Popular Comparisons As long as the machine is connected to the Internet, and CrowdStrike is running, then it will be on and we will have visibility; no VPNing in or making some type of network connection. CrowdStrike always there and running in the background; for us, that is big. We wanted something that could give us data as long as the machines connected to the Internet and be almost invisible to the employees.
Popular Comparisons The automated static analysis of malware is the most valuable feature. Its detection abilities are very good. It hits all of the different platforms out there, platforms that see the items in the wild.
Popular Comparisons ThreatConnect has a highly user-friendly interface.
The most valuable features are ease of use and the ability to customize it.
Popular Comparisons The most valuable feature is alerting.
The feature that I like best is the dashboard.
Popular Comparisons The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious.
Popular Comparisons As a threat intelligence tool, it's very helpful.
Popular Comparisons It's great at alerting users to attempts at phishing and suspicious domains.
Find out what your peers are saying about CrowdStrike, ReversingLabs, ThreatConnect and others in Threat Intelligence Platforms. Updated: April 2021.
476,483 professionals have used our research since 2012.
Use our free recommendation engine to learn which Threat Intelligence Platforms solutions are best for your needs.
476,483 professionals have used our research since 2012.
See all 44 solutions in Threat Intelligence Platforms
Advice From The Community
Read answers to top Threat Intelligence Platforms questions. 476,483 professionals have gotten help from our community of experts. | Ludwing Caviedes VP Innovation and Development at Coinsa SAS |
I'm a VP Innovation and Development at a small Tech Services company. Is it possible that a single vulnerability analysis software does not detect the entire spectrum of threats?
See all 7 answers »
Find out what your peers are saying about CrowdStrike, ReversingLabs, ThreatConnect and others in Threat Intelligence Platforms. Updated: April 2021.
476,483 professionals have used our research since 2012.
No single product will detect all vulnerabilities. That is why in security we use the concept of "defense in depth". So for example, on the outside of the network, at the Internet/Enterprise edge, we should have a Next Generation Firewall (NGFW). Palo Alto or Cisco Firepower for example. These firewalls contain excellent vulnerability scanners, as well as URL filtering, DLP, anti virus, malicious file blocking, etc. Inside the network you want to protect endpoints with something like Symantec Enterprise Security. And you want to regulate access to switchports and wireless with a NAC, such as Forescout or ISE or Clearpass, among others.
When managing these various products, be sure to turn on all the automation you can. Human eyes are too unreliable and even the best teams will miss something. You also need to be sure to allow the products to drop packets containing threat vectors, send resets to hostile actors, etc.
And it goes without saying that if you don't lock down physical access to your networking equipment your network is toast anyway.
Short answer: No. Long one: start with vulnerability assessment for your key systems. These are: a) anything accessible to the Internet, b) your end-user devices (PC, laptops, mobile). To cover these two (and more), I can recommend Qualys which we have been using, designing and managing for 20 years now. Additionally, to really get your external perimeter clean (that includes DNS and email), I strongly recommend Hardenize.
Happy to discuss in more detail as needed.
No. I think products work on vulnerability analysis have 2 streams, web application and endpoints/appliances. They don't concentrate on both at the same level. For application you can look into fortify and for endpoints/appliances you can try qualys, tenable and rapid7.
It depends on the capabilities and reliability of the vulnerability analysis tool. In case of the tool has a high reliability and a low percentage of false positives and false negatives, it may be appropriate to have a single tool.
You wont find a single tool that will report on all the vulnerabilities that can crop up in your infrastructure. Such a tool would need to cover too many areas (On-Prem or Cloud, Network, Database(s)....). A better approach is to start by assessing what you absolutely must protect to protect your business. Work out what is critical and how it can be compromised. Then select tools to help you mitigate the risks. I would also recommend using tools that give you a Risk Assessment in an easily understood format. Some tools give pages and pages of data and leave you to figure out what it all means. If your are Public Cloud based, I would suggest you use a specialist tool such as SecureCloudDB to keep track of assets as they can spin up and down very quickly in the Cloud... so they can be part of your infrastructure without your knowledge. Equally, if you're not careful, they can come and go before you have had a chance to spot them.
If such as vulnerability analysis on software or application as static code analysis or purpose of SDLC review, I think currently Checkmarx , Micro Focus or Veracode should consider to this. if this is your requirement.
What kind of 'vulnerability analysis' tool are you referring to? Static code analysis for code? If so there are a couple tools that cover most languages pretty well, Checkmark and Veracode. Or are you looking for vulnerability management tools like Qualys, Tenable or Rapid7?