Popular Comparisons There's lots of very useful documentation online to help troubleshoot and learn about the product.
The EDR and reports were helpful in improving our organization.
Popular Comparisons The detection response and quarantining are very good features.
The most valuable feature is its ability to seek out abnormal activity and to create alerts.
Popular Comparisons The product offers very strong automation. Our cyber security analysts don't have to correlate the information to detect problems. They only need to analyze problems that have been identified by the platform.
Popular Comparisons It has reduced our manual efforts to remove emails from each user's inbox, and in this case we do not have to ask our IT department or users to do so.
Popular Comparisons It's really simple and has a flexible interface.
Its flexibility is the most valuable.
Popular Comparisons The ease of deployment is a valuable feature.
It basically automates the entire alert investigation process.
Popular Comparisons 
Popular Comparisons
Find out what your peers are saying about Carbon Black, FireEye, Proofpoint and others in Security Incident Response. Updated: January 2021.
455,301 professionals have used our research since 2012.
Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.
455,301 professionals have used our research since 2012.
See all 15 solutions in Security Incident Response
Advice From The Community
Read answers to top Security Incident Response questions. 455,301 professionals have gotten help from our community of experts. | Rony_Sklar Community Manager at IT Central Station |
How does a business prepare effectively for responding to data breaches? What protocols should they have in place?
See all 3 answers »
Find out what your peers are saying about Carbon Black, FireEye, Proofpoint and others in Security Incident Response. Updated: January 2021.
455,301 professionals have used our research since 2012.
There could be multiple answers to your question based on how your environment is set up. You have edge defense (firewalls, IDS, IPS like ngfw palos and fidelis), you have endpoint like av or edr (sentinel 1 or symantec or carbon black etc). There are also various other tools out there that are apt or malware finders and ones that look at log sources..then on tracking incidents you have the servicenow /remedy side..
Incident Response Plan or Workflow
Incident Classification and Prioritisation book
The right People Process and Technology
The Playbook
Efficient SOC strategy
As the appropriate policy may vary depending on the country, business size and sector, please contact me directly at cybersec@global.co.za to provide me with your country, time zone and Skype and/or WhatsApp contact details and I’ll be happy to discuss the subject.