When we were evaluating different products—we were looking at Carbon Black and Sophos, the top ones—we definitely wanted something that was more behavioral-based. We came from a traditional antivirus that was signature-based, so anything would already be better than that. But having the prevention piece helps me sleep at night. I don't have to worry about it. The DI team is pretty good at keeping everything updated in the background and it then gets pushed out to everybody, as long as they're connected to the internet.

When we were looking at Carbon Black and Sophos, the prevention pieces weren't as strong when compared to DI, which is why we decided to go with DI. We knew that we would sacrifice some of the root-cause analysis ability and some of that control.

We did a trial with the others. Sophos tries to do a lot of the things that DI does, but we were more interested in the prevention piece. I would rather have a product that does the prevention up front and saves me the effort of having to wipe someone's workstation. 

I have worked with Carbon Black in the past, and I do like their root-cause analysis and their ability to remote into peoples' workstations if we need to. That might be another consideration for DI to have some of those features, being in a competitive space with Carbon Black. I would like to be able to do more of the forensic, remote assistance, and remediation pieces.

For instance, if it's some kind of smaller malware or adware that didn't get flagged, not a Zero-day attack but more the kind of things that are just annoying on people's computers, that does take up time. We have to do some research because they get annoying popups or their computer becomes slow. Those are things that we would like to be able to remotely assist with, since everybody is working from home.

I definitely know we looked at CrowdStrike, but their technology at the time was not pre-execution. Their cost was higher as well.

Deep Instinct is really at the next level. They are really good. Compared to a lot of the other bigger solutions, they are probably a bit slower. Their way of dealing with new viruses or threats is just a little different. This solution is pre-execution. Only a few vendors in the market can do that, which is why they are at a different level.

Deep Instinct was a lot easier to stand up during the PoC evaluation time frame then other endpoint protection platforms.

We evaluated four others solutions. A lot of them were new and maturing as they went, but the big difference between Deep Instinct and everyone else was the pre-execution portion. Almost everything else we looked at was all post-execution or machine learning or artificial intelligence. Deep Instinct was the only one that uses deep learning and the only one that was consistently working on pre-execution.

And with the other solutions that were pre-execution, sometimes something would get through and run. They would say, "Yeah, sometimes you want to watch it first," but Deep Instinct doesn't do that. Deep Instinct just blocks it first.

During testing and evaluation, Deep Instinct performed very well. And their professional service engineer was very helpful in answering our questions and explaining how things work when we asked why things worked a certain way. And the performance has been better in our deployment than it was in the PoC, which is unusual.

Though I can't tell you what we, in our company, looked at as an alternative for Trend Micro, we chose Deep Instinct Prevention Platform since we needed it.

Now that I have Deep Instinct, I don't know if one day I will just uninstall my current solution.

Compared to various competitors, Deep Instinct has a differentiator: It really does deep learning. Many of those doing machine-learning require the cloud. Deep Instinct is able to do it on-prem and fully self-contained. Once I install it I can even go offline or even go away from the cloud. It gives assurance that you're protected for a long time.

I've never come across anything like this. I looked at other things as well. I've been hearing about Carbon Black, Cylance, CrowdStrike, and all the other AI & ML Solutions. All of them have limitations in terms of what they can do and how they do it. It's still human intervention. It's still behavioral analysis, heuristics, etc. There's nothing wrong with that, but they still haven't found a way, like Deep Instinct has, to take all that pain away in a single solution.

Deep Instinct can actually predict unknown malware that is going to come out, as well, because of the way they have built this technology. It can predict the tiniest mutations of viruses or new malware that is coming out. These guys can predict it straight away, whereas the others can't, until something goes through and they work on it and find to fix it. I.e., post execution, where the damage is already done! Everything they do is post-execution. What's the point? If your technology, which you say is that great, cannot detect earlier on, prevent it before happening, then I don't think it's good enough.

That is what I have seen with Deep Instinct. It doesn't even allow something malicious to pass through. It saves a lot of time and effort in cleaning up rather than saying, "Okay, fine, I blocked it. Nothing to worry about."

We compared Deep Instinct with Cylance and CrowdStrike, and we ended up going with Deep Instinct. We felt it was going to give us better coverage, and the cloud management platform was also much easier to use.

While there is some malware which can be detected by other applications, all malware can be detected by Deep Instinct.

I tested Symantec, and it took two days to install and configure one Symantec Management Server and a client agent, which is troubling. Then, I had to install the other agents and the installation may have taken 30 minutes. Afterward, I could spend three to six hours downloading the database for one machine. I had to do this for every machine. On the other hand, Deep Instinct took me five seconds to install. Even then, Symantec only detects 60 percent of the malware.

For my own laptop, Deep Instinct takes less than one percent of the CPU and less than 50MB of memory. In addition, I have a Symantec Endpoint Protection testing environment, and while it's just a testing environment and there is no malware with nothing running on it, Symantec takes about 20 to 30 percent of the CPU quite frequently and 80MB to 100MB of memory.

In a production environment of a construction company, Deep Instinct detected 160 malware while Sophos Intercept X detected two malware in the same environment.

For unknown malware, McAfee has a 20 to 30 percent fail detection rate. Symantec has a failed detection rate at 50 percent. Traps is better at ten percent, while Deep Instinct is at one to two percent. This difference is due to the behavior in the Deep Instinct engine.

 We are in the process of evaluating Deep Instinct.

We evaluated some competitive products, for example, Cylance, and Deep Instinct's false-positive rate was less than one-tenth of Cylance's.