Security Incident Response Features

Read what people say are the most valuable features of the solutions they use.
Jayandra Wickramasinghe uses Carbon Black Cb Defense
Senior Systems engineer at a tech services company
Carbon Black Cb Defense has a nice component called Alert Triage. It has helped to detect threats across the data. It contains full details of the process execution "kill chain" and "go live" for immediate remediation. View full review »
Leonardo Meneses uses Carbon Black Cb Defense
Incident Response Analyst at a security firm with 51-200 employees
The go live, because it is possible to answer incidents while they are still occurring and minimize the effects. View full review »
Brody Wright uses Carbon Black Cb Defense
System Analyst at a hospitality company with 1,001-5,000 employees
* The software uses very few resources; it is almost invisible to the end user. * Behavioral Monitoring stops known malicious events before they even begin. * The whitelist: Being a Casino, we have some odd software packages. Being able to whitelist them is a must. * The option to quarantine a device and use the cloud-based portal to gain a “shell” on the infected machine. With this, we can dump the entire system memory to a machine in our lab, then run analysis. View full review »
Consultic624 uses Carbon Black Cb Response
Consulting IT Architect
Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption. In incident response speed is of the utmost importance, as many incidents can quickly spread through the entire organization if not immediately contained. View full review »
Philip Fong uses Carbon Black Cb Response
Technical Support Specialist at a financial services firm
The ability to isolate an endpoint with only the host name and a click of a button is a major time saver. No need to go hunting for an IP or typing in terminal. View full review »
Nicholas Carroll uses Carbon Black Cb Response
Cyber Security Manager at a insurance company with 51-200 employees
The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems. We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns. View full review »
Philip Lord uses ServiceNow Security Operations
Sr. Global PLM Project Manager at a manufacturing company with 5,001-10,000 employees
Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence. View full review »
Daniel Eakin uses Rsam Security Incident Response Platform
Information Security Engineer at a financial services firm with 1,001-5,000 employees
The customization and the transparency of data, while still maintaining a mostly user-friendly UI. It allows for me, as an engineer, to evolve the individual components and modules, and to create a much more meaningful picture than the individual pieces in isolation ever could. View full review »
Amit Lavi עמית לביא uses SECDO Platform
Co-Founder & CEO at a marketing services firm with 1-10 employees
* Full endpoint visibility * Records everything! Every endpoint. * IOC/BIOC rules * It basically automates the entire alert investigation process. View full review »

Sign Up with Email