Awake Security Platform Valuable Features

Kristofer-Laxdal
Director of Information Security at a software R&D company with 201-500 employees
What is impressive about the tool is the time to value. Plugging it onto our network, we have found things that other tools have just never seen. We found those issues quickly and were able to action against those issues, remediating them quickly. I don't know another product that delivers as much value so quickly. I have the tool set up to alert, be able to look at things, and put things together graphically. This helps to understand the fingerprints of the device, what the device has done, where it's been, and what it's doing on my network. It really gives me a high assurance that my security posture will remained intact. I have it now integrated into our security incident and event management (SIEM) tool, so I am able to correlate events across my network using Awake as my front-end or my first line of defense. Then, I can also pull in the Awake information and use that to pivot across to other sources within our environment, whether that be enterprise detection and response at the endpoint level or security orchestration and response. Awake's Security Knowledge Graph is incredible in terms of a couple of things: * The system is laid out very easily for me to utilize. * I find it comforting if I look at the DNA of the Awake security staff. All of them are deep and wide, in terms of their experiences. You have ex-Mandiant folks along with ex-US military folks who have been through serious cyber situations and assisted large companies, if not governmental organizations. They have seen these threats in the wild. They know how to deal with these threats. Moreover, on weekly calls, they are notifying or diving deep into areas that we might have missed. View full review »
John Chesson
Chief Security Officer
The most valuable feature is the ability to see suspicious activity for devices inside my network. It helps me to quickly identify that activity and do analysis to see if it's expected or I need to mitigate that activity quickly. One of the best use cases was when we knew that one of our vendors that came into our site had a ransomware event at their corporation. I was able to quickly find his device using the Awake system and determine that there was no threat in our system. Something like that usually would have taken four to five hours. It took me about five minutes. Also, the Security Knowledge Graph is a display of the devices and the activities that we see. It doesn't use a heat map but it uses the size of a bubble - a circle representing a device that's probably highest on the threat list - and shows what all the connections are. That provides a great visual, at a glance, of what's going on in my environment at any one time. I really like that feature. I use the solution to identify and assess IoT solutions, if they connect to our network. The guest network is the best example. People use the guest network to connect to the thermostat or their Apple Watch. I can see that activity. If it's a network IoT type of thing, like a call system or Amazon Echo, I'm going to see that activity on our network and Awake should be able to call that up pretty quickly. View full review »
reviewer1217625
Head of Cyber Threat Operations at a energy/utilities company with 1,001-5,000 employees
There are quite a few valuable features. The most valuable aspect of the tech is the fact that it's like a "force-multiplier." It will reduce the amount of time and effort it takes to triage a potential compromise. That's important because, in everyday slang, time is money. If you've ever done a business-impact analysis — business continuity — if an attacker can reduce the confidentiality, integrity, or availability of a given system, it will have a financial impact. The quicker you can eliminate or mitigate the compromise, or avoid it altogether, the less money you are looking at spending to recover from a hack. If you can discover it, and detect it, and prevent it before the attack is successful, you actually have a return on investment. The Security Knowledge Graph tries to centralize things that are notable in the environment. Awake uses a lot of AI and ML to bring to an analyst's attention things that should be of concern. It reduces the amount of searching that an analyst has to do to find notable events or devices. It collates all that and it puts it in one spot. So if you have a device that is beaconing out to a malicious IP, to download malware or the like, Awake will see that and it will alert the analyst right away, rather than the analyst trying to find it in aggregate data. The data science capabilities of Awake Security are very strong. For a network traffic-analysis platform, it's definitely the best in industry. Vectra AI and Darktrace do similar things, but they don't leverage the math the same way that Awake does. As for the solution’s encrypted traffic analysis, encrypted traffic is the next nut to crack in logging and monitoring. What they're trying to look for are different cipher suites that can be used to encrypt potentially malicious traffic. It's trying to do something that no one else is really doing. The solution helps us monitor devices used on our network by insiders, contractors, partners, and suppliers. That's the "meat and potatoes" of what the technology does. If there's a device on the network, it doesn't matter who it's owned by. If it's on the network Awake will see it. Finally, the cloud TAPs for visibility into cloud infrastructure are 100 percent necessary. I don't know how else you're going to see it. View full review »
Find out what your peers are saying about Awake Security, Darktrace, Vectra AI and others in Network Traffic Analysis (NTA). Updated: March 2020.
408,154 professionals have used our research since 2012.
Rick Pennington
Senior Security Engineer at a pharma/biotech company with 1,001-5,000 employees
* I really enjoy the query language on it. It makes it very easy. * The dashboards and displays are very intuitive. The query language makes it easy to query the records on the network, to do searches for the various threat activities that we're looking for. The dashboard, the Security Knowledge Graph, displays information meaningfully and easily. I am able to find the information that I want to find pretty quickly. Also, the data science capabilities of the are great. We aren't currently using it, but the behavior-based machine-learning that they do incorporate is really impressive. It's the primary reason why we picked up the product. It gives us a high-fidelity, anomaly-based detections. View full review »
Find out what your peers are saying about Awake Security, Darktrace, Vectra AI and others in Network Traffic Analysis (NTA). Updated: March 2020.
408,154 professionals have used our research since 2012.