vulnerabilities module. By incorporating the ability to create Boolean searches, users would gain the ability to apply more complex filters and customize their search criteria. This would greatly enhance the precision and efficiency with which security teams can identify and prioritize vulnerabilities. Having such tailored search capabilities would save time and resources by narrowing down vast lists of vulnerabilities to those that meet specific parameters relevant to our unique risk environment. Additionally, integrating more robust reporting and visualization tools would be advantageous. Enhanced dashboards that offer customizable visual representations of risk configurations and threat landscapes would facilitate better communication with stakeholders, making it easier to explain vulnerabilities and the rationale behind certain security measures. This would also aid in demonstrating the improvements and value derived from existing security investments to leadership and non-technical team members.
I would like to see an integration with Check Point firewalls. It's essential for us and they are currently working on it.