We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"From where we were prior to going into them, the service has increased our analysts’ efficiency to the point that they can focus on other areas of the business. It gives me the ability to allow analysts to do Level 3 and 4 work and stay out of the weeds of the alerts, where you tend to get alert fatigue. The service takes care of much of the Tier 1 and Tier 2 triage. It is more effective than what we had been used to, because it allows the filtering of Level 1 and Level 2 type alerts to be taken care of. This leaves less for us to handle, which is a good thing."
"The main difference between the other options and this one is the quality of the personnel within the SOC. It's their knowledge and depth and the way they handle customers."
"The new mobile app is awesome. It is one of the best I've ever seen. It's much better than its predecessor. It's more intuitive, a whole lot easier to navigate and get where you need to go. It's less repetitive and just generally easier to use. It allows me to not have to be sitting at my computer all the time. I can be on my phone or tablet or wherever I'm at. It makes it a lot easier to answer tickets and do that kind of thing."
"The most valuable feature of their service is their tuning... If we were getting 1,000 alerts a day without them, they tune it until they know what to do for 999 of them, and one will make it through to us per day. That tuning is the most valuable part of their solution."
"There are two parts of CRITICALSTART's services that are most valuable to us. The MDR solution where they monitor our computers, laptops, and users across the board; and their knowledge of Palo Alto firewalls."
"The quick interaction between the agents is the most valuable feature. If we have questions, they're quick to answer. If we make a change to our system, they quickly make the changes that are necessary to filter the logs correctly."
"The way that the user interface presents data enables our team to be able to make decisions significantly quicker, rather than have to dig into the details or go back to the original tools."
"Their Zero Trust Analytics Platform (ZTAP) engine, which is kind of their correlation engine, is by far and away one of the best in the business. We can filter and utilize different lists to build out different alerts, such as, what to alert on and when not to alert. This engine helps reduce our number of alerts and false positives."
"The solution is simple to use and to integrate with IBM QRadar."
"It's really simple and has a flexible interface."
"Its flexibility is the most valuable."
"The UBA, User Behavior Analytics, is very good."
"This is a good solution that we recommend for customers."
"The solution is very easy to use."
"There is room for improvement with the new UI, and that's about it. I would like to see a more intuitive design."
"In terms of responsiveness, when I open up an alert, sometimes it takes a bit of time to load. However, it only happened once or twice."
"The updated UI is actually pretty bad. Regarding the intuitiveness, it is fairly easy to use, but the responsiveness, on a scale of one to 10, is a one. It's really poor performance."
"They just did a user interface overhaul to the website portal that you use for troubleshooting tickets. The old one was fine. The new one is not intuitive..."
"During the six-month integration and rollout, there were some bumpy roads along the way. There were communication breakdowns between the project manager, CRITICALSTART leadership, and us (as the customer). I expressed my displeasure during the integration in their inability to effectively communicate when there were holdups or issues. They were going through some growing pains at that time, but they have been right there for us ever since."
"The biggest room for improvement is not necessarily in their service or offering, but in the products that they support. I would like them to further their knowledge and ability to integrate with those tools. They have base integrations with everything, and we haven't come across anything. They should just continue to build on that API interface between their applications and other third-party consoles."
"They could dig a little bit deeper into the Splunk alerts when they feel like they need to be escalated to us. For example, if a locked account shows up, they could do a little extra digging to verify that the locked account was due to a bad password on the local system. They could just do a little extra digging within the Splunk environment instead of pushing it onto us to go do that extra little digging."
"The UI has become slower but it's not something I would call them out on."
"This product could be improved with better customization. This product isn't the best on the market like QRadar, but it's actually a good solution. However, some competitors' solutions contain more integration, support, automation, or flexibility."
"The product needs a bit more development."
"The implementation could be a bit simpler."
"Its price needs improvement."
"The initial setup is complex."
"The integration could be improved so that it is easy to integrate with other solutions."
"The pricing has always been competitive. They have always been good to us. They will make it a fight. They don't try to hide anything; it's always been fully transparent and well-worth what we pay for it."
"As far as the expense goes, it's very competitive pricing and the services you get are almost like you have a person on your team."
"Overall, for what I'm paying for it, and the benefit I'm getting out of it, it is right where it needs to be, if not a little bit in my favor. For what it costs me to actually have this service, I could afford one internal person to do that job, but now I have a team of 10 or more who are doing that job, and they don't sleep because they work shifts."
"It costs a lot for what we felt comfortable to spend."
"The pricing of other services was so insane that they weren't even an option."
"There are contractual penalties if their SLAs are not met. This commitment was very important in our decision to go with this service, because not having downtime is extremely important to us. The providers has not missed an SLA in the 18 months that I have worked with them."
"I've told CRITICALSTART that I think the managed service they provide is cheaper than it should be. It's a really good deal."
"It is very expensive."
"There is a license you need to pay for in order to use this product."
The cybersecurity landscape is growing more complex by the day with the arrival of new threats and new tools supposedly designed for combating them. The problem is it’s all creating more noise and confusion for security professionals to sort through.
CRITICALSTART is the only MDR provider committed to eliminating acceptable risk and leaving nothing to chance. They believe that companies should never have to settle for “good enough.” Their award-winning portfolio includes end-to-end Professional Services and Managed Detection and Response (MDR). CRITICALSTART MDR puts a stop to alert fatigue by leveraging the Zero Trust Analytics Platform (ZTAP) plus the industry-leading Trusted Behavior Registry, which eliminates false positives at scale by resolving known-good behaviors. Driven by 24x7x365 human-led, end-to-end monitoring, investigation and remediation of alerts, their on-the-go threat detection and response capabilities are enabled via a fully interactive MOBILESOC app.
The Resilient Incident Response Platform (IRP) is the leading platform for orchestrating and automating incident response processes.
The Resilient IRP quickly and easily integrates with your organization’s existing security and IT investments. It makes security alerts instantly actionable, provides valuable intelligence and incident context, and enables adaptive response to complex cyber threats.
CRITICALSTART is ranked 1st in Security Orchestration Automation and Response (SOAR) with 10 reviews while IBM Resilient is ranked 6th in Security Orchestration Automation and Response (SOAR) with 6 reviews. CRITICALSTART is rated 9.4, while IBM Resilient is rated 7.2. The top reviewer of CRITICALSTART writes "Offers the ability to close review tickets or alerts through a mobile phone and to interact with engineers on their side via the app". On the other hand, the top reviewer of IBM Resilient writes "Easy to use with good stability but needs more documentation". CRITICALSTART is most compared with Arctic Wolf AWN CyberSOC, CrowdStrike Falcon Complete, Palo Alto Networks Cortex XSOAR and Blackberry Guard, whereas IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk Phantom, ServiceNow Security Operations, Fortinet FortiSOAR and IBM Cloud Pak for Security. See our CRITICALSTART vs. IBM Resilient report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.