What is our primary use case?
We are a software reseller and managed service company, and Deep Instinct is one of the EDR solutions that we implement for our customers. It is one of two EDR solutions that we offer to our client base as a managed service and a 24/7 basis.
The primary use case is ransomware control.
How has it helped my organization?
We think of this product as a fishing net that fits into the computer and has all of the capabilities and understanding of what ransomware and malware look like. It reacts to the look of ransomware, as opposed to trying to detect it by using a signature.
In our experience, it is a whole different concept that is extremely effective.
What is most valuable?
The most valuable feature is its ability to detect and eradicate ransomware using non-signature-based methods. It is not a traditional EDR.
What needs improvement?
My primary concern is that there are elements of the MSSP model that need updating. Specifically, there are some technical controls that need to be updated and it means that rolling it out is a little bit more complicated than it has to be. If the client is working remotely and doesn't have a VPN then the deployment is difficult to do.
In the future, I would like to see additional reporting made available.
Adding a firewall would negate the need for some products by other vendors. More generally, adding traditional endpoint security features over time would mean that we would not have to support multiple platforms.
For how long have I used the solution?
We have been using Deep Instinct for eight months.
What do I think about the stability of the solution?
The stability seems to be fine. Occasionally, we have to consider the brain of the solution, which is the component agent that goes to the endpoint. It remains stable because you're only pushing it out three or four times a year. Because it is not signature or EDR-based, you don't have updates.
What do I think about the scalability of the solution?
Scalability with this product is superb. We currently have about 2,000 clients who are using Deep Instinct.
Which solution did I use previously and why did I switch?
We also work with FortiEDR.
How was the initial setup?
The initial setup is very straightforward.
The length of time required for deployment depends on the number of users that the client has. We have some clients with 500 to 1,000 users, whereas one of our clients only has eight. I would say that you can finish deploying this product in less than half a day, regardless of size.
What's my experience with pricing, setup cost, and licensing?
We are satisfied with the pricing.
What other advice do I have?
The most complicated part about endpoint security these days has to do with COVID because you have so many people who are working remotely, and they made the transition without a lot of forethought. The cloud-based deployment helps because if you are in an on-premises environment, it's extremely complicated unless they have VPNs.
Overall, this is a good product and it is extremely effective. That said, changes to the deployment process and making the reports a little prettier would be a good way to improve it. Functionally, it meets our requirements, but it doesn't have all of the bells and whistles that other products have.
I would rate this solution a seven out of ten.
Which deployment model are you using for this solution?