Anonymous UserInformation Systems Coordinator at a insurance company
Justin HadleySr. Manager, Security Engineering at a financial services firm
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Security protection is the best feature of this product."
"Whenever there is a major thing like Exchange vulnerabilities, it scans our Exchange server for indicators of compromise. It then alerts us and points exactly where we need to go to check for ourselves if it is normal or not."
"Customer service and their response are phenomenal. I would give their customer support a nine point five (out of 10). Our easy access to their SOC analyst, sales team, and leadership team instills confidence in me that they are there for us 24/7."
"From where we were prior to going into them, the service has increased our analysts’ efficiency to the point that they can focus on other areas of the business. It gives me the ability to allow analysts to do Level 3 and 4 work and stay out of the weeds of the alerts, where you tend to get alert fatigue. The service takes care of much of the Tier 1 and Tier 2 triage. It is more effective than what we had been used to, because it allows the filtering of Level 1 and Level 2 type alerts to be taken care of. This leaves less for us to handle, which is a good thing."
"The quick interaction between the agents is the most valuable feature. If we have questions, they're quick to answer. If we make a change to our system, they quickly make the changes that are necessary to filter the logs correctly."
"Outside of using the platform to manage alerts, the feature of the service that we get the most value from is being able to reach out to them and say, "Hey, we might go buy a SIEM," for example. They give us their overview of what's out there, what they've dealt with, what they integrate with, and what that looks like. That's been pretty powerful over the years for us."
"I also use their mobile app. It's very easy to use and very convenient to be able to respond to alerts wherever you are. I love the app. You can respond and communicate, per ticket, with their SOC in near real-time. The response is very quick."
"There are two parts of CRITICALSTART's services that are most valuable to us. The MDR solution where they monitor our computers, laptops, and users across the board; and their knowledge of Palo Alto firewalls."
"My impression of the transparency of the data is that it has good detail. It allows you to see how many events have come in, how many of those events have made it down to their analysts to review, and then however many from their analysts to be able to close out, have been able to been escalated to us. It's a good metric that we can share with my management. They see the value of what the SOC is bringing on top of what my team is already doing."
"There is a team of people who monitor our traffic and processes 24/7, so if anything raises a flag or alert, it will escalate back to me right away. That's the most incredible part: Humans working behind the scenes 24/7 to monitor our networks."
"It can sometimes take up to an hour to get notification of a problem and that's a long time."
"They focus on detecting administrator-level control compromises. Because they're focusing more on administrator-level compromise, they are less able to see if an individual user has been compromised. It is, admittedly, very difficult because they don't know what normal human behavior is. If a hacker compromises a human account and then acts just like the human, how are you ever going to notice, unless you have some inside knowledge of how the company works? For example, they overlook account lockouts on user accounts, whereas in our own alerting system, we do not. We review every account lockout, and if it is bad, we contact the person, whereas they think of that as noise because they're more focused on the administrator-level compromise."
"During the six-month integration and rollout, there were some bumpy roads along the way. There were communication breakdowns between the project manager, CRITICALSTART leadership, and us (as the customer). I expressed my displeasure during the integration in their inability to effectively communicate when there were holdups or issues. They were going through some growing pains at that time, but they have been right there for us ever since."
"The UI has become slower but it's not something I would call them out on."
"It has frustrated us that they don't have a native Slack integration, because most things do now. That's something we've asked for, for years, and it just doesn't really seem like it's a priority."
"The updated UI is actually pretty bad. Regarding the intuitiveness, it is fairly easy to use, but the responsiveness, on a scale of one to 10, is a one. It's really poor performance."
"There is room for improvement with the new UI, and that's about it. I would like to see a more intuitive design."
"They could dig a little bit deeper into the Splunk alerts when they feel like they need to be escalated to us. For example, if a locked account shows up, they could do a little extra digging to verify that the locked account was due to a bad password on the local system. They could just do a little extra digging within the Splunk environment instead of pushing it onto us to go do that extra little digging."
"In terms of responsiveness, when I open up an alert, sometimes it takes a bit of time to load. However, it only happened once or twice."
"The only thing I can think of that I would like to see, and I'm sure they could work this into a service pretty easily, is not only alerts on issues that are affecting my company, but some threat intelligence of a general nature on what's out there in the environment. That might be a nice add-in."
"There are contractual penalties if their SLAs are not met. This commitment was very important in our decision to go with this service, because not having downtime is extremely important to us. The providers has not missed an SLA in the 18 months that I have worked with them."
"I've told CRITICALSTART that I think the managed service they provide is cheaper than it should be. It's a really good deal."
"As far as the expense goes, it's very competitive pricing and the services you get are almost like you have a person on your team."
"It costs a lot for what we felt comfortable to spend."
"Overall, for what I'm paying for it, and the benefit I'm getting out of it, it is right where it needs to be, if not a little bit in my favor. For what it costs me to actually have this service, I could afford one internal person to do that job, but now I have a team of 10 or more who are doing that job, and they don't sleep because they work shifts."
"The pricing of other services was so insane that they weren't even an option."
"The pricing has always been competitive. They have always been good to us. They will make it a fight. They don't try to hide anything; it's always been fully transparent and well-worth what we pay for it."
To effectively combat cyber threats, the AWN CyberSOC service relies on a one-two punch of human expertise and machine intelligence. It’s not a product but a discipline, where dedicated Concierge Security teams tackle security matters using the full spectrum of defense mechanisms for prevention, detection, and response.
The cybersecurity landscape is growing more complex by the day with the arrival of new threats and new tools supposedly designed for combating them. The problem is it’s all creating more noise and confusion for security professionals to sort through.
CRITICALSTART is the only MDR provider committed to eliminating acceptable risk and leaving nothing to chance. They believe that companies should never have to settle for “good enough.” Their award-winning portfolio includes end-to-end Professional Services and Managed Detection and Response (MDR). CRITICALSTART MDR puts a stop to alert fatigue by leveraging the Zero Trust Analytics Platform (ZTAP) plus the industry-leading Trusted Behavior Registry, which eliminates false positives at scale by resolving known-good behaviors. Driven by 24x7x365 human-led, end-to-end monitoring, investigation and remediation of alerts, their on-the-go threat detection and response capabilities are enabled via a fully interactive MOBILESOC app.
Arctic Wolf AWN CyberSOC is ranked 3rd in Managed Detection and Response (MDR) with 2 reviews while CRITICALSTART is ranked 2nd in Managed Detection and Response (MDR) with 10 reviews. Arctic Wolf AWN CyberSOC is rated 8.0, while CRITICALSTART is rated 9.4. The top reviewer of Arctic Wolf AWN CyberSOC writes "Alerts and points exactly to where we need to go, gives good prescriptive guidance, and allows customization of alerts based on your requirements". On the other hand, the top reviewer of CRITICALSTART writes "Offers the ability to close review tickets or alerts through a mobile phone and to interact with engineers on their side via the app". Arctic Wolf AWN CyberSOC is most compared with CrowdStrike Falcon Complete, Dell Secureworks, Rapid7 MDR, Alert Logic and Proficio SOC as a Service, whereas CRITICALSTART is most compared with CrowdStrike Falcon Complete. See our Arctic Wolf AWN CyberSOC vs. CRITICALSTART report.
See our list of best Managed Detection and Response (MDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.