Cloud Workload Security Features

Read what people say are the most valuable features of the solutions they use.
SenRegdir567 says in a Cisco Tetration review
Sr. Regional Director, US East at a tech services company with 11-50 employees
While automated micro-segmentation is in itself valuable, application dependency mapping is time-saving and efficient. View full review »
Fidel Deforte says in a GuardiCore review
Solutions Architect at Alturna-Tech
The first use case that was most valuable was the security policies and the micro-segmentation because it allows the clients to comply with their auditing requirements, keeping traffic separate internally. Additionally, it allows the security policies to be implemented in a minimum amount of time, under 10 minutes, compared to how they did it before, which took days. Those are the two primary justifications and goals of the clients. View full review »
Brice ABRIOUX says in a Cisco Tetration review
Information Security Engineer at ENEDIS
The most valuable feature of this solution is security. We check processes on the different components of the virtual machines. View full review »
Cloud Architect at Sainsbury's Supermarkets Ltd
This solution provides antivirus and can analyze and classify cloud traffic. It will read various logs, diagnose what is wrong, and then alert you. View full review »
Yevhenii Pedchenko says in a GuardiCore review
Security Engineer at INTRASYSTEMS LLC
The solution is still new to us, so I don't know if I have a list of its most valuable aspects. View full review »
reviewer1037232 says in a Cisco Tetration review
Head Cloud Workload Protection & CTO at a tech vendor with 11-50 employees
The solution offers 100% telemetry coverage. The telemetry you collect is not sampled, it's not intermittent. It's complete. You see everything in it, including full visibility of all activities on your endpoints and in your network. Other valuable features include vast support for annotations, flexible user applications, machine learning, automatic classification, and hierarchical policies. View full review »
NetworkEfaaf says in a Cisco Tetration review
Network Engineer at a media company with 1,001-5,000 employees
The most valuable feature right now is to do with having visibility on the network — especially on our servers — and to be able to enforce some type of security measures. This is mostly to combat processes that shouldn't be running on the servers. The data analytics and all the data that it gathers are very useful. It creates a fast turn around to improve the speed of decision making so we can decide what we need to do to remain secure. View full review »
Pavan Raj says in a Cisco Tetration review
Data Center Manager at Cox Communications
The most valuable feature of the solution is that we don't have to do packet captures on the network. View full review »
CTO at Aymira Healthcare Technologies, LLC
The most valuable feature is that the rule set is managed and that it can be run on a regularly scheduled basis. View full review »
Owner at SIS International HK Limited
Application Dependency Map. View full review »
Paul Liversidge says in a Dome9 review
Owner at Liversidge Consulting Ltd
The feature that I found most valuable is the ability to scan IAM, the Identity and Access Management tool, for all of the privileged accounts. View full review »
Skyler Cain says in a Threat Stack review
Software Development Manager at Rent Dynamics
The most valuable feature is the SecOps because they have our back and they help us with the reports. We jump on calls monthly to set goals and roadmaps internally for how we can secure our platform more. Their SecOps program is absolutely amazing when you do not have a dedicated resource for security. Currently, we have 57 servers with the Threat Stack agent. We have about 70 servers in total. When you get to that point and you're running microservices, there's no good way to have all that data coming in from all those servers and have a system. The Threat Stack agent is providing the data. But even if we have the data, I have no time or expertise to know exactly what to look for in a log and what should alert me. Whereas their SecOps program is experienced, they know what to look for, they can continually adjust and look at the accounts. They can understand our behavior and know that something that doesn't look good is okay or we're allowing it, and then they can filter back those notifications. It's like having an extension of your team. And then, it grows with you. If I were to hire somebody tomorrow, one security guy is not enough, but that person could directly work with the SecOps program and get up to speed, and then start taking over some of the manual toggles. And then eventually, in a year or however long, we could phase out the SecOps program. Or we could decide, no, we're not going to do that, we're just going to continue to leverage it and not built out an internal security team. The flexibility of it is just amazing. View full review »
Eric Cohen says in a Threat Stack review
Sr. Director Information and Security for PureCloud at Genesys Telecommunications Laboratories
The number-one feature is the monitoring of interactive sessions on our Linux machines. We run an immutable environment, so that nothing is allowed to be changed in production. All changes have to happen in development, and then new systems are built in production. The only thing that is allowed in production is troubleshooting, find out what the issue is, but then it has to be fixed in development. We're constantly monitoring to make sure that no one is violating that. Threat Stack is what allows us to do that. The solution's ability to consume alerts and data in third-party tools, via APIs or via export into S3 buckets, is working very well. We use the API to send monitoring to PagerDuty. And we've started using the API into other systems. We have it going out to a Slack channel, we've got some going into our automation. We're doing more and more with the alerting now. We're working directly with Threat Stack to use their APIs as they've recently been expanded. We're logging into S3 to do a little more in-depth research on what our alerts are, and we're also consuming CloudTrail events, which is a fairly recent update to Threat Stack, enabling us to alert on suspicious activity in CloudTrail. View full review »
Directoree59 says in a Threat Stack review
Director of Security at Eventbrite
We like the ability of the host security module to monitor the processes running on our servers to help us monitor activity. We want to make sure that there are no bad people on our machines. This has the ability to detect those bad people or bad processes on the machines. The rules are really great. They give us more visibility and control over what's being triggered. There's a large set of rules that come out-of-the-box. We can customize them and we can create our own rules based on the traffic patterns that we see. The rules did take quite a bit of customization and configuration right off the bat because a lot of the way that we do the release of our code and products creates a significant amount of noise. The real signal, the security signal, would have been lost in all that noise. So we had to customize the rules fairly significantly in order to filter out that noise. View full review »
Chris Murdock says in a Threat Stack review
Security Architect at a tech services company with 201-500 employees
We enjoy the AWS Config audit within Threat Stack. This allows us to quickly score our AWS accounts against known, good configurations, then receive a letter grade which is easy to understand, as well as suggestions for plans to improve those scores and remediate issues. View full review »
Kevin Johnson says in a Threat Stack review
Lead Security SRE at InVision
The endpoint security monitoring, the AWS security monitoring, ties all of these things together in a way that we can make sense of data that, before, wasn't available or tied. For example, if we have a security event on an EC2 instance, we can correlate that to a security event on AWS on the management platform. The threat detection pieces of it are our most valuable resource, and right behind them is configuration monitoring. Those are the two highest risks to our environment. In terms of using this solution for container and Kubernetes monitoring, that's a pretty new feature and it's definitely coming along. I think they're very good at it right now, and they keep adding features, so we're pretty happy with that at the moment. The tuning process is pretty straightforward. Their rule sets are easy to understand. The UI is set up in a way where it's really easy to modify false-positive alerting. It's one of the more low-stress tuning operations I've ever done, compared to other endpoint security products, or ITS-type engines. View full review »
Vincent Romney says in a Threat Stack review
Director of Information Security at Younique Products
It has been quite helpful to have the daily alerts coming to my email, as well as the Sev 1 Alerts. Anything that pops a Sev 1 comes directly to my email. Most recently we started getting those monthly evaluations and that's definitely helped us with our overall security stack, as far as how we're dealing with things in AWS. The dailies have been most helpful. We just went through a SOX audit and those were pivotal. We're using it on container to see when activity involving executables happens, and that's great. We're not using a Kubernetes at this stage. As far as alerts go, we can write our own rules. I continue to tweak rules, modify rules, etc. That's a big deal for us so that we're getting relevant information, but not miss other information. It is fairly easy to tune. The ability to fine-tune rules and write new rules is very straightforward. It doesn't take much learning at all. View full review »
SeniorNe6125 says in a Check Point CloudGuard review
Senior Network Engineer at a marketing services firm with 1,001-5,000 employees
* Traps prevention * Security on the cloud View full review »
NetworkSc612 says in a Check Point CloudGuard review
Network Security Specialist at a tech services company with 51-200 employees
Elasticsearch and sandboxing are the most valuable features. Check Point is very good for threat protection, which is our customers' primary concern. Everyday, our customers are asking about new threats. View full review »
Kellman Meghu says in a Check Point CloudGuard review
Global Manager at a tech services company with 51-200 employees
The API is its most valuable feature. On the API side, relative to the rest of the market, Check Point is decades ahead of its competitors. The APIs on some of their competitors are so archaic, they are not even usable. View full review »
SeniorNea133 says in a Check Point CloudGuard review
Senior Network Engineer at a transportation company with 10,001+ employees
It is what we use mainly for on-premise. That is really what has us using the product, as it is sort of our standard for data centers. View full review »
Shawn Nutting says in a Check Point CloudGuard review
Security Specialist at a tech services company with 51-200 employees
Lateral data center: Check Point really adds value with east-west protection in the data center. View full review »
Technoloc685 says in a Check Point CloudGuard review
Technology Security Manager at a energy/utilities company with 1,001-5,000 employees
The most valuable features would be its ability to intercept phishing emails and emails laden with malware, viruses, false links, etc. The ability to sandbox, extract and interrogate email attachments is also key to safeguard user mailboxes. View full review »
Todd Spigel says in a Check Point CloudGuard review
Senior Manager at Zensar
The ease of use and price point per user are its two most valuable features. View full review »
fhofman says in a Cisco Tetration review
Presales Engineer at a comms service provider with 10,001+ employees
The most valuable feature is the auditing. They prove that we don't have out of scope conversations between servers that are not allowed. View full review »
Sign Up with Email