Awake Security Platform Overview
Awake Security Platform is the #4 ranked solution in our list of top Network Detection and Response (NDR) tools. It is most often compared to ExtraHop Reveal(x): Awake Security Platform vs ExtraHop Reveal(x)
What is Awake Security Platform?
Awake Security is the only advanced network traffic analysis company that delivers a privacy-aware solution capable of detecting and visualizing behavioral, mal-intent and compliance incidents with full forensics context. Powered by Ava, Awake’s security expert system, the Awake Security Platform combines federated machine learning, threat intelligence and human expertise. The platform analyzes billions of communications to autonomously discover, profile and classify every device, user and application on any network. Through automated hunting and investigation, Awake uncovers malicious intent from insiders and external attackers alike. The company is ranked #1 for time to value because of its frictionless approach that delivers answers rather than alerts.
Awake Security Platform is also known as Awake.
Awake Security Platform Buyer's Guide
Download the Awake Security Platform Buyer's Guide including reviews and more. Updated: June 2021
Awake Security Platform Customers
Awake Security Platform Video
What users are saying about Awake Security Platform pricing:
- "The solution has saved thousands of dollars within the first day. Our ROI has to be in the tens of thousands of dollars since October last year."
- "The pricing seems pretty reasonable for what we get out of it. We also found it to be more competitive than some other vendors that we've looked at."
- "We switched to Awake Security because they were able to offer a model that was significantly less expensive and the value that we get out of it is higher."
- "The solution is very good and the pricing is also better than others..."
- "Awake Security was the least expensive among their competitors. Everyone was within $15,000 of each other. The other solutions were not providing the MNDR service, which is standard with Awake Security's pricing/licensing model."
- Highest Rating
- Lowest Rating
- Review Length
Showingreviews based on the current filters.
Director of Information Security at a computer software company with 201-500 employees
Feb 3, 2020
The time from finding threats to remediation is almost instantaneous
What is our primary use case?Our use cases are vast and varied. Quite simply, we looked at tools that would look at network detection and responses out-of-the-box. Looking at Awake, there are hundreds of security use cases built into the system itself. I typically utilize the tool across the enterprise looking to detect those hard to find threats I am looking at: * Indicators of compromise for ransomware * Possible command and controls * Privacy * Clear text passwords * Persistence * Data ex-filtration and compliance for GDPR * Various, very hard to detect models of data ex filtration, such as data ex-filtration via e.g… more »
Pros and Cons
- "This solution’s encrypted traffic analysis helps us stay in compliance with government regulations. It is all about understanding data exfiltration, what is ingressing and egressing in our network. One common attack vector is exfiltrating data using encryption. My capabilities to see potential data exfiltration over encrypted traffic is second to none now."
- "I would like to see the capability to import what's known as STIX/TAXII in an IOC format. It currently doesn't offer this."
What other advice do I have?Understand where your network points are and where you are best served to position sensors. The tool won't work unless it's positioned effectively in your network. Rely upon Awake staff's expertise. They have collective information cybersecurity experience in the hundreds of years, so just listen to them in terms of their guidance and where to position your sensors. Understand your traffic flow before moving forward with the solution, making sure that it's right for you. For instance, understand that if you have several satellite offices, you may be challenged and need to purchase several…
Head of Information Security at a engineering company with 10,001+ employees
Real UserTop 10
Mar 9, 2021
Gives us network layer visibility into things that may not be covered by other monitoring tools, such as shadow IT
What is our primary use case?One of the interesting things that made us lean towards going with Awake was that it fulfilled a couple of use cases. One was the core NDR functionality. We wanted it to be able to monitor our network traffic and alert us on security-relevant events. Another request we had was that because our security team was pretty resource-constrained, we wanted a solution that could provide an in-house managed service for monitoring it, as a partner. Awake was able to provide that, with their MNDR team. and that was something that we found pretty valuable.
Pros and Cons
- "The query language that they have is quite valuable, especially because the sensor itself is storing some network activity and we're able to query that. That has been useful in a pinch because we don't necessarily use it just for threat hunting, but we also use it for debugging network issues. We can use it to ask questions and get answers about our network. For example: Which users and devices are using the VPN for RDP access? We can write a query pretty quickly and get an answer for that."
- "One concern I do have with Awake is that, ideally, it should be able identify high-risk users and devices and entities. However, we don't have confidence in their entity resolution, and we've provided this feedback to Awake. My understanding is that this is where some of the AI/ML is, and it hasn't been reliable in correctly identifying which device an activity is associated with. We have also encountered issues where it has merged two devices into one entity profile when they shouldn't be merged. The entity resolution is the weakest point of Awake so far."
What other advice do I have?One thing to be aware of, for someone else using Awake, is to be ready, at the beginning, to clearly define what is expected network activity and what is not. That helps both teams. For us, it has been an interesting challenge because our network is quite complex. In the life sciences, we have pretty varied environments for physical manufacturing, R&D, and SGNA. It spans the whole gamut. What helps in that environment is being very clear, up front, about documenting and giving context to the Awake MNDR team about which devices are domain controllers and the kinds of traffic they should expect…
Learn what your peers think about Awake Security Platform. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
509,641 professionals have used our research since 2012.
Chief Information Security Officer at Dolby Laboratories
Real UserTop 10
Jul 26, 2020
Enables us to monitor lateral movement of traffic across sensitive networks
What is our primary use case?We use Awake Security to monitor internal networks. We monitor the lateral movement of traffic across sensitive networks.
Pros and Cons
- "The security knowledge graph has been very helpful in the sense that whenever you try a new security solution, especially one that's in the detection and response market, you're always worried about getting a lot of false positives or getting too many alerts and not being able to pick out the good from the bad or things that are actual security incidents versus normal day to day operations. We've been pleasantly surprised that Awake does a really good job of only alerting about things that we actually want to look into and understand. They do a good job of understanding normal operations out-of-the-box."
- "They've been focused on really developing their data science, their ability to detect, but over time, they need to be able to tie into other systems because other systems might detect something that they don't."
What other advice do I have?The piece that people should be considering should be how much storage they want for data in the platform and how long they need to retain data for. It's not sitting in the middle of network traffic but for incidents that come up or alerts that are generated, it will store Pcap information for those alerts. You want to make sure that you have enough storage of information around those alerts so that you can go back, whether it be six days, a week, a month, whatever you want your retention period to be. That's something you should think about when you're putting this into place. Also consider…
Chief Security Officer at a university with 1,001-5,000 employees
Real UserTop 20
Jan 27, 2021
With the threat-hunting service, we didn't have to increase our team size to realize value
What is our primary use case?For us, Awake provides the insights into our network traffic. It's something of a hybrid. We have on-premise collectors and there's a lot of storage involved, so we keep that on-premise, and then we have a cloud dashboard.
Pros and Cons
- "The most valuable portion is that they offer a threat-hunting service. Using their platform, and all of the data that they're collecting, they actually help us be proactive by having really expert folks that have insight, not just into our accounts, but into other accounts as well. They can be proactive and say, 'Well, we saw this incident at some other customer. We ran that same kind of analysis for you and we didn't see that type of activity in your network.'"
- "When I looked at the competitors, such as Darktrace, they all have prettier interfaces. If Awake could make it a little more user-friendly, that would go a long way."
What other advice do I have?Every environment is different and you have to start with knowing what your goals are and what your environment looks like, to really find the right product for you. What integrations do you have? A big challenge is how your remote workforce changes the way you think about your environment. How does your cloud adoption strategy affect things? Awake is an on-premise, network-based solution. For us, that makes a lot of sense. We only have one site where all of our users go. If you're totally remote, now, with COVID, and you're mostly a cloud/ SaaS-based shop, it may not be the right fit for you…
Director of Projects and IT at a healthcare company with 201-500 employees
Real UserTop 20
Feb 7, 2021
Gives us the combination of an appliance for visibility and a top-notch monitoring team that is very responsive
What is our primary use case?We have other network and security appliances and systems in place, but we were looking for something to give us deeper visibility into our network traffic, specifically the lateral, east-west movement. We have pretty good visibility north-south of things going through the firewall, but it was not as good internally. That's our primary use case. And we wanted to have something that would give us relevant alerts and actionable items. We are using a combination of the Awake Security appliance and their network monitoring services. You can get just the appliance and then do the monitoring… more »
Pros and Cons
- "It gives us something that is almost like an auditing tool for all of our network controls, to see how they are performing. This is related to compliance so that we can see how we are doing with what we have already implemented. There are things that we implemented, but we really didn't know if they were working or not. We have that visibility now."
- "While the appliance is very good, and I think they're working on it, it would probably help if they integrated the management team cases into the appliance so that everything we are working on with them would be accessible on our platform, on the dashboard, on the portal. Right now, Awake is just an additional team that uses the appliance that we use and then we communicate with them directly. Communication isn't through the portal."
What other advice do I have?The solution is very good and the pricing is also better than others, but each organization has to have other security parts and pieces in place. This is not a silver bullet. It's not one thing that can solve all issues or cover all security, but it's a very valuable and needed addition to our security portfolio. Anybody who feels that they don't have complete visibility into their network should give Awake Security a try, do a proof of concept with them, and see what results you get. It's a good product and I'm pretty sure it will give you what you are looking for. But do that PoC first…
Head of Cyber Threat Operations at a energy/utilities company with 1,001-5,000 employees
Oct 31, 2019
Machine-learning works at a different level — it's like a robotic network engineer
What is our primary use case?The solution is a kind of Swiss Army knife. It can do a number of different things. We primarily use it for network traffic analysis and threat hunting.
Pros and Cons
- "Other solutions will say, "Hey, this device is doing something weird." But they don't aggregate that data point with other data points. With Awake you have what's called a "fact pattern." For example, if there's a smart toaster on the third floor that is beaconing out to an IP address in North Korea, sure that's bizarre. But if that toaster was made in North Korea it's not bizarre. Taking those two data points together, and automating something using machine-learning is something that no other solution is doing right now."
- "I would like to see a bit more in terms of encrypted traffic. With the advent of programs that live off the land, a smart attacker is going to leverage encryption to execute their operation. So I would like to see improvements there, where possible. Currently, we're not going to be decrypting encrypted traffic. What other approaches could be used?"
What other advice do I have?My advice would be to put it up against any of its competitors. Look at the salient data points. So your machine-learning is telling you that something is unusual. Great. Why? And if you don't have an answer for that then I would suggest you look at Awake. Because Awake gets to the "why." In terms of maintenance of the solution, I've got five people now, but they don't just do this. I have one person who does security training and awareness. I have one person who does threat hunting, who is the primary user of the technology. I've got a cyber-threat intel person, and I've also got a person to…
Senior Analyst Security and Compliance at a insurance company with 5,001-10,000 employees
Reduced the time my team focused on incident response and provided the visibility we were looking for
What is our primary use case?Awake Security was brought onboard to provide governance over the incident response process, which is a managed service. Challenges were identified, such as, no visibility and no network awareness of what's going on in the environment. Once the network visibility was solved, the decision to look at AI related tools was initiated. We will be using its features for compliance as well as threat detection, looking to partner with Awake Security to achieve these goals. Placing their solution in an enterprise financial vertical may allow thinking outside the box, providing additional value in the… more »
Pros and Cons
- "We appreciate the value of the AML (structured query language). We receive security intel feeds for a specific type of malware or ransomware. AML queries looking for the activity is applied in almost real-time. Ultimately, this determines if the activity was not observed on the network."
- "Awake Security needs to move to a 24/7 support model in the MNDR space. Once they do that, it will make them even better."
What other advice do I have?The Awake Security team does a good job with communication. With the encrypted traffic, you can't see inside the packet. Encrypted traffic was not a hindrance, since most traffic nowadays is encrypted. The Awake Security team does a good job of determining what's wrong, even though they don't have the full view of the content inside the packet. Awake Security gets a solid nine (out of 10) based on our experience. That's based on their technology, professionalism, and communication. It was their MNDR service that set them apart when we were looking at other technologies.
CISO at a insurance company with 1,001-5,000 employees
May 6, 2020
Data is displayed in a very easy to read and understandable manner
What is our primary use case?The tool generates automated alarms to correlate any network activity that we see with some of that more deep packet inspection which Awake provides. There is currently not a lot of IoT in our environment.
Pros and Cons
- "This solution help us monitor devices used on our network by insiders, contractors, partners, or suppliers. Its correlation and identification of specific endpoints is very good, especially since we have a large, virtualized environment. It discerns this fairly well. Some of the issues that we have had with other tools is we sometimes are not able to tell the difference between users on some of those virtualized instances."
- "Be prepared to update your SOPs to have your analysts work in another tool separately. There are some limitations in the integrations right now. One of the things that I want from a security standpoint is integration with multiple tools so I don't need to have my analysts logging into each individual tool."
What other advice do I have?We have not used the functionality for cloud TAPs. I would rate this solution as a nine (out of 10).
See 1 more Awake Security Platform Reviews
Download our free Awake Security Platform Report and get advice and tips from experienced pros sharing their opinions.
- Any recommendations for Network Traffic Analysis Tools?
- When evaluating Network Traffic Analysis, what aspect do you think is the most important to look for?
- How is AI security improving cybersecurity?
- What is the best network traffic analysis tool for a large enterprise?
- What are some questions to ask vendors when researching network traffic analysis tools?
- What are your top considerations when choosing a Network Traffic Analysis tool?