Dashboards, which can be customized to display alerts and queries, and rules, which trigger alerts, are the most valuable features for us.
Dashboards, which can be customized to display alerts and queries, and rules, which trigger alerts, are the most valuable features for us.
We now have a better view of our security posture from an external and internal point of view. We are able to do forensic investigations and stop attacks before they occur.
The reporting could use some improvement. Also, while the dashboard can be customized to an extent, I'd like to have the ability to do even more customization.
We've used it for two years.
We've had no deployment issues.
There have been no issues with the stability.
Scaling it has been fine. We've had no issues with an inability to scale.
In our experience, technical support has been good.
Deployment of any of these products is easy. What becomes a daunting task is the creation of use cases and also ensuring that alerts are accurate.
We used an in-house team with a vendor in-office assistant.
Executives don’t see ROI on this solution as the reports are not meant for C-levels.
Make sure you know exactly why you are implementing it and what you are going to monitor. Also, ensure that you have all your use cases way before venturing into buying a solution of this nature.