Have A Question About Security Incident Response?

Our experts can help. 279,835 professionals have used our research on 6,323 solutions.

Have A Question About Security Incident Response?

Our experts can help. 279,835 professionals have used our research on 6,323 solutions.
Chart Key
Average Rating
Average rating based on reviews
Views
Number of total page views
Comparisons
Number of times compared to another product
Reviews
Total number of reviews on IT Central Station
Followers
Number of followers on IT Central Station
The total ranking of a product, represented by the bar length, is based on a weighted aggregate score. The score is calculated as follows: The product with the highest count in each area gets the highest available score. (20 points for Reviews; 16 points for Views, Comparisons, and Followers.) Every other product gets assigned points based on its total in proportion to the #1 product in that area. For example, if a product has 80% of the number of reviews compared to the product with the most reviews then the product's score for reviews would be 20% (weighting factor) * 80% = 16. For Average Rating, the maximum score is 32 points awarded linearly based on our rating scale of 1-10. If a product has fewer than ten reviews, the point contribution for Average Rating is reduced (one-third reduction in points for products with 5-9 reviews; two-thirds reduction for products with fewer than five reviews). Reviews that are more than 24 months old, as well as those written by resellers, are completely excluded from the ranking algorithm.

Security Incident Response Reviews

Read top reviews of Security Incident Response solutions from the IT Central Station community:
Your trust is our top concern, so companies can't alter or remove reviews.
Real User
Cyber Security Manager at a insurance company with 51-200 employees
Apr 05 2018

What is most valuable?

The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems. We also took full advantage of... more»

How has it helped my organization?

The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread. Cb Response’s root-cause analysis and anomaly detection gave us... more»

What needs improvement?

Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag. In the end, other antivirus tools and log... more»
Fidelis Security Systems
Real User
IT Security Coordinator at a healthcare company with 1,001-5,000 employees
Mar 15 2018

What is most valuable?

IPS and reporting. It catches more inline than the FireEye NX even looked at. It has a rating system now so you can rate things up or down, depending on your environment. This means alerting can be customized, yet still pick up anomalies.... more»

How has it helped my organization?

Increased our ability to stop malware before it hits workstations. That ability increased by 200% due to the number of ports it monitors, over the FireEye NX product. It has also improved our hunt ability with quick search tools, to zone in... more»

What needs improvement?

The interface bug needs to be squashed once and for all. This has been the predominant issue with an otherwise stellar product. It reboots itself unscheduled, about once a month, due to a memory buffer flaw in the interface. We’ve had to... more»

Have A Question About Security Incident Response?

Our experts can help. 279,835 professionals have used our research on 6,323 solutions.
Real User
Information Security Engineer at a financial services firm with 1,001-5,000 employees
Mar 18 2018

What is most valuable?

The customization and the transparency of data, while still maintaining a mostly user-friendly UI. It allows for me, as an engineer, to evolve the individual components and modules, and to create a much more meaningful picture than the individual pieces in isolation ever could.

How has it helped my organization?

Sadly, I can’t provide specific examples due to the nature of the content of the improvements. I will say that, prior to implementation, and post-implementation, we saw a nearly 800% increase in volume of completed and correctly completed documentation in regards to specific tasks being completed. Rsam puts the workflow first, and lets the record follow it. It... more»
Real User
Consulting IT Architect
May 21 2018

What is most valuable?

Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption. In incident response... more»

How has it helped my organization?

Carbon Black Cb Response significantly reduced time to containment in the environment which enabled the isolation of incidents to single hosts or network segments.

What needs improvement?

The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation.
Real User
System Analyst
May 07 2018

What is most valuable?

* The software uses very few resources; it is almost invisible to the end user. * Behavioral Monitoring stops known malicious events before they even begin. * The whitelist: Being a Casino, we have some odd software packages. Being able to... more»

How has it helped my organization?

During the company’s transition, we had a memory scraper infiltrate our network, and with the help of Carbon Black, we isolated the outbreak to a few point of sale machines.. We saw a step-by-step account of how the software was introduced... more»

What needs improvement?

It works the way we want and how we want. For one improvement, an easier integration with an AlienVault USM appliance would be good. The directions for Splunk are spot on, but it is difficult to find anything on integration with AlienVault,
Real User
Technical Support Specialist at a financial services firm
Mar 19 2018

What is most valuable?

The ability to isolate an endpoint with only the host name and a click of a button is a major time saver. No need to go hunting for an IP or typing in terminal.

How has it helped my organization?

Cb Response is our primary incident response tool. With this product in our hands, we are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without... more»

What needs improvement?

The threat intelligence feed could use some fine tweaking. We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds. So, rather than Cb Response being able to pull the data from the feed, we... more»
User
Senior Systems engineer at a tech services company
Apr 18 2018

What do you think of Carbon Black Cb Defense?

Primary Use Case This product would help any organization to increase its detection and prevention with event investigations and immediate response to data infiltration.  • Improvements to My Organization Carbon Black Cb Defense improved our endpoint level security. It helped to identify endpoint and infrastructure loopholes. • Valuable Features Carbon Black Cb Defense has a nice component called Alert Triage. It has helped to detect threats across the data. It contains full details of the process execution "kill chain" and "go live" for immediate remediation. • Room for Improvement It would be a better solution if Carbon Black Cb Defense had an on-promise solution and a virus auto delete or quarantine. • Use of Solution One to three years. • Scalability Issues ...
Real User
Incident Response Analyst at a security firm with 51-200 employees
Mar 18 2018

What do you think of Carbon Black Cb Defense?

Primary Use Case The first case was in a financial institution with offices in several states which needed to increase the ability to detect and respond to threats. • Improvements to My Organization Provides visibility into the chain of attack and threats that use valid operating system processes to execute attacks. • Valuable Features The go live, because it is possible to answer incidents while they are still occurring and minimize the effects. • Room for Improvement Needs improvement in the area of infrastructure for on-premise installation. • Use of Solution One to three years. • Stability Issues No issues. • Scalability Issues No issues. • Customer Service and Technical Support Technical support is high level. • Previous Solutions No previous...
Real User
Co-Founder & CEO at a marketing services firm with 1-10 employees
Nov 01 2017

What do you think of SECDO Platform ?

Valuable Features Full endpoint visibility Records everything! Every endpoint. IOC/BIOC rules It basically automates the entire alert investigation process. • Improvements to My Organization We used to get hundreds of false positives a day. Now, we only deal with real alerts. • Room for Improvement I cannot think of any, as the front end is impressive. Maybe the notifications setting could use a simpler setting. • Use of Solution Four months. • Deployment Issues Not really, cloud-based has its advantages. Endpoint agents are easily deployed. • Stability Issues Not yet. • Scalability Issues Not really, SaaS has its advantages. • Customer Service and Technical Support Customer Service: Great, they have a really nice staff. Technical Support: ...
Real User
Sr. Global PLM Project Manager at a manufacturing company with 1,001-5,000 employees
Mar 12 2018

What do you think of ServiceNow Security Operations?

Primary Use Case Deployment to customers looking to vastly reduce security incident response time and have an auditable trail of the post-mortem analysis on security incidents. Reduces time to closure and closure metrics for vulnerabilities. • Improvements to My Organization It has deployed a process framework to support a commonly unstructured security operations team. • Valuable Features Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence. • Room for Improvement Process framework and best practices for ease of integration between IT and security teams via incident, problem, and...

Have A Question About Security Incident Response?

Our experts can help. 279,835 professionals have used our research on 6,323 solutions.

Sign Up with Email