Bitdefender Sandbox Analyzer Reviews

Positive

One of my clients is an inpatient rehab facility, where people were bringing their habits and behaviors from the street. We got a notice from our ISP that two of our campuses were violating copyright. We used Sandbox Analyzer to identify the dynamic IP address and MAC ID, which we used to identify the individual. We found BitTorrent on their laptop and sequestered it. We contacted our ISP and avoided the threat of disconnect.

I've deployed Sandbox Analyzer at a single company with 2,200 individual users. It's a large restaurant chain with a lot of temps and high attrition, which is absolutely the worst for security because none of them bother to pay attention to security awareness. You've got to defend the network, the back end, the back office and you've every workstation. The more secure something is, the less convenient it is. They want convenience in retail and restaurant service. They locked out of all sorts of things to get to the shortest possible transaction.

Last week, a senior attorney at one of my clients retired, and a new attorney joined the practice. Good anti-malware software is heuristic. It knows what you're using and what you're not using. For example, if you're not using a Kyocera printer, it knows better than to allow a Kyocera Magenta update to come in because that's a trojan horse. You're being gaslit because there's probably a future viral load going into that puppy.

The newbie attorney has an entirely different approach to working because they graduated law school a year ago while the retiring attorney graduated law school 50 years ago. They used different browsers, tools,and programs. I didn't even know this. From looking at the summary reports on the GravityZone dashboard. I saw that that workstation had completely reconfigured itself based on the total set of policies that we were applying to the entire law firm. It was requesting multiple restarts throughout the week. It wasn't a bunch, but about three. Just by observing the behavior of the new human, it refined and perfected its installation tuned to the new user.

Sandbox Analyzer is easy to use. It's simple to drill down into the data. In a lot of the competing products, an extremely informed end-user can do battle with the tools provided, but in today's market, end-users have less and less time to try and keep up. The CSAW alerts come out every day, and they're huge. Adobe did a master patch last Thursday and another one a few days later. 

The beautiful thing about the GravityZone product group is that you can successfully curate your groups. You can create time-sensitive policies, apply them, and push reconfiguration, so that engine is functioning, tuned, and safe. It gives us a speedy reaction time to events.

It does everything we need. We haven't been able to throw anything at it that it couldn't handle.

I have been using Sandbox Analyzer for three years. 

Sandbox Analyzer is extremely stable even under a high load.

Nothing I've seen in the industry scales better.

GravityZone support is excellent. They're always right. I had to swallow my pride because twice I thought I was right, but it turned out they were. 

Setting up Sandbox Analyzer is straightforward.

Every GravityZone product offers bulk licensing. We've got a sufficiently good track record that we usually renew licenses for three years, so we only have to look around for any given client once every three years. GravityZone is flexible. If we add some licenses to an existing group, they'll provide us with the differential cost so that they all renew simultaneously, making life simpler for us.

I rate BitDefender Sandbox Analyzer because I deal with sensitive clients like law firms and healthcare, so malware has a high cost. I've had opposing counsel use an infected USB drive to try to get a document. Each machine he plugged it into alerted me and defended itself successfully.

If you plan to use Sandbox Analyzer, spend a little time with the tutorials before you start poking in. They're well done. It's an elegant tool, but some things may not be what you think they are, so go through the tutorials at least once.

I like the fact that it works pretty well. It can be a little aggressive at times, but I'd rather have it be a little bit aggressive than not catch what it's supposed to catch. We've been running that platform for about five years, and we've not really had any viruses or malware get through. It's also easy to set up, and it's easy to manage.

It would be better if there were real-time alerts.  Unlike most anti-virus consoles that ping you when there's an infection or something, for some inexplicable reason, Bitdefender doesn't do that. The most you could do is get an hourly email, or maybe if there's an outbreak that affects X% of our machines, it can send me an email. There's no real-time alert to say, "Hey, so-and-so literally 30 seconds ago just had this happen on their machine." Real-time reporting would be a huge improvement.

All in all, it's a pretty nice product, generally speaking. They do a pretty good job. They can pretty much go toe to toe with just about anybody. 

I've not had occasion to use the EDR portion to try and do any kind of custom scripting to drill into things that are going on at the endpoints. But my understanding from reading comments of others is that it's not as flexible in that regard as some other platforms.

It's a stable solution.

It's a scalable solution.

I've had a couple, probably two or three interactions with their tech support. Suppose I were to give them a grade, probably about a seven. They're not great. They're not terrible. I think that the biggest challenge for Bitdefender is to move out of the SMB mom-and-pop space and really become kind of an enterprise platform.

Honestly, we've had a number of anti-virus solutions, and we used Sophos and ESET most recently and liked both for different reasons but chose to move on for both manageability and for increased detection rates.

Bitdefender has been pretty reliable. There are a few key things I always look for in an endpoint security platform. One of them is how much burden does it put on the endpoint? Is it basically a heavy client, or is it pretty thin? Does it suck more than 10% of the system resources in order to do its job? And the answer is no. It's a pretty well-balanced client. It doesn't eat a lot of system resources, allows the systems to continue to perform at the appropriate level.

It catches a very high percentage of the stuff that you throw at it. So it's doing what you're actually buying it to do and it doesn't give off a lot of false positives. In the EDR portion, you'll get more false positives, but the actual client itself, in terms of viruses and malware and stuff outside of the EDR component, there are very few false positives there.

The initial setup is pretty straightforward, pretty simple to get your head around. It's actually a pretty nice product where all things are equal. 

I think it's probably less expensive than something like CrowdStrike. We got a really good deal because it was literally their year-end, and they were trying to close all the sales for the week. So we bought a three-year contract from them. It roughly ended up costing me somewhere around $17 for an endpoint per year. It was really quite a nice pricing. I've talked to other folks where they got CrowdStrike, and it's like $60 for an endpoint for a year. 

I put a lot of stock in third-party benchmark reviews, and Bitdefender always reviews well pretty much across the spectrum. It's always funny to me that they actually review better that many of the "next gen" solutions. NSS Labs, MITRE, AV-Comparatives and others. usually score them pretty highly.  Bitdefender and Kaspersky, both typically, month in and month out, are two of the top platforms.

The other "next gen" EDR solutions like SentinelOne, CrowdStrike, and Cylance have been much harder to get independent confirmation of the efficacy than it has been to get the efficacy of the "traditional" endpoint products. This being said, I am actually considering moving to CrowdStrike once our Bitdefender contract is done.

They have done a decent job with the way they have their policies constructed and the ability to manage them. It's reporting and alerting me when a user gets a virus. I don't want the solution to make me wait an hour or until I get my email the next day in order to alert me of an outbreak.  

I don't want an email every hour to tell me I have an infection or not, just send me one when it happens. Don't flood my inbox with emails saying nothing happened. This is probably my biggest complaint about the product.  Real-time alerts are important!

This being said, I would tell potential users that it's definitely worth putting on your shortlist and testing.

On a scale from one to ten, I would give Bitdefender Sandbox Analyzer an eight.

We are providing Bitdefender to customers. It is for threat defense. 

We are using its latest version. It is deployed on-prem, but they have both deployment models. They support on-prem and cloud deployments. 

It is easy to use, and there is a lot of automation. So, users don't need to worry about that. 

It should be more secure. There should be more protection, especially for non-signature-based malware. It works fine for non-signature-based malware, but I expect it to become a bit more advanced to be able to cope with future or upcoming environments.

I have been using this solution for a couple of months.

Its stability and performance are okay.

It is scalable. In my company, there are not many people. We have less than 10 people. 

Their support is good.

It is straightforward and easy.

I can install it myself. We have three technical people for Bitdefender.

You need a license to a certain extent. You need to pay for advanced features. For corporate accounts, it isn't really a problem, but pricing is an important thing for many companies. 

The antivirus market is not very easy because there are a lot of products, such as Norton, McAfee, and the price cannot be high unless you have some special features, and you provide the whole solution. Besides antivirus, there are a lot of security solutions provided by other companies for all kinds of things, such as phishing emails. To some extent, Bitdefender already covers most of the security features. You don't need to buy other solutions. If you are using the paid version, it already covers isolation and some ATT&CKs, but it is not the only one in the market with such capabilities.

I would recommend this solution to others. It seems to have been selected as the number one solution this year by a magazine.  

I would rate it a nine out of 10.

The solution is useful in the event of a gray file or grayware, as there are certain files users may download of which we know little about. The sandbox can then answer the question if the file is good, white or black, or a gray file or grayware. 

The solution we use, which is cloud-based, is simple and easy. We have not yet tried the on-premises platform, something we propose to our clients. 

We would like to see the time it takes for the sandbox to analyze a file reduced from its ten or fifteen minute duration to five. 

The support should also be increased for more operating systems. 

We have been using Bitdefender Sandbox Analyzer for two years.

While technical support is great, it could be faster. 

Installation is irrelevant to the cloud-based solution, as it only requires a licensing fee.

We propose the on-premises solution to most of our customers, for which we must provide a license. No such request accompanies customers who want a cloud-based solution. 

As mentioned, we make use of the cloud-based solution and the on-premises one we reserve for our customers.

For the moment, we have no customers who are making use of the solution. 

We have a single engineer who is in charge of the deployment and maintenance. A manager handles this on the end-user side. 

I would recommend the solution to someone who is using  Bitdefender GravityZone.

I rate Bitdefender Sandbox Analyzer as an eight out of ten.