Field Effect MDR Reviews

My main use case for Field Effect MDR is keeping my customers secure.

A quick specific example of how I use Field Effect MDR to keep my customers secure is that it helps me identify computers that need updates, even when I believe they are already updated.

Field Effect MDR finds software and Windows updates that aren't being completed, which I find very valuable.

One way Field Effect MDR can be improved is through its licensing process, which is not ideal.

The licensing process is difficult because I have to access a separate website to complete it.

I have been using Field Effect MDR for about eight months.

In my experience, Field Effect MDR is somewhat stable. However, I have one situation where it has been two months trying to resolve an installation issue on a server, which has consumed a significant amount of time. They have been unable to determine the cause of the problem. Besides that particular issue, everything else has worked fine.

When I've encountered issues such as the server installation problem, customer support does screen sharing sessions, though we could develop solutions more quickly.

Positive

I previously used Huntress and SentinelOne before Field Effect MDR.

I have not seen a return on investment. I think it has actually required more time to use, but it's necessary, so it provides value.

My advice to others looking into using Field Effect MDR is to take it for a test run and see what it finds. That's what I did, and I appreciated the results. I rate Field Effect MDR an eight out of ten.

We use Field Effect MDR to deliver managed IT services to our clients.  It can be deployed on-premises via a line network appliance. You can also use a virtual cloud appliance. It depends on the client's needs. They're flexible. 

We were using a highly regarded competing product, but the company decided to go directly to one of our largest clients, which is the kiss of death for a managed service provider. Once your partner decides to go directly to your client base, they have breached the partnership, so we decided to look for alternatives. After due diligence research, we found Field Effect MDR, which we weren't familiar with then. After going through the demos, we realized that this solution was broader in coverage than what we already had in place.

We saw the benefit within the first week because Field Effect identified a malware infection in our environment other solutions had missed. We were running blind in that area. When we deployed it, Field Effect found an actionable alert within the first couple of days that gave me a lot of peace of mind. I realized we had much broader visibility than I thought we had. The ability to catch that incident quickly, in real time and then block it in real time, helped me as a security officer rest easier at night knowing that we had this level of visibility and actionable response.

It's lowering our overall security risk levels and helping our clients level up their protections. It enables our clients to focus on business without worrying about the underlying cybersecurity posture. They can avoid a massive ransomware or a large-scale phishing event that costs them hundreds of thousands, if not millions, of dollars. 

Some companies provide all the tools that Field Effect has, but in different, point solutions. It's important that Field Effect is a consolidated solution enabling us to be as efficient as possible. Fragmenting the infrastructure too much creates administrative overhead because we need to be in three, four, or more portals and admin consoles. Consolidating our toolsets streamlines process while enabling us to leverage automation helping us scale as an organization. 

Field Effect's security analysts triage the incoming alerts as they come in and weed out false positives. That saves our engineers a lot of time because we're only getting the actionable information we need to act on, ensuring the client is protected most effectively. If we have a high-severity alert, we can knock it out. We know exactly what to do. Very low false positive rate.

In the previous solution, we had to devote more higher-level engineering resources to understand that system and support it properly. We faced a long-term scalability issue. By switching to Field Effect, we avoid spending extra time spinning wheels for something that doesn't matter. We're only spending effort on things that are identified and validated.

We replaced Cisco Umbrella and CrowdStrike with Field Effect. Those were the main ones, but we also replaced SentinelOne and Sophos. It broadened the coverage of the ecosystem. These previous solutions each covered little slices of the ecosystem, whereas Field Effect has a wider breadth. 

The most valuable aspect of Field MDR is the comprehensive visibility the solution offers. Most solutions cover the traditional threat landscape for endpoints, including computers, endpoints, servers, etc. However, there are also risk within the network environment, such as WiFi, mobile, the Internet of Things, smart TVs, video surveillance systems, etc., that have associated vulnerabilities. These devices may not be actively managed or protected in most environments. 

Field Effect MDR gives you visibility across the entire ecosystem. With this broad visibility, you can significantly lower your operational risk. Field Effect has a team of high-quality security analysts reviewing the initial triage to determine whether an alert is actionable. They clear out the false positives and feed our security operation center actionable alerts. It lets us save time because we're only dealing with real issues instead of weeding out the false positives and wasting time. 

Managing Field Effect is straightforward. We have a good internal process to manage this. It's mainly about having some automation in place to streamline things and having some processes for keeping my software and third-party patching up to date. A lot of security alerts fall in those areas. It helps us identify issues quickly and lower the overall risk for our client rate.

It groups alerts by risk levels. The nomenclature is straightforward and easy to understand. Our engineers and technicians are well-versed in the topic. 

Field Effect MDR could broaden the portfolio of supported cloud applications. They integrate about 15 to 20 out of the box, including Office 365, Azure, Salesforce and others. I'd love to see a consistent flow of new integrations, including line of business apps for critical industries and additional cloud applications that are commonly used. Some have been added since, this is an area of opportunity with them, along with third party patching. 

I have used Field Effect MDR for four years. 

I rate Field Effect support 10 out of 10. 

Positive

Field Effect MDR is a straightforward deployment. We can do it quickly with no issues on our end. Once you get an appliance, you can spin that up and plug it into the infrastructure. Once that appliance is in the environment, it's a question of deploying agents out to all the devices you need to manage. 

We need to leverage our deployment mechanism for that, and that process can be done quickly. At that point, it starts monitoring and you start finding security issues.

Field Effect is fairly priced from my perspective. You get a lot of bang for the buck with this and a level of visibility that provides you with greater peace of mind knowing that the system is carefully monitored. You also have automated responses for known malicious behavior at any time of the day. Someone could have their Office 365 mailbox compromised at 2 in the morning on a Saturday when most people are asleep or not paying attention, and the system can prevent an issue in an automated way. 

Arctic Wolf

Blackpoint

I rate Field Effect MDR 10 out of 10. 

I am with an IT MSP or IT Managed Services Provider. We have clients who allow us to provide their IT services. We provide services for desktop support and all the way up to network administration, technical projects, and so forth.

We use Field Effect MDR for our clients as well as for ourselves, so we use it internally as well as resell it to our IT MSP clients.

Field Effect MDR is backed by experts who are constantly monitoring for attacks and risks. It is extremely important and relevant to us. Field Effect or at least the core team, comes out of offensive security with nation/state actions. That is very practical knowledge. Being able to take that and understand both from the offensive side and the defensive side is valuable. Knowing how to counter those offensive acts and how to anticipate them puts them in a great spot to understand the cyber landscape. We are able to stay on top of trends within that cyber landscape. Because they have intelligent sources or habits that they have developed from their history, it is very effective. We have a lot of trust in the leadership of Field Effect, the line managers, the SOC in charge, the forensic teams, and the incident response teams. We have very high confidence that our interests are highly regarded by them, and they are trying to protect our business, our interests, and our clients. They are also able to steer us in great directions. 

Even though they have such deep industry experience, they are willing to collaborate and listen. This is something that I would not have expected from a team like Field Effect. On the partnership side, we have used other top-tier EDR or MDR products. The products are great, but the partnerships in some cases have been just average. In some cases, they have been antagonistic, so from Field Effect, I was not expecting much, particularly having learned about their background. However, when we got working with them, it was just a revelation of how open they were to our situation and our particular needs, which are very different from their own priorities. They have been willing to work with us within reason. They have a development roadmap that they have to follow, but whenever we needed critical things to make Field Effect MDR a part of our core business and a successful part of our core business, they were very willing to listen. In many cases, they also acted on the requests. It has been a fantastic and very effective partnership.

We use its tagging of security threats as actions, recommendations, or observations. It is critical. We have used a lot of platforms, We have used the second-tier ones and also the top-tier ones in Magic Quadrant. The main issue with all of those platforms is noise. How do you improve the signal-to-noise ratio so that you are not spending a lot of your senior security analyst's time triaging non-actionable tickets, events, or alerts and they can focus on those truly actionable things that might require some level of direct incident response? With other platforms, including other top-tier platforms such as SentinelOne or CrowdStrike, we would get a lot of false positive notifications, and cutting through the noise was difficult. With Field Effect, because they use the ARO system of actions, recommendations, and observations, they have severity levels within each of those bands. I am not sure, but I believe there are five bands between each of those. We use a system called ConnectWise PSA as our ticketing system, so we are able to insert workflow rules and other automation assistance so that we can do some pre-filtering of the alerts to make sure that we direct all the high-priority notifications to our SOC team. We can either auto-close lower priority or lower severity notifications because they are non-actionable or are more informative, or we can funnel them to our regular help desk. A notification about your web browser being out of date does not need to go to the SOC. That can go to the regular service team to help walk the client through an update or do the update for them and things like that, so AROs are critical. It definitely allows us to maximize our limited and expensive resources so that we are focused on truly actionable things and not waste time on false positives.

As of now, Field Effect MDR gives us a single cybersecurity product that proactively protects all our threat surfaces, but who knows what may happen in the future. Field Effect MDR is holistic. With this one product, you get the host-based stuff. You get the network appliance. You get cloud monitoring. You get the DNS firewall. It is a much simpler product to handle from a billing perspective. From an account management perspective, the full version of Field Effect MDR is effective and easy to manage. They also have other versions, but the full product version is a one-stop shop. There is an add-on that they have probably introduced over the last year or maybe six months. It is for cloud retention. Field Effect MDR in many aspects is a SIEM, but they have not exposed all the traditional capabilities of SIEM, namely the dashboarding side or the user-facing side. It also lacked the ability for a SIEM to be a generic log aggregator or a log ingestion sync of any source of log data. They have now added that capability where you can add on log retention services if you need it for compliance or insurance or just your own digital forensics requirements. By default, it retains its own telemetry for 90 days, but if an organization wants to retain logs for 360 days or longer for compliance and data retention, they have a service for that. That is an add-on, but the core platform with its 90-day retention is usually acceptable to the majority of our clients.

Field Effect MDR most certainly helps our security team save time. It does that passively via ARO classification. The Field Effect SOC is doing its job through machine learning, human analysts, and other heuristics to make sure that events are categorized as best as they can. We can leverage their deep experience, which makes it much easier for my team. When we get an alert via Field Effect MDR, it is already packaged as an action, a recommendation, or an observation. When we get an action of medium or higher severity, that automatically goes to my company's SOC for some triaging and analysis to determine whether we need to spin up an incident response or what the proper response is to that notification. Lower-scored items, such as observations, recommendations, and low severity or priority actions, go to a SOC coordination team, which will also do some less technical triage to classify them, or it will be handled by some of our automations. The fact that AROs are being so effectively and correctly targeted allows us to focus our most senior, most expensive, and most skilled resources on things that actually matter.

We also gain efficiencies because the Field Effect SOC is collaborative. We do not just get an ARO. We are also able to initiate communication. If we have an action or event that we want to follow up on, be it an action, recommendation, or observation, we can request help. If my company SOC needs some guidance because we are not quite sure, or it is on the bubble of being actionable versus non-actionable and we want a second opinion before we close a ticket or spin up an incident for the response team, we can request help from the Field Effect SOC. They collaborate with us and explain the logic behind why they classified something like this. They listen to our points, perspectives, and considerations. They work with us to figure out whether it is something that we need to worry about, or it is something that we can defer or ignore. That is extremely helpful. With some of our other partnerships on technology products, including security products, it has been very difficult to get this level of effective collaboration from the vendor. That has been fantastic. That has allowed us to accelerate our plans. Initially, we were thinking about using Field Effect MDR only for certain clients who have purchased a higher tier or premium security service, like an MSSP service specific to security and compliance. However, given how scalable Field Effect MDR is through those efficiencies built into the platform, into their classification system of events, and indirect staff augmentation via their Field Effect SOC, we have now made Field Effect MDR the standard security platform for all of our clients, even the ones who are only on core IT support plans.

Field Effect MDR informs us of the threats that matter and how to address them. AROs are very detailed. A lot of security platforms provide that detail, so I do not know if that is especially unique in the Field Effect's case, but it is certainly effective. AROs are very well-detailed, and they describe which event triggered the alert. They explain why it is of interest but not an actual problem. They also detail the steps to remediate, mitigate, or dismiss a particular alert. They are very effective from that perspective.

They also provide us with bulletins. We have been lucky so far. None of our clients have been subject to any sort of rising threat. However, we would not necessarily know about it unless we are paying attention to security forms and other information sources. Field Effect is one of those sources. When they start to see a negative trend, they alert their community. As a channel partner of Field Effect, we get alerts, warnings, or notifications on those emerging threats. We can then alert our SOC and pay attention to some of the indicators of compromise that might not be flourishing into a full attack but are indicative of attack precursors. Those advanced alerts of emerging threats are key. Field Effect is attempting to keep us informed as a channel partner. I do not know how true that would be for a direct customer of Field Effect.

As a channel partner, we also get visibility into their development roadmap. We have influence over that roadmap. Understanding what is coming down the line in terms of feature enhancements, feature improvements, new features, new capabilities, and new services is great for us. We are a decently sized IT MSP with a growing set of MSSP services. We cannot always turn on a dime, so advanced notice, particularly in terms of forthcoming items, is very key. It allows us to help make sure that our various teams—technical teams on the SOC or the service delivery side, client-facing teams such as our account management teams, our VCIOs, our VCSOs, and marketing team—are working in a highly synchronized or collaborative manner. They can make our new services and offerings as successful as possible with minimal friction in our particular marketplace.

It is hard to take them in isolation. It is a security product, so it is all about defense and depth. You cannot be monolithic, so you have to be holistic, and that is what Field Effect MDR is. It starts with their host-based agents, their EDR agents, which are very capable, but those are bolstered by network compliance, which does network intrusion detection. We are getting visibility over the network, not just for those hosts that have a Field Effect EDR agent but also things like the Internet of Things, guest networks, or rogue devices. We definitely have visibility into all network traffic, which is very cool. They also provide a DNS firewall, so that is pretty key. These days, with zero trust, you have to assume a breach at some point. It is sad but true. Even folks like CrowdStrike, who are not necessarily getting compromised, are falling victim to their own internal processes, so having multiple layers of protection is certainly beneficial. With a DNS firewall, even if something were to go haywire, such as an intruder breaches the perimeter and gets onto an endpoint, or somehow the endpoint itself fails to be effective, we still have the ability to block those command and control hubs. That is pretty key.

Cloud monitoring is another thing that we found valuable in addition to host endpoint protection. We also have cloud monitoring in addition to the host-based agent, the secure DNS, the network intrusion detection, and the network compliance that sits on-prem monitoring all traffic. We are able to ingest all the events for all the top services, such as Microsoft 365, GCP, AWS, Dropbox, Salesforce, and ServiceNow, and make sure that we are looking at the entire distributed footprint of an organization and not just a particular endpoint or a particular office, so it is very comprehensive.

On top of all of that telemetry being captured, we have the Field Effect security operation center. Their SOC analysts are awesome. They are very flexible in terms of particular rules, which might change from organization to organization. They are able to take those particular provisioning or service definitions and still remain very responsive and according to our service level agreements. We found their SOC to be incredibly engaging. That is on the service delivery side.

We are a channel partner of Field Effect. We deal with a lot of products, but Field Effect has certainly distinguished itself as being a stellar partner. They are not just providing us with fantastic products, which are highly effective, they are also helping us. They are helping our clients. Their partner team or their marketing team helps us with go-to-market activities. It has been a fantastic relationship.

The interface is perhaps the weakest part of the entire platform, and that does not mean that it is deficient. It is just not as optimized and as efficient as other aspects of the platform. Given their background of coming from the offensive security side of things, understanding how attackers are going to operate, and having played that role in their previous careers, they have built a great platform that understands what to look for. Their threat detection, rules, and their correlation engine are amazing. They have very high accuracy. That is built throughout the platform. From the technology side, because of their experience, they know what to prioritize in terms of their development roadmap, so they get the best features out as quickly as possible, which is fantastic. There is comfort in knowing that our protected environments will be well safeguarded by the entire platform, including their security operation center.

The weak point, particularly as an MSP, because we have multiple IT clients, is that we need a multi-tenant type of interface. We need a single pane of glass that allows us to manage all of our clients, including our own tenant for our own internal use. Their web console has seen some development over the past couple of years. Their focus was perhaps not as much on the user-facing side of things as it was on the core technology or the actual cyber defense side of things, so we have had some points of challenges over the past couple of years. Over the last six months, however, there have been some pretty drastic positive changes to the user interface for the web console or the web admin console. The interface is a lot better, but there are still some gaps that we would love to see getting filled. For example, we would like to be able to export all data grids to CSV so that we could bring them into some other format to do data analysis outside of the web console. That is still a bit hard to do. However, they have added so many other quality-of-life, user efficiency, and multi-tenant management features over the last six to nine months that the interface is now much better. It is a highly usable interface now.

Field Effect MDR is a compelling platform because it is not monolithic. It is distributed, and it is layered. You have the host, DNS, network, and cloud. They have something called SEAS or Suspicious Email Analysis Service, which is awesome because everyone is suspicious of emails, perhaps even multiple times per day. If you multiply that by multiple clients and the number of users per client, you can imagine the volume of tickets that we get within our company to know if it is a phishing email. Having that service from Field Effect where they ingest an email reported by an end user and do the analysis to determine whether to trigger some sort of incident response action or to ignore it because it is legitimate. Having that is amazing. Where they have a gap currently is that they have their telemetry coming from so many different areas of an organization. Field Effect MDR is basically collecting all the data that a SIEM does. I guess to the Field Effect SOC, Field Effect MDR is a SIEM, but a lot of those SIEM capabilities are not fully exposed to end customers or MSPs, such as MSSPs or MSPs like my company. It would be awesome if somewhere on the development roadmap, they continue to evolve the platform and expose more of the native SIEM functionality so that it is available to end customers and not just to the Field Effect SOC.

The UI and SIEM capabilities are two main things that I would love to see. That would make it a slam dunk. They would then cover everything. They have a holistic security defense platform. They have log retention. They have MDR capabilities. Those are massive checklist items in an organization's cyber defense footing. An organization looks for things like compliance assessments, cyber insurance, and cybercrime coverages.

I would certainly love Field Effect to continue to be very judicious in expanding its precious development resources in the pursuit of market competitiveness. I imagine their competitors seeing the success that Field Effect MDR is having with their holistic approach, so I would expect more of that from their competitors. I see them providing a one-stop-shop type of solution. It would be incumbent for Field Effect to continue driving the initiative by expanding its universe of products and services. It would be interesting to see other elements from them that lead to good cyber hygiene. As an IT MSP or MSSP, one of the big challenges for us is a simple thing like patching. We have tools where we can pretty confidently patch operating systems such as Microsoft Windows, Linux, and macOS, but we are not able to patch third-party applications with a high success rate. That is due to a host of causes, some of which are user-driven but a lot of them are platform-related. It would be awesome if Field Effect started to include features like patch management into the mix so that we could leverage the ubiquity of Field Effect MDR to tackle one of our highest service delivery challenges. We are already using some third-party application patching tools, but even with multiple of them in play, we are far below our desired success rate for monthly application updates. I would love to have another layer to that mix to help improve our patch compliance rate. 

I have recently been exposed to an application allowlisting platform. It is very capable, and it is solving some specific needs, particularly for companies that are trying to maximize their cyber insurance spend. If you have application allowlisting deployed, some site insurers are willing to provide more coverage or reduce the premium for those clients. They see that as a very positive or defensive posture and are willing to incentivize it. Currently, Field Effect MDR does not have any form of application allowlisting capability. It would be interesting to have it added to the platform in some fashion. That would be great. The host agent in Field Effect MDR is kernel-based, so it is already well-positioned to do things like application allowlisting.

I believe it has been just over two years.

You have occasional issues with a new hire who might be just out of training, but that is very rare. The majority of times that I contact Field Effect support, I get an analyst who not only seems to be very knowledgeable about our particular deployments but is also aware of the platform and the landscape. The analyst is able to create a nice little intersection of all of those to help provide the best direct guidance for a given situation. I found them to be very effective and responsive.

They follow the sun. If we get after-hours alerts, we are still able to get hold of Field Effect SOC analysts to help us triage or respond to high-sensitivity or high-severity events. Because we are a channel partner of Field Effect, in addition to contacting support directly, I often copy our partner success manager to keep him in the loop regarding what is going on, so we usually get a very good and fast response from Field Effect support. When we have supercritical issues that require immediate and most senior attention, it is awesome to have a champion within Field Effect who knows us. We meet with our partner success manager at least monthly, but often, it is biweekly. It is great having a champion within Field Effect who can immediately escalate issues important to us or our clients. They are great, and they are greater when we get our partner rep involved.

In terms of rating, I hate giving out tens because it does not leave room for growth. I am going through SOC 2 and HIPAA compliance certification right now. I just went through this exercise of documenting all of our vendors and all of the systems that we have running. There are over a hundred, and some of those are packaged applications that we just buy. We are just using them off the shelf. With many of them, however, it is a channel relationship where we are a partner or a reseller, and we have an account rep or some sort of extended relationship, or business development relationship with a provider. Among all of our providers, I can confidently and unconditionally say that Field Effect is the best, so based on that, I would rate them a ten out of ten.

Positive

I was a part of our internal pilot, and I remember us taking a while to get the network appliance deployed. That was not because of Field Effect. When we first partnered with Field Effect, we were unfortunately still in the depths of the pandemic. This would have been 2022. We were just coming out of things. We wanted to do a pilot to evaluate it. We were doing our due diligence, but at the time, common shipping carriers were experiencing massive delays. There were transport delays and supply chain issues. Everything was up and down, so it took a while for us to get our appliance. That also caused a delay or lag in implementing the pilot. It was not due to any fault of Field Effect, but it took us a while to get Field Effect to the point where we could even begin to evaluate it. We finally got it installed and got a feel for it. 

Field Effect MDR has multiple layers. We had just come from another tier-one Magic Quadrant solution. It was also an MDR solution, but it only allowed us to have host-based agents installed. The only thing that was on the network was an appliance to collect agent telemetry that could then feed it to a SIEM. Prior to Field Effect MDR, we had to do a bunch of things with Linux boxes and so forth. It was a one-off per client to do things like SIEM integration, whereas Field Effect, out of the box, gives us multiple layers of telemetry, host, network, DNS, cloud, and email as a trailing indicator. That immediately allowed us to have much greater visibility. We had 360-degree visibility of a protected environment. That was something we had not expected or anticipated. We probably heard it during the early demonstrations and overviews from Field Effect, but we did not fully comprehend it. When we got our hands on the platform, it was pretty evident, very early on, that the platform was superior. It took us a bit longer to then do some field testing to make sure that the technology was working as well as we thought based on what it was reporting and doing. 

We then started doing some pilot tests. We did pilot tests at two clients initially and then at around five clients before we fully committed to the platform. There were upwards of 500 to 750 managed endpoints in this due diligence plus pilot phase. That was when we got to evaluate the SOC because we started getting a significant volume of alerts and AROs. We were then confidently able to say that the platform is awesome. It has multiple layers. It is distributed. It is 360 degrees. It is holistic. Their SOC is effective. They are quick. They are responsive. They are capable and competent, and they are tailored. Each client can have a different service profile, so we can adjust how aggressive or passive we want to be in a given environment based on client requirements and our requirements. That took a while to discover but not due to any failings of Field Effect. It takes a while to go through all of that due diligence and all of that hands-on testing.

Within the first quarter, we were convinced of the capability of the platform. So, after an initial sales cycle or a partnership cycle of maybe two to three months, and then another month and a half of just COVID-related shipping supply chain delays, we could get everything we needed to set up our initial due diligence environment.

A top-tier competitor to Field Effect in Magic Quadrant that we had been using until our switch to Field Effect was a great product, but each capability had an additional charge. We had to license modules separately, and each of those add-ons had to be added onto its own consumption and agreement. It was a nightmare from a billing perspective because we had multiple agreements, and each one had a jagged anniversary or a renewal anniversary. It was a nightmare, whereas Field Effect MDR is one product.

To a colleague who is interested in a cybersecurity solution but says they have never heard of the vendor Field Effect, I would ask if they have heard of CrowdStrike. Have they heard what CrowdStrike did just a couple of weeks ago? Name recognition is not necessarily the be-all and end-all. I am a motorcyclist. I am a car nut. I watch F1 which is a walking billboard of security providers. You have Darktrace. You have CrowdStrike. You have even Bitdefender out there. You have Webroot out there. You have all these folks out there. Some of these are very recognized brands or names. Are they effective forever? No.

We have had very well-recognized platforms that were horrible to operate. They were either ineffective at doing the job they were supposed to do, or they were not highly interoperable, causing lots of problems with particular operating systems. I remember an issue with the Mac platform with a very low-cost and ineffective platform. That caused us to abandon it and use a different platform for Macs because it was highly problematic. Name recognition is great, and one day, Field Effect might be up there as one of those top-tier brands where upon seeing the Field Effect logo, people would say that they are in security, they are top-tier, and they are in Magic Quadrants. It is just a matter of time. 

I would encourage people to do their due diligence and get referrals from Field Effect about partners like me or end customers. Run a pilot. Run a proof of concept. Get the product. Run it for yourself. Try it in the field. Field Effect has been pretty generous at least to the partner community. I do not know what would happen with direct customers for this, but with their channel partners, they are very willing to allow a bit of latitude in making sure that Field Effect is the best fit for an organization. So, name recognition is great, and it helps to shorten that initial introductory meeting because you already know a lot about the company. That is fantastic, but that is merely the start of the relationship. It is not the end. It would be nice if Field Effect had better name recognition, but let us look at the merits of the platform, the capabilities, the success, and the effectiveness of the platform and base our decisions on that.

It is a highly effective platform, but they have room for improvement. I would rate Field Effect MDR a nine out of ten because they have room to grow, but where they are right now is amazing. It is so much ahead of what a lot of other Magic Quadrant providers are offering, particularly in terms of the price point, the simplicity of consumption and billing, the robustness of the partnership, the effectiveness of the partnership, and the scalability that it allows our internal team to have.

It is a part of our security stack to help identify any vulnerabilities for our clients.

It is very important that Field Effect MDR is backed by experts who are constantly monitoring for attacks and risks. The main reason we went with Field Effect was the experience that the CEO brings and the experience we had with the team. Their process for educating us was another reason.

I do not have direct access to its user interface, but I have heard from the team that it is very easy for them to access and see alerts come in. They found it very easy.

We could see its benefits pretty much right away. We started getting the alerts as soon as we started using it. We started to receive alerts on areas that we needed to address right away.

It definitely adds a specific layer of protection. I would not want to be without it, but it is not the only piece that we would use to proactively protect all our threat surfaces. It creates a very good layer, and for myself, the team has been a good access point to be able to get information and share that with clients too. That has been a big help for me. Compared to other software that we use, whenever we need assistance, they are the easiest ones to work with. We can get immediate assistance through chat.

Field Effect MDR helps our security team save time. We do not have to monitor a lot of things and go digging behind the scenes. They are doing that monitoring for us. It has almost added an employee who would have been doing that work for us. It has probably cut down on a third of our workload.

It informs us of the threats that matter and how to address them. We get alerts on even small issues that we do not need to address immediately. It helps to keep such things in the front of mind so that we can plan and schedule. It feels like it has made our operations run smoother because it is alerting us. Instead of just leaving it, we can schedule an update right away. We are addressing things right away. If an immediate problem comes up, we can deal with it as soon as possible because we have already scheduled something smaller, like an update.

Field Effect MDR gives us recommendations on how to reduce our risk. If there is something like a shared folder and they are seeing multiple accesses or credentials, they send us recommendations. We can let the client know as well about those recommendations. These recommendations are very important because our staff does not have to spend time thinking of a solution. The solution is already presented to us. We may add to the solution, but we do not have to spend time looking for a solution.

The alerts that we get are valuable. It notifies us if there is any attempted access and if there are any areas where we need to create more security for clients. It is stopping anything from happening before there is even an issue.

It does not replace everything we need. If they can include an email filter system, that would be great.

We have been using Field Effect MDR since January. We signed up in January. It has been about seven months now.

I have not had any issues with stability. We found the system very quick to reload and send us updates. We found it very quick.

It has been good. We are a growing company. As we are growing, we found it easy to grow with us.

When we see an alert come in and we are trying to find a solution for the client, we sometimes ask for help from the Field Effect team. If we already have the solution, but we are running into any technical difficulty deploying it on the client side, typically, they walk us through that.

I would rate them a ten out of ten.

Positive

This is the first time we are using a product like this. 

Field Effect MDR did not replace any cybersecurity solutions. It added to our cybersecurity solutions. It was something we had to put in place, and we feel that we went with the right company.

It is deployed on the cloud. Its deployment was easy. It was done within the first day. It was very quick.

You can use a team, but we had one person on our team deploying it.

We worked with one consultant through the day as we were deploying it, and he was pretty much available to us although we only needed him for an hour. It was very easy to deploy the rest.

We have not found any maintenance after deploying it.

It is on the high end, but it is worth it for the service that you get from them.

ThreatLocker was a solution we looked at. The reason we did not go with them was that first of all, we did not find their onboarding process as thorough as with Field Effect. The price was a bit of a factor as well. I feel that Field Effect negotiated better with us.

The team is awesome. From a personal perspective, I have done a lot of webinars and different events with the team itself. They have been great at communicating about the product. I would suggest going and signing up for a webinar because they really explain the product well through that. The team will reach out to you after the webinar and follow up and get to know you as well.

To those considering Field Effect MDR, I would advise making sure that your client knows that you are very likely going to uncover some things that you may need to remediate right away. You just need to prepare them. Typically, they are not monetary changes. There may be some policy changes that you have to make within the company. Have that conversation with them so that they are prepared and flexible with those changes when they come.

I would rate Field Effect MDR a ten out of ten.

We mostly install Field Effect MDR on every client that wants security with us. They are our main partner for all security software. A client of ours with Field Effect MDR is less likely to be a victim of a cyber incident. Most clients we have that are covered by Field Effect MDR will be blocked before any damageable attack occurs.

Field Effect MDR provides workstation coverage, user account protection with Microsoft 365 and Google Workspace, and on-premise device management for network security. It offers DNS firewall capabilities for web filtering and prevents unwanted device connections. The system also includes proactive alert reduction, streamlining alerts for better management, and provides notifications for typosquatting threats.

Some resources lack experience, but issues can be escalated to more knowledgeable contacts. Pricing needed improvement, which was addressed by reducing the buying cost recently. Like any product, some minor improvements are needed, but overall, the company is responsive to feedback and working on enhancements.

I have used Field Effect MDR for the past year.

Field Effect MDR provides real human support, which offers precise instruction and guidance. This distinguishes it from most other EDR software, as it efficiently reduces alert fatigue by consolidating information.

Positive

We adopted Field Effect MDR and replaced all other EDR/MDR products we had prior to using it.

Pricing was initially a concern, but the recent updates have resolved that by offering a more accessible buying cost.

Potential users should speak with their IT specialist or distributor like Millennium Micro to access or learn more about Field Effect MDR. I would rate the overall solution a 9 out of 10.

We are an IT Company that manages many other companies in different industries, like Healthcare, banks, federal, provincial, and private companies. It's highly important to keep them secure and that starts with us not getting hacked. After a lot of internal brainstorming and research, we chose Field Effect MDR. We have systems across different platforms like M365, Zendesk, and Accelo and we need to ensure these systems are totally secure and only accessed by our own team. Before we had this, we didn't have 24/7 monitoring.

Prior to having Field Effect MDR in our organization, our security stack was basically a policy. We had instructions such as "Don't click the link, don't bring your device outside your sight, don't put your login info here or there," etc. It always relied on our team to follow through and make sure they were doing the best they could. 

With this tool, we can entrust access to platforms to be managed by an AI algorithm that learns how we work and use our resources. 

Furthermore, while we will still be careful, instead of relying on a written policy and our team, we have a 24/7 AI + SOC Team behind us to ensure that we're staying secure. 

The feature I've found the move valuable is the 24/7 monitoring. We are a small organization that supports a LOT of endpoints and clients. Without this tool, it would be impossible for us to confidently tell clients that we are secure. 

Alongside this, the ability for Field Effect to make decisions on its own based on what it has learned from all the "training data" that we have provided in the past. It will only get better over time. We have had some false positives; for example, using a legitimate networking scanning tool from the terminal has been blocked. However, we were actually impressed when something so simple was caught!

Before Field Effect all we had was policies and all we could do was rely on our team members to make the right decisions and not compromise any systems or information. 

I'd suggest that Field Effect focus more on including things like phishing simulation and cybersecurity training. We always talk about a triangle of people, process and technology to solve any business problem. Field Effect has done wonders at covering the technology aspect of this triangle, however, to truly be a cybersecure organization, you need your people and processes to be just as secure.

I've used the solution for four months.

The solution is very stable; it does what it is meant for

The solution is really easy to install and you can use it in an organization of as little as five to as much as 1000 employees.

Support is very reliable. They answer us very quickly over email.

Positive

We used services like antivirus, EDRs and software like Office Protect, yet had no other MDR in the past.

The initial setup was very straightforward. It was connected with M365 and it was set up very easily .

We set up the solution with the vendor team and they had good knowledge and provided us with the best possible solution.

The ROI is at least ten times of its monetary value and unlimited in reputation protection.

It's worth the price. If you are paying $2000 a year to have this setup, it can save millions of dollars along with your company's reputation.

we also considered Huntress. We find Field Effect is way better.

Once you start using it you wouldn't look for another MDR.

We are an IT-managed service provider, offering comprehensive IT solutions to our customers, including robust cybersecurity protection. One key element of our Security-as-a-Service stack is Field Effect Covalence, which provides continuous 24/7 vulnerability scanning.

We understand that our clients expect us to protect them from external threats. However, this presented two challenges. Firstly, this level of security wasn't included in their standard service desk or network monitoring contracts. As a result, providing this unbilled service significantly increased our risk exposure. Therefore, we sought a solution that could both effectively safeguard our clients and mitigate risk for our own business, without compromising service quality. Field Effect Covalence is perfectly aligned with our needs in this regard.

Typically, we deploy an appliance at our clients' main locations where significant foot traffic is present, ten individuals or more. This local appliance monitors all firewall traffic and synchronizes with the cloud-based Covalence platform. Additionally, every endpoint device has a Covalence agent installed that regularly checks in, enabling us to perform web DNS filtering. This prevents endpoints from accessing unauthorized or potentially harmful categories. We also monitor clients' 365 or Google Workspace accounts for potential malware threats, including SharePoint environments. This comprehensive approach, implemented at both physical locations and remotely through the cloud, ensures effective threat scanning and detection.

The expertise behind Field Effect Covalence is crucial. Its team constantly monitors for cyberattacks and risks, offering an immense advantage in today's landscape saturated with new, competitive cybersecurity companies. Our core partners at Field Effect, with their backgrounds in cybersecurity and collaboration with Canadian intelligence services, provide invaluable insights and protection for our Canadian business clients. As former security professionals, their capabilities and dedication inspire complete trust.

Managing cybersecurity vulnerabilities has become effortless with Covalence. Unlike traditional solutions, which simply dump a mountain of alerts and potential threats on us, Covalence takes the burden off our shoulders with its managed detection and response service. Their advanced filtering removes the noise and prioritizes genuine threats, saving us valuable time and effort. This streamlined approach lets us focus solely on addressing critical issues and ensuring the safety of our customers.

Every day, we rely on the tagging system. Recently, we had a client who traveled from Africa to Europe and then back to Canada. The system immediately flagged this activity, alerting us to the logins from different locations. Having this awareness is crucial, especially compared to the risk of compromised credentials in vulnerable countries to threats originating from elsewhere in the world. The tagging system consistently proves its value, and we proactively patch vulnerable third-party applications thanks to its insights.

Covalence represents a significant advancement towards a unified cybersecurity solution that actively safeguards all our threat services. It continuously provides round-the-clock vulnerability assessment and scanning. However, it's crucial to complement this service with additional measures like password managers, end-user cybersecurity training, and multi-factor authentication. Therefore, I'd say Covalence covers roughly 80 percent of what we need to keep our customers secure, making it an ideal complement to other aspects of our Security-as-a-Service offerings.

Implementing Covalence has significantly improved our security team's efficiency. The proactive approach it fosters allows us to identify and counter potential threats before they materialize, unlike the reactive post-incident response we used to employ. The immediate notification of malware or lateral movement has been invaluable, with Covalence successfully intercepting such attempts on several occasions. Consequently, since deploying Covalence for our customers, we haven't experienced a single major cybersecurity incident. While it's true that our service desk team now dedicates more time to proactive maintenance, this translates to long-term time savings. Without Covalence, a significantly higher number of incidents would be inevitable, potentially damaging our reputation and causing days, if not weeks, of disruption while we handle incidents and mitigate threats. In summary, Covalence has saved us resources, personnel, and, most importantly, reputational damage from cyberattacks.

Covalence keeps us informed about cybersecurity threats and how to address them. When an alert is triggered, it automatically integrates with our existing ticket system and generates a checklist of mitigation steps and recommendations. We simply follow these instructions to handle the threat. However, if we need further information or assistance at any point during the mitigation process, Covalence's team is readily available. They provide immediate phone support and actively help us overcome any challenges we encounter.

Every month, we receive a set of personalized recommendations for each client and their devices. These recommendations cover everything from updating Windows core operating system patches to addressing vulnerabilities in specific third-party applications. By working through these notifications, we keep our clients safe. With 1,800 endpoints and a wide range of applications, such personalized recommendations are critical. Manually tracking vulnerabilities across every piece of software would be impossible. Therefore, having a system like this in place is crucial for saving time and reducing risk.

Covalence has been instrumental in transforming our security posture. It propelled us from a conventional network monitoring help desk to a leading, security-first managed service provider in Ottawa. This shift puts us head and shoulders above our competitors and has truly revolutionized our business. With Covalence in our arsenal, we've been able to renew and expand existing three-year contracts with all our clients and win significant new business by offering this cutting-edge security solution.

The most valuable features are Actions, Recommendations and Observations, which keep us informed about existing vulnerabilities so we can proactively update our endpoints and those of our customers against potential threats. Suspicious Email Analysis Service is another standout feature, allowing customers to report suspicious emails and receive professional analysis from our security team, ensuring they don't click on harmful links.

It would be incredibly valuable to have the Field Effect team handle some of the third-party application patching they're currently identifying. While it's fantastic that they're proactive in this area, the time commitment is significant. Integrating patching into their existing service offering would be a game-changer.

I'd love to see a tool that aids sales discovery efforts when we engage new clients. Ideally, this internal tool would scan their network environment to identify potential risks and give us a comprehensive picture of their network infrastructure. This would be a huge asset in informing our sales strategies and showcasing our expertise.

I have been using Field Effect Covalence for two years.

We haven't observed any stability issues with Covalence integration. Among our clients are many who run critical business applications, such as healthcare and legal software, placing significant demands on their networks. Initially, with such demanding environments, we had concerns about introducing a vulnerability scanning solution like Covalence, potentially impacting network performance. However, we've found that Covalence has zero impact on performance. Our clients haven't experienced any performance degradation on their networks with Covalence in place.

Covalence is highly scalable, accommodating a wide range of client needs. They offer different appliance sizes based on the number of endpoints a client manages. Most clients find themselves within the first two tiers: one to 25 endpoints and 25 to 100 endpoints. However, an enterprise tier exists for larger clients. Scaling up is seamless. Clients simply inform their account manager when their needs increase and the appliance can be easily upgraded to handle a higher number of endpoints and traffic. For example, one client recently opened a new store and promptly acquired an additional appliance for the new location. Maintenance is minimal. The software agent automatically pushes and upgrades all endpoints whenever a new version is released, requiring little intervention from clients.

We've collaborated with Field Effect's technical team on numerous occasions, primarily in troubleshooting situations. They routinely notify us of offline appliances or configuration inconsistencies, and we work together to resolve these issues promptly. In instances of malware detection, we may solicit their expert advice on mitigation strategies. Their support team consistently exceeds expectations. Their responsiveness is immediate, consistently connecting us with the right personnel to address our concerns. In short, their service is exemplary.

Positive

We previously depended on basic firewalls and antivirus software, without utilizing cloud-based solutions or MDR.

I spearheaded the selection, implementation, and deployment of the solution. The initial rollout was smooth. We deployed it to our PSA system, ConnectWise, which functioned well for a year. Then, we migrated to Kaseya's Autotask, and the integration went very smoothly. It was fantastic to automate pushing Covalence agents using our RMM solution. Every morning, it checks clients for endpoints without the surveillance agent and targets them for automatic deployment. Essentially, any device in the environment without the agent will be equipped.

Deploying Covalence fully is remarkably quick. After internal environment testing, the entire process – including physical appliance installation, agent push, and integration setup – typically takes only an afternoon or just a few hours. It's surprisingly straightforward. We regularly onboard new clients by deploying Covalence in this way, and it consistently takes around two hours. The simplicity is truly remarkable.

I am responsible for ordering the hardware and ensuring its sign-off with Field Effect. One person then takes the hardware on-site for the onboarding process.

Our team handled the entire implementation process. We collaborated with the Field Effect team to ensure a smooth onboarding experience for the customer. They shipped the necessary appliance and box to us. We configured the cloud portal to seamlessly integrate with the client's existing environment, whether it's Microsoft 365 or Google Workspace. WebDNS filtering was also set up. Finally, we deployed the appliance at the customer's site without any network downtime. This involved port mirroring on the core switch for monitoring inbound and outbound firewall traffic. We coordinated with the Field Effect team to verify device visibility before commencing ARO notification reception.

Implementing the security tool has delivered a clear return on investment. Since its introduction, we haven't experienced any major cybersecurity incidents, allowing us to confidently extend nearly all existing customer contracts into new three-year agreements. This not only minimizes risk for both us and our clients but also secures business continuity for the next three years.

Furthermore, new business has surged by at least 35 percent. This growth is directly linked to businesses' heightened concern about security, a domain they often find confusing and daunting. By offering a comprehensive security stack, we've positioned ourselves as a trusted IT provider capable of effectively addressing these concerns. This has resulted in a win-win scenario for both our existing and new clients.

The pricing model is attractive. We're currently enrolled in the volume package, which offers tiered pricing based on usage. As our business grows and we acquire new clients, our account manager proactively informs us when we're nearing the next tier threshold. They suggest that formalizing the increase in service usage could be beneficial, as it would unlock a lower monthly price point. I genuinely appreciate their attentiveness to our usage and their guidance in maximizing our success. This win-win structure incentivizes us to grow, while simultaneously reducing our per-unit cost. Overall, the pricing feels very reasonable for the value we receive.

Before Covalence, we lacked any cybersecurity solutions. I evaluated major players like CrowdStrike, Blackpoint, and SentinelOne, but Covalence stood out. Since they're also located in Ottawa, we quickly fostered a close partnership. Beyond the technology itself, the care and attention we receive from Covalence's support team and partner account managers is remarkable. They actively involve us in product improvement initiatives and are always there for us when needed. The partnership feels genuinely reciprocal, which is rare in this industry.

What I appreciate most about Field Effect is the personal touch they offer. Compared to larger cybersecurity companies that just dump threats on us and say "Deal with it," Field Effect is actively there to help. They filter out the noise, so we only see the real threats, and they're always reachable when we need them. This creates a personal relationship. We know the people behind the service, not just our account manager. It's a true partnership, not just a client-vendor dynamic, and that's crucial for me.

I would rate Field Effect Covalence a ten out of ten.

Field Effect Covalence is a hidden gem in the managed service provider industry. We partnered with them early on, and it's fantastic to witness their growth, participation in trade shows, and proactive initiatives like this one to raise awareness. Having experienced its effectiveness firsthand, I wholeheartedly recommend Field Effect Covalence as the best-kept secret solution we've encountered. Any MSP would be well-served by considering them.

Organizations must avoid the need for additional resources simply to handle endless false positives and threat alerts. Managed detection and response services are designed to save time and resources with a proactive defense. Choosing a solution like Field Effect and Covalence allows us to maintain our current staffing levels while gaining awareness of vulnerabilities. This means we don't need to build a dedicated security team or hire a Chief Security Officer. Covalence takes care of it all, making it a perfect fit for an MSP. Ultimately, we want a company that's there to support us whenever we need them.

We wanted a technology partner to provide complete cybersecurity protection to our entire organization.   

In the past, we had multiple solutions from different vendors and they were difficult to manage. I wanted one vendor to protect us from top to bottom and provide a single "pane of glass" for our technical team to manage.  

 I was also looking for a vendor with a stable team of cyber specialists who were easily and quickly accessible to us for consultation on any issues or questions.  Additionally, we wanted to be billed in Canadian dollars.  

The IT team is having to spend far less time investigating cybersecurity incidents and cybersecurity "noise" and more time on tasks that drive the business forward.  

We have one cybersecurity partner who has a 360-view of all activity on our network and is able to paint a picture of behaviour and respond to suspicious activity more intelligently. The result is fewer false alarms and less time wasted by our technical team on noise and fruitless investigations. The Field Effect team of experts is an extension of our IT team.

Direct and easy and quick communication to the Field Effect cybersecurity team experts has led to quick resolution of any problems or alerts. The ARO system provides easy explanations of issues detected and simple instructions for resolution. If an issue is expected we can respond accordingly and suppress future alerts pertaining to the same issue. If we believe we have resolved an issue, the Field Effect team will verify our solution and report on the issue again if our solution does not address the problem.  

The solution could improved DNS filtering and fuller integration into ConnectWise PSA (I understand both are in the works). The current roaming DNS filter doesn't seem to be too complete and we're hoping to be able to eliminate purchases on other filters, such as Umbrella.  

The ConnectWise PSA integration is two-way but does not send our comments back to the Field Effect portal. Additionally, they have recently come out with an option that does not require a physical appliance onsite.  This will be valuable for smaller locations.

I've used the solution for over two years - since Nov 2022 approximately.

The solution has been extremely stable and predictable.

It's very scalable from the very smallest organizations to the largest.  

Customer service and support are very responsive - particularly with possible cyber incidents. We hear from them nearly immediately on urgent issues and within a day on other questions.

Positive

We had used Arctic Wolf and a bundle from ConnectWise. The Arctic Wolf product, although very complete, was significantly more expensive. The ConnectWise solution included SentinelOne but was more challenging to use as it did not have one place to look for security issues.

Initial set up was very simple and detailed instructions were provided by FE for the appliance and network adjustments. FE engineers provided white glove support.

It was done in-house as the setup was very simple.

We didn't do a formal ROI.

In our evaluation, two years ago, we found the Field Effect Covalence product and service to be the simplest to set up and pricing was lower than the other competitors.   

We have tested and implemented a few other solutions.   

We are dedicated to keeping our clients' fleets compliant and secure. Our proactive approach allows us to receive timely notifications when attention is needed, enabling us to act swiftly.

Our system highlights specific devices, files, or software that require attention and provides a CVE number detailing potential vulnerabilities and remediation steps. If you ever find yourself unsure about how to address an issue, their knowledgeable team is just a text message away. With real people ready to assist, they go above and beyond traditional security software to ensure your peace of mind.

Thanks to the MDR, it is easy for us to effectively develop policies to address vulnerabilities. By integrating Mobile Device Management (MDM) with our MDR, we can swiftly tackle detected issues. This combination enhances our cybersecurity posture and provides peace of mind, significantly reducing downtime. 

By proactively staying ahead of potential threats, we ensure our systems remain secure and efficient. This strategic approach not only safeguards our operations but also reinforces our commitment to maintaining a robust security environment.

The automated response feature is incredibly effective. For instance, we can automatically lock a Microsoft 365 account if a login attempt occurs from an unauthorized country. This proactive measure significantly enhances our security posture by swiftly mitigating potential risks. 

The system's ability to respond instantly to suspicious activities not only protects sensitive information but also provides peace of mind, knowing that our accounts are safeguarded against unauthorized access. Overall, this functionality is a valuable asset for maintaining robust security.

We've noticed that some alerts are indicating vulnerabilities that have already been resolved. While it's essential to stay informed about potential issues, the recurring notifications about past vulnerabilities can lead to confusion and may detract from our focus on current threats. 

Streamlining the alert system to filter out these resolved issues would enhance our efficiency and ensure that we concentrate on the most relevant and pressing security matters. Overall, refining this aspect would significantly improve our experience.

I've used the solution for two months now.

So far, we haven't had any issues; it's always been stable.

The solution is pretty scalable. You can go from a small company to a big company, from a local software agent to a network monitor.

Whenever we reached out for assistance or to whitelist a reported vulnerability that we knew was not harmful to our environment, we found the team exceptionally easy to work with.

Positive

We are in the process of integrating existing solutions with this new product. Rather than merely replacing what we have, this addition provides an opportunity to enhance our current capabilities.

The initial setup was straightforward.

Someone else acquired this solution for the company I'm working with.

As a technician, this question falls outside my role. That said, I recognize the significant benefits of a tool that accomplishes tasks in a fraction of the time compared to manual security methods.

The price is in accordance with the provided services.

We did not evaluate a different solution. 

You should certainly consider trying Field Effect; it is a robust solution that will soon be essential for any organization prioritizing security.

We use Field Effect Covalence for multiple cases including, our internal protection, standard client protection, and for incident response for all of our customers.

Along with the cloud product APIs & Endpoint Agents, the network Appliance can be deployed on-premises, in the cloud, and on hybrid platforms. On-premises solves for data sovereignty requirements. We have clients that use all three configurations.

The expert-backed monitoring of Field Effect Covalence is a crucial advantage. While many security products offer monitoring, it's the quality that sets Field Effect apart. Their data centers in Australia, the UK, Canada, and the US ensure real-time human oversight of traffic, eliminating the noise and false positives that plague other solutions. Having sold dozens of similar products, I can confidently say that Field Effect is the most effective and efficient in its class. Their alerts are actionable and accurate.

Field Effect Covalence is by far the easiest product to manage that I have ever dealt with.

The Action Recommendations Observations (ARO) feature of Covalence is a fundamental tool. It effectively guides people on how to prioritize tasks. "Actions" clearly indicate specific steps to take, while "recommendations" advise whether something deserves attention and what Covalence suggests doing about it. This flexibility is crucial, as not every observation translates to a problem requiring action. Some may simply require monitoring and context to determine the appropriate response. Compared to other priority systems in the market, ARO offers several advantages. Firstly, it facilitates clearer communication and understanding. Secondly, it empowers lower-skilled resources to address issues effectively, leading to cost savings. In essence, ARO serves not only as a valuable communication tool but also as a driver of profitability.

Covalence could be used as a single cybersecurity product for some organizations and it is the most important product in our stack but it is not our whole stack.

Covalence saves us a significant amount of time compared to other security systems we've used. We spend 50 percent less time managing Covalence because it eliminates false alarms. In the past, we'd constantly receive alerts that required us to investigate and ultimately dismiss as non-critical, like a door left open or a window unlocked. With Covalence, if it tells us something is wrong, it's truly wrong. No more wasted time on trivial issues. The way Covalence structures alerts and communicates information also allows us to dispatch the right resources efficiently. It automates many of the tasks we used to handle manually, taking the guesswork out of decision-making. It's as simple as following Covalence's instructions. Before, we'd have to verify the alert, determine the appropriate response, and then execute it. Covalence takes care of all that, which is a game-changer. For example, if Covalence detects an open door in a specific room, it automatically sends the right person to close and lock it. No more scrambling to figure out who to send or wasting time on unnecessary communication.

Covalence identifies and prioritizes critical threats, providing actionable intelligence and step-by-step instructions to mitigate them. This simplicity and efficiency are hallmarks of Covalence's effectiveness.

Covalence offers recommendations on how to mitigate risks proactively. While most MDR, XDR, and even EDR products simply alert us to ongoing threats, Covalence takes a preventative approach. They provide data that delves deeper into vulnerability management, highlighting outdated browsers, operating systems, and suspicious domain registrations that could be precursors to attacks. This focus on predictive and proactive measures helps prevent issues before they arise, setting Covalence apart from many other security products.

Investing in proactive security with Covalence has significantly enhanced our security posture. Preventing incidents before they occur is demonstrably the most cost-effective approach, as compared to the reactive expense of emergency response. By enabling us to address potential problems proactively, Covalence fosters a remarkably efficient and stress-free environment. This translates to happier customers, happier employees, and an overall phenomenal outcome.

I like how comprehensive Field Effect Covalence is. I like the SOC process and the customer service. There is not much that I don't like about Field Effect Covalence. Field Effect Covalence is the best product in its class, bar-none.

Field Effect mentioned including patching in their product roadmap, and that would be a significant game-changer for them. I'm not aware of any other product that offers all three functionalities: detection, vulnerability management, and integrated OS & 3rd party patching. This addition would be a major improvement and make Field Effect a truly unique offering in the market. I recently spoke with the CEO, and he expressed optimism about bringing this feature to the product. I would like Covalence to include patching.

We have been using Field Effect Covalence a little over two years.

We have never had issues with the stability of Field Effect Covalence.

Field Effect Covalence is meant for the SMB market but I have deployed the product for many enterprise clients and it performs equally well at scale.

The technical support is top-notch, super fast, and excellent.

Positive

We chose Field Effect Covalence after seeking an alternative to SentinelOne and CrowdStrike. While CrowdStrike offered robust security, its cost and size presented challenges. We ultimately desired an established solution with demonstrably greater efficacy.

The deployment is straightforward and we can usually deploy in one day.

One person is required for the deployment.

We are an integrator so we implement the solution in-house for ourselves and our customers.

Field Effect Covalence has paid for itself within six months of implementation.

Field Effect is considering revising its agreement terms. While the contract duration might change, the pricing remains highly attractive. In some cases, it's half the price of competing products, and at high volume, it can be as much as 50 percent less than CrowdStrike, for example. Covalence offers even greater efficiency and functionality, making it a more effective product with wider capabilities than its competitors. Combined with the significantly lower price, it becomes an extremely compelling option.

I have extensive experience selling security solutions in this field. I've likely marketed and implemented over 50 different products that compete with Field Effect Covalence. My experience includes solutions like Splunk, SumoLogic CrowdStrike, SentinelOne, Blackpoint, Perch, Artic Wolf, and RocketCyber, and I could readily name at least 20 more. With this background, I confidently consider myself an expert in security solutions. In my professional opinion, none of the competitive platforms I've encountered match the capabilities and effectiveness of Field Effect Covalence.

I would rate Field Effect Covalence a ten out of ten.

A minimal amount of maintenance is required. Covalence is self-sustaining.

Understandably, some people haven't heard of Field Effect Covalence. Several factors contribute to this. Firstly, the company is based in Canada, which may limit its reach in the US market. Secondly, they're still relatively young, having only been around for six years. Building brand awareness takes time, especially for a new company. However, I value effectiveness over popularity. I'd rather choose a less-known product that's demonstrably more effective than a widely recognized one that falls short in performance.

Field Effect has a proof-of-concept that boasts an incredible retention rate. While I don't recall the exact figure, it's around 95 percent of users who try it stick with it, which is truly remarkable. It's a phenomenal outcome that speaks volumes about the power of Covalence. Sometimes, the best way to understand its impact is not through detailed analysis, but simply by experiencing it firsthand. Install the POC and see. Field Effect Covalence is phenomenal, and you will love it.