Security Incident Response Features

Read what people say are the most valuable features of the solutions they use.
98e07bdd 6879 467e 9089 75c6cc651d69 avatar
Philip Fong uses Carbon Black Cb Response
Technical Support Specialist at a financial services firm
The ability to isolate an endpoint with only the host name and a click of a button is a major time saver. No need to go hunting for an IP or typing in terminal. View full review »
D1dddb74 137c 4a1d 9b7f 9ae7f47a4faa avatar
Leonardo Meneses uses Carbon Black Cb Defense
Incident Response Analyst at a security firm with 51-200 employees
The go live, because it is possible to answer incidents while they are still occurring and minimize the effects. View full review »
Anonymous avatar x60
Philip Lord uses ServiceNow Security Operations
Sr. Global PLM Project Manager at a manufacturing company with 1,001-5,000 employees
Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence. View full review »
307b9f1d e0aa 4cb6 b222 8c4dd03282d1 avatar
Daniel Eakin uses Rsam Security Incident Response Platform
Information Security Engineer at a financial services firm with 1,001-5,000 employees
The customization and the transparency of data, while still maintaining a mostly user-friendly UI. It allows for me, as an engineer, to evolve the individual components and modules, and to create a much more meaningful picture than the individual pieces in isolation ever could. View full review »
Anonymous avatar x60
Brody Wright uses Carbon Black Cb Defense
System Analyst
* The software uses very few resources; it is almost invisible to the end user. * Behavioral Monitoring stops known malicious events before they even begin. * The whitelist: Being a Casino, we have some odd software packages. Being able to whitelist them is a must. * The option to quarantine a device and use the cloud-based portal to gain a “shell” on the infected machine. With this, we can dump the entire system memory to a machine in our lab, then run analysis. View full review »
Anonymous avatar x60
ITSecuri7cfd uses Fidelis Enterprise
IT Security Coordinator at a healthcare company with 1,001-5,000 employees
IPS and reporting. It catches more inline than the FireEye NX even looked at. It has a rating system now so you can rate things up or down, depending on your environment. This means alerting can be customized, yet still pick up anomalies. Reporting has been great and it is easy to do a quick search through 45 days of data for something of interest. View full review »
91230297 eaf1 45b9 aae1 03469633f130 avatar
Amit Lavi עמית לביא uses SECDO Platform
Co-Founder & CEO at a marketing services firm with 1-10 employees
* Full endpoint visibility * Records everything! Every endpoint. * IOC/BIOC rules * It basically automates the entire alert investigation process. View full review »

Sign Up with Email