CRITICALSTART Alternatives and Competitors

Get our free report covering Arctic Wolf Networks, CrowdStrike, and other competitors of CRITICALSTART. Updated: June 2021.
509,820 professionals have used our research since 2012.

Read reviews of CRITICALSTART alternatives and competitors

DB
CISO at a hospitality company with 1,001-5,000 employees
Real User
Top 10
They take care of all first-line alerts, with eyes on glass, fingers on keyboard; they're doing the work, allowing me to focus elsewhere

What is our primary use case?

We needed a SOC operation, and we weren't going to build it in-house, so we were looking for exactly what they offer. They're an MDR service, and we were looking for somebody that would manage the SIEM tool as well as the endpoint management tool and have the ability to take action, when necessary, on endpoints and function as a full, hands-on SOC. That is why we selected them. The service doesn't require us to make use of any hardware. The software required is Splunk, as a SIEM tool, which provides options as to how it's managed. We opted to have CRITICALSTART fully manage it, so we're… more »

Pros and Cons

  • "I also use their mobile app. It's very easy to use and very convenient to be able to respond to alerts wherever you are. I love the app. You can respond and communicate, per ticket, with their SOC in near real-time. The response is very quick."
  • "The updated UI is actually pretty bad. Regarding the intuitiveness, it is fairly easy to use, but the responsiveness, on a scale of one to 10, is a one. It's really poor performance."

What other advice do I have?

In terms of advice, I don't feel that implementing this service is any different than implementing any other system into your environment. A lot relies on your project management skills. I would attempt to test your MDR choices against a framework. The framework that comes to mind is the MITRE ATT&CK framework, which everybody is familiar with. Have realistic expectations about what vulnerabilities your MDR partner is really going to mitigate. That's the lesson I have learned. In terms of CRITICALSTART's Trusted Behavior Registry and the way it resolves things that are known as trusted, so…
CS
Systems Administrator at a energy/utilities company with 501-1,000 employees
Real User
Top 20
They tell you they're going to cut your alerts by 99 percent and they did that, freeing me up for other things

What is our primary use case?

What I was looking to achieve with this service was to have less work on my plate, and to leverage people. Usually, when you buy a big product like an antivirus or endpoint protection, if it's a big solution and you have a big company, you need another person to just manage it or things like it. We didn't have those resources. We got the antivirus product, but we didn't have another person to add to it, so I needed someone to help me manage it. CRIICALSTART is helping me manage this solution because I don't have time to manage it. Originally, they were managing CylancePROTECT for us. Now, they… more »

Pros and Cons

  • "The most valuable feature of their service is their tuning... If we were getting 1,000 alerts a day without them, they tune it until they know what to do for 999 of them, and one will make it through to us per day. That tuning is the most valuable part of their solution."
  • "They just did a user interface overhaul to the website portal that you use for troubleshooting tickets. The old one was fine. The new one is not intuitive..."

What other advice do I have?

If you have people who already do this at your company, and they're paid well and they know what they're doing, and you have multiple products like this that they can manage, then you don't really need CRITICALSTART. But if you are a small group of IT people trying to support an entire company and you have a crazy, complex product like CylancePROTECT or Carbon Black defense or Palo Alto Cortex XDR, or anything like that, then it's probably better to leverage an expert company like CRITICALSTART. The only data source we are using them to manage is our antivirus and they integrate with that. I…
Sr. Manager, Security Engineering at a financial services firm with 501-1,000 employees
Real User
Top 5
The transparency of data in the platform is perfect: You see everything as they are seeing it

What is our primary use case?

We were looking for a third-party managed detection response provider for our integrations with Cylance and Carbon Black. We had to deploy the Cylance and Carbon Black agents after we received them from CRITICALSTART. Types of challenges that we were looking to address: * 24/7 monitoring * Reducing alerts. * Getting Level 0 and 1 taken care of, along with that first triage of alerts. Those are taken care of before our team has to look at it.

Pros and Cons

  • "The way that the user interface presents data enables our team to be able to make decisions significantly quicker, rather than have to dig into the details or go back to the original tools."
  • "Their Zero Trust Analytics Platform (ZTAP) engine, which is kind of their correlation engine, is by far and away one of the best in the business. We can filter and utilize different lists to build out different alerts, such as, what to alert on and when not to alert. This engine helps reduce our number of alerts and false positives."
  • "The biggest room for improvement is not necessarily in their service or offering, but in the products that they support. I would like them to further their knowledge and ability to integrate with those tools. They have base integrations with everything, and we haven't come across anything. They should just continue to build on that API interface between their applications and other third-party consoles."

What other advice do I have?

Trust the CRITICALSTART team. For the products that they resell and support, they know them very well. As you go down that path, you have a good heap of knowledge to rely on. Do not try to build it out or figure it out yourself. We have since transitioned Cylance and Carbon Black over to CrowdStrike. We still use them for that service and also use them for our SIEM, because they host and manage Splunk for us. That all integrates into ZTAP. Using that and any new products that we bring in-house, we work with CRITICALSTART to see if they have already gotten an integration connector built…
Get our free report covering Arctic Wolf Networks, CrowdStrike, and other competitors of CRITICALSTART. Updated: June 2021.
509,820 professionals have used our research since 2012.