Anonymous UserHead of Information Security at a engineering company
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that we're paying for."
"The license is based on the concurrent IP addresses that it's investigating. We have 9,800 to 10,000 IP addresses."
"There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."
"We have a desire to increase our use. However, it all comes down to budget. It's a very expensive tool that is very difficult to prove business support for. We would like to have two separate networks. We have our corporate network and PCI network, which is segregated due to payment processing. We don't have it for deployed in the PCI network. It would be good to have it fully deployed there to provide us with additional monitoring and control, but the cost associated with their licensing model makes it prohibitively expensive to deploy."
"At the time of purchase, we found the pricing acceptable. We had an urgency to get something in place because we had a minor breach that occurred at the tail end of 2016 to the beginning of 2017. This indicated we had a lack of ability to detect things on the network. Hence, why we moved quickly to get into the tool in place. We found things like Bitcoin mining and botnets which we closed quickly. In that regard, it was worth the money."
"The pricing is very good. It's less expensive than many of the tools out there."
"The pricing is high."
"Their licensing model is antiquated. I'm not a fan of their licensing model. We have to pay for licensing based on four different things. You have to pay based on the number of unique IPs, the number of logs that we send through Recall and Stream, and the size of our environment. They need to simplify their licensing down to just one thing. It should be based on the amount of data, the number of devices, or something else, but there should be just one thing for everything. That's what they need to base their licensing on. Cost-wise, they're not cheap. They were definitely the most expensive option, but you get what you pay for. They're not the cheapest option."
"The solution has saved thousands of dollars within the first day. Our ROI has to be in the tens of thousands of dollars since October last year."
"Awake Security was the least expensive among their competitors. Everyone was within $15,000 of each other. The other solutions were not providing the MNDR service, which is standard with Awake Security's pricing/licensing model."
"We switched to Awake Security because they were able to offer a model that was significantly less expensive and the value that we get out of it is higher."
"The solution is very good and the pricing is also better than others..."
"The pricing seems pretty reasonable for what we get out of it. We also found it to be more competitive than some other vendors that we've looked at."
Earn 20 points
Vectra® is the leader in network detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using artificial intelligence to collect, store and enrich network metadata with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers three applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. And Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed.
Awake Security is the only advanced network traffic analysis company that delivers a privacy-aware solution capable of detecting and visualizing behavioral, mal-intent and compliance incidents with full forensics context. Powered by Ava, Awake’s security expert system, the Awake Security Platform combines federated machine learning, threat intelligence and human expertise. The platform analyzes billions of communications to autonomously discover, profile and classify every device, user and application on any network. Through automated hunting and investigation, Awake uncovers malicious intent from insiders and external attackers alike. The company is ranked #1 for time to value because of its frictionless approach that delivers answers rather than alerts.
Endpoints Are the Start,
but Lateral Movement Could Be the True Goal
Breaches happen many ways. While endpoints are commonly thought of as the main target, in many cases they are simply the entry point to lateral movement. GoSecure Network Detection and Response identifies lateral movement to stop the breach from spreading.
Visibility Leads to Detection
Detection requires visibility. The better the visibility, the faster the detection. GoSecure Network Detection and Response quickly correlates endpoint and network activity, using our multi-observational analysis, to pinpoint suspicious/malicious intent and respond accordingly.
Multiple Sources for Better Visibility
Network Intrusion Detection System (NIDS)
GoSecure Managed Detection and Response provides a robust NIDS which performs real-time traffic, deep packet, and behavioral analysis in search of anomalous activity. NIDS combines third-party threat intelligence with an in-house developed ruleset providing GoSecure with the ability to detect security threats in a client’s environment. Our NIDS engine is highly scalable and can support sustained network traffic speeds of 10 gigabits per second.
Log Intrusion Detection System (LIDS)
Once deployed within the client infrastructure, the GoSecure MDR appliance collects logs from various sources providing additional contextual information used to reduce false positives and confirm the validity of potential threat events. The appliance receives logs in the standard syslog format from multiple device types, such as Syslog-NG, IPS, Firewalls, Proxies, and Web Filtering. For the sources that do not create syslogs, additional tools are available to convert logs into this format.
Correlation for Action
GoSecure’s multi-observational analysis accurately generates a suspicion level based on disparate events. By combining information from endpoint and network alerts, GoSecure’s detection level is industry leading. Going beyond simple packet captures, GoSecure Network Detection and Response uses our extensive threat intelligence database to identify threats across multiple sources and correlate these actions quickly. From scanning activity that might indicate upcoming lateral movement to policy violations, an early indicator of insider threat activity, GoSecure Network Detection and Response is a vital element of our Managed Detection and Response service. Phishing, brute force attacks and communications with malicious sites are just a few of the network sources monitored and correlated by GoSecure Network Detection and Response. No source is too obscure, and no alert too trivial.
Your network may have security risks that you don't know about. Schedule a live demo to see how you can use Awake Security to identify and mitigate these threats.
Awake Security Platform is ranked 4th in Network Detection and Response (NDR) with 8 reviews while GoSecure Network Detection and Response is ranked 16th in Network Detection and Response (NDR). Awake Security Platform is rated 9.0, while GoSecure Network Detection and Response is rated 0.0. The top reviewer of Awake Security Platform writes "The time from finding threats to remediation is almost instantaneous". On the other hand, Awake Security Platform is most compared with Darktrace, Cisco Stealthwatch, ExtraHop Reveal(x), Corelight and Splunk User Behavior Analytics, whereas GoSecure Network Detection and Response is most compared with .
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.