What is our primary use case?
With BMC Helix Cloud Security I'm looking for the application level security and application firewall level security. I'm also looking for its service, security and incident management tools. I'm thinking from the perspective of how many technology features can be fruitfully completed by a single tool.
What is most valuable?
The features that I've found most valuable are its container security aspect. I also like its vulnerability management tools.
What needs improvement?
I think its TOA interfaces are still not that comfortable. The UI could be more user-friendly, easier to use. Now, the technical guys don't have that much time. When I'm using it on the cloud it takes a lot of time to use it manually on all the tools and to keep track of everything that's going on in the infrastructure. So if the UI interface was much better configured, it would be easier for us to take care of our devices.
Also, all the vulnerabilities should be listed out in one code telling me that out of the 100 worker nodes that I have with my organization right now, 50 are impacted with this particular vulnerability. This is one implementation that they need to do.
Additionally, it could be made more visible which integrating and ticketing tools are available. It could be better integrated.
For how long have I used the solution?
I just started the POC three months ago.
What do I think about the stability of the solution?
It is a stable product. We did not find any bugs as of yet.
What do I think about the scalability of the solution?
In terms of scalability, it is easy to scale and expand this product.
We have around 35 worker nodes using it, which include mostly IT admins, team managers, and security admins mostly.
How are customer service and technical support?
I have never been in touch with their technical support.
How was the initial setup?
The initial setup was straightforward. It is a plug and play kind of a tool. You need to have prerequisites completed in your organization or network and then everything will be plug and play.
What about the implementation team?
We had integrators on call with us. But the technical team could be able to do it by themselves.
Which other solutions did I evaluate?
Yes, we did evaluate other options, and we're still in the process of doing it more. Because everything that I'm reporting to right now is based on our POC that was done with this product
What other advice do I have?
It’s a good tool, I still need to work on it more to make it a priority.
It is a good tool to make sure that your containers are safe and sound.
On a scale of 1 to 10, I give it a 7. I give it a 7 because of the product's UI interface. I'm not the language guy, so I will have to have the scripts made to get it to play for me. I like products that are stronger from the UI interface side.
Which deployment model are you using for this solution?