Our security posture has improved. We previously lacked intrusion detection and response capabilities, but now we benefit from regular account reviews and proactive event monitoring. Their portal provides a straightforward way to report suspicious activity, keeping us well-informed about potential threats.
We now benefit from regular account reviews and proactive event monitoring
How has it helped my organization?
What is most valuable?
It is easy to deploy, although we've only covered two of the three areas so far. We protect the endpoints and servers but haven't extended coverage to our 365 environments. The agent is lightweight but has a minor issue. It sometimes clashes with WatchGuard updates, which initially flag it as a malicious program until verified and closed through.
What needs improvement?
It could improve the customer portal and possibly reduce prices slightly. It's very good because it includes user behavior analytics, detection rules, and thorough log investigation. They also have robust threat-hunting capabilities in the backend, which is crucial for me as a one-man band in the IT department. The managed service wraparound is essential, especially with pre-authorization for incident response
For how long have I used the solution?
How are customer service and support?
Support is good.
How would you rate customer service and support?
Positive
What other advice do I have?
It's lighter than CrowdStrike, and it has met our security needs without any intrusions so far. Once our pen testers detected someone attempting to breach our security, their SOC promptly alerted me. I'm now looking to enhance our security by adding coverage for our 365 environments at a lower cost. The management experience has been quite good.
You must create a checklist to determine exactly what managed detection and response aspects you require. You may also find a blend of both solutions beneficial.
Overall, I rate the solution an eight out of ten.
