We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The central manager policy means we have almost all client modules in one solution."
"From a single dashboard, I can take a look at several things including the endpoint protection, the file integrity section, the data activity monitor, and more."
"The central management console is the solution's most valuable aspect."
"The graphical interface of the solution is its most valuable aspect."
"The security is a key feature and the console is very user friendly."
"Technical support is very helpful."
"The general endpoint protection is valuable, and it is easy to manage."
"The most valuable features are simplicity and ease of integration."
"The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work."
"The pricing is very good."
"The automation is excellent."
"The most valuable features are the orchestration because of the way in which it coordinates the loss from all the devices and it provides us with a high-level overview of the critical log information."
"The solution is very reliable."
"It has an extensive list of integrations that are available out of the box which makes it easy to start."
"The detection aspect should be improved so that signatures are updated more quickly."
"There is a problem when it comes to agent communication and duplicate records, where the rebooting of a machine leads to the installation of a new agent and you get a lot of duplicate records that ultimately affect your compliance monitoring."
"There needs to be support for Mac computers. Currently, McAfee does not work on iOS."
"The solution sometimes has some false positives on IP addresses, from the web control aspect of the product. This needs to be improved."
"Lacks a single plug-in for multiple uses."
"Sometimes agents hang. We have to reinstall the agents."
"There should be more insights and completeness into the cyber kill chain, similar to CrowdStrike and SentinelOne. It just seems a little outdated in being 100% signature-based without all of the insights and protections that come with CrowdStrike and SentinelOne. Overall, they've got some catching up to do if they plan to compete in the comprehensive EDR space."
"Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners."
"For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added."
"The user interface could be a bit better."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
"There should be an on-premise version available for customers to have different choices."
"The solution is very expensive."
"I would love to see more flexibility on what we can display and design on the dashboards."
"It is attractively priced. It is a fraction of what we're going to pay for CrowdStrike or SentinelOne, but it only has a fraction of the capabilities as well."
"There is a perception that it is priced very high compared to other solutions."
"From the cost perspective, I have heard that its price is a bit high as compared to other similar products."
"There is a yearly license required for this solution and it is expensive."
"It is approx $10,000 or $20,000 per year for two user licenses."
Demisto Enterprise delivers a complete solution that helps Tier-1 through Tier-3 analysts and SOC managers to optimize the entire incident life cycle while auto documenting and journaling all the evidence. More than 100+ integrations enable security orchestration workflows for incident management and other critical security operation tasks.
McAfee ePolicy Orchestrator is ranked 5th in Security Orchestration Automation and Response (SOAR) with 7 reviews while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 7 reviews. McAfee ePolicy Orchestrator is rated 7.8, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of McAfee ePolicy Orchestrator writes "Great graphical interface, good log events, and a simple setup". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Easy to use, stable, scalable, and has responsive support". McAfee ePolicy Orchestrator is most compared with McAfee MVISION ePO, Forcepoint Data Loss Prevention, Symantec Data Loss Prevention and Trend Micro Integrated Data Loss Prevention, whereas Palo Alto Networks Cortex XSOAR is most compared with Splunk Phantom, IBM Resilient, Fortinet FortiSOAR, ServiceNow Security Operations and Siemplify. See our McAfee ePolicy Orchestrator vs. Palo Alto Networks Cortex XSOAR report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.