We performed a comparison between Cisco Sourcefire SNORT and Threat Stack Cloud Security Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Darktrace, Vectra AI, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS)."The most valuable feature is the visibility that we have across the virtual environment."
"The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that."
"Solid intrusion detection and prevention that scales easily in very large environments."
"It simplifies the configuration process by offering pre-defined base configurations, including security and connectivity settings."
"The most valuable features of Cisco Sourcefire SNORT are the dashboard for monitoring events."
"The most valuable feature of this solution is the filtering."
"Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."
"The URL filtering is very good and you can create a group for customized URLs."
"It is scalable. It deploys easily with curl and yum."
"The most valuable feature is the SecOps because they have our back and they help us with the reports... It's like having an extension of your team. And then, it grows with you."
"An important feature of this solution is monitoring. Specifically, container monitoring."
"Technical support is very helpful."
"There has been a measurable decrease in the meantime to remediation... because we have so many different tech verticals already collated in one place, our ability to respond is drastically different than it used to be."
"The rules are really great. They give us more visibility and control over what's being triggered. There's a large set of rules that come out-of-the-box. We can customize them and we can create our own rules based on the traffic patterns that we see."
"Every other security tool we've looked is good at containers, or at Kubernetes, is good at AWS, or at instance monitoring. But nobody is good at tying all of those things together, and that's really where Threat Stack shines."
"Threat Stack has connectivity."
"I don't think this solution is a time-based control system, because one cannot filter traffic based on time."
"I would like to have analytics included in the suite."
"The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market."
"While the alerts they offer are good, it could improve it in the sense that they should be more detailed to make the alerts more useful to us in general. Sometimes the solution will offer up false positives. Due to the fact that the alerts aren't detailed, we have to go dig around to see why is it being blocked. The solution would be infinitely better if there was just a bit more detail in the alert information and logging we receive."
"We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco."
"The initial setup is a little difficult compared to other products in the market. It depends on the environment. If we are doing any migration, it might take months in a brown-field environment."
"The main dashboard of Cisco Sourcefire SNORT could improve."
"The solution's approach to managing traffic blocking is confusing and impractical."
"I would like further support of Windows endpoint agents or the introduction of support for Windows endpoint agents."
"The one thing that we know they're working on, but we don't have through the tool, is the application layer. As we move to a serverless environment, with AWS Fargate or direct Lambda, that's where Threat Stack does not have the capacity to provide feed. Those are areas that it's blind to now..."
"The solution’s ability to consume alerts and data in third-party tools (via APIs and export into S3 buckets) is moderate. They have some work to do in that area... The API does not mimic the features of the UI as far as reporting and pulling data out go. There's a big discrepancy there."
"The API - which has grown quite a bit, so we're still learning it and I can't say whether it still needs improvement - was an area that had been needing it."
"The reports aren't very good. We've automated the report generation via the API and replaced almost all the reports that they generate for us using API calls instead."
"They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter."
"It shoots back a lot of alerts."
"The user interface can be a little bit clunky at times... There's a lot of information that needs to be waded through, and the UI just isn't great."
More Threat Stack Cloud Security Platform Pricing and Cost Advice →
Cisco Sourcefire SNORT is ranked 13th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews while Threat Stack Cloud Security Platform is ranked 27th in Intrusion Detection and Prevention Software (IDPS). Cisco Sourcefire SNORT is rated 7.6, while Threat Stack Cloud Security Platform is rated 8.2. The top reviewer of Cisco Sourcefire SNORT writes "An IPS solution for security and protection but lacks stability". On the other hand, the top reviewer of Threat Stack Cloud Security Platform writes "SecOps program for us, as a smaller company, is amazing; they know what to look for". Cisco Sourcefire SNORT is most compared with Fortinet FortiGate IPS, Cisco NGIPS, Check Point IPS, Palo Alto Networks Advanced Threat Prevention and Darktrace, whereas Threat Stack Cloud Security Platform is most compared with AWS GuardDuty, Darktrace, Palo Alto Networks URL Filtering with PAN-DB, Prisma Cloud by Palo Alto Networks and Qualys VMDR.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
