We performed a comparison between IBM Resilient, SECDO Platform, and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."The initial setup of IBM Resilient is not that complex since my company already has a support license that we use internally. In general, the product's deployment phase is not that complex."
"As a whole, the product is stable...Technical support is very good."
"IBM Resilient is scalable."
"The solution is simple to use and to integrate with IBM QRadar."
"The solution is reliable in our usage."
"What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."
"The UBA, User Behavior Analytics, is very good."
"The solution is very easy to use."
"The ease of deployment is a valuable feature."
"Technical support is great. Palo Alto is extremely helpful and responsive."
"It basically automates the entire alert investigation process."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread."
"The most valuable features are the threat-hunting and the batch console."
"We are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts."
"Integration and scalability are the most valuable."
"The most valuable feature is its ability to seek out abnormal activity and to create alerts."
"The detection response and quarantining are very good features."
"This product could be improved with better customization. This product isn't the best on the market like QRadar, but it's actually a good solution. However, some competitors' solutions contain more integration, support, automation, or flexibility."
"The integration could be improved so that it is easy to integrate with other solutions."
"The tool needs to improve its documentation on license scripts."
"The product needs a bit more development."
"The ability to analyze incidents needs to be improved in the solution."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."
"The implementation could be a bit simpler."
"The price should be reduced in order to be more competitive in the market."
"Maybe the notifications setting could use a simpler setting."
"Many will try to use this as an out-of-the-box solution, however, it needs to be configured to fit what a company would like to do with it."
"The cloud console has a lot of bugs and issues in the analysis part."
"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."
"We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"Additionally, it is complex to use, and the pricing should be improved."
"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
Earn 20 points