Deep Instinct Valuable Features

Puneet Gupta
Director at IT Junction
It is a very easy solution in terms of the deployment. It's just a single agent that has everything in it. You don't have to really think too much about your strategy for securing your endpoint. With the EDR solutions, you have to install it, then you have another service history installed, and you have behavioral analytics, etc. With this, everything is in a single small "box," a small agent that has pretty much got everything. This is what has excited me, my team, as well as my end customers who are using it. It's an absolutely fantastic solution. It's very easy going and has got the latest technology, which is the deep learning. That is one step ahead of machine-learning because there is no feature engineering in it. That is the key difference. With today's solutions, everything around them can be re-engineered given they have access to similar tools outside. Given the proprietary framework these guys have, nobody else has access to it. That makes it more secure. It classifies unknown malware as well. I've got various classifications already: either a backdoor entry or 100 percent virus or malware or a scripting shell. Scripting shell has been detected quite a lot. Viruses have been detected. Two backdoor entries have been trying to get on. I've got a number of different types of attacks that have been happening. From the dashboard, I can see what I've picked up that's live. I can see the number of users, the number of devices, what are the risks. It has remote accessibility to deploy the agent as well as remove the agent, as well as modify it and update it. It has the lowest false-positive ratio that I have come across. I have only had one which was a legitimate file that I had to whitelist. It was for one of the applications I was trying to install and integrate. But the false-positive ratio is very low. The online and offline mode of this technology has actually made a huge difference. I don't have to worry about my employees when they take their machines anywhere. Whether they're connected or not connected, I know it's all secure. If anybody tried to put in a USB or whatever, it just does its job. From that perspective, I see a big difference. View full review »
Robert Boles
Cybersecurity Expert at a tech services company with 11-50 employees
We provide managed security services to our clients and my belief is the best threat is the one that never happens or is mitigated before it's given an opportunity to establish a foothold. We were approached by a peer of ours about two-and-a-half years ago, right before we met Deep Instinct, and discussed partnering with them to resell our infrastructure solutions, and us support and be the West Coast coverage for a competing endpoint solution. We didn't move forward with our peer, though it became clear, coming out of our discussions with them, that our infrastructure services that were our core competency were going to need to be complemented with an endpoint solution, because these folks were now a competitor. We started looking at different options. This is around the time that a lot of players were starting to come up, such as Cylance, SentinelOne, and Carbon Black. We worked through the gauntlet of these products and others. Interestingly, within a month I was introduced to Deep Instinct which had just come out of stealth mode. It was a differentiator. Of all the products, what I saw that intrigued me most were the prevention capabilities, where instead of focusing on features like rollback, the whole premise and the context of the solution is to actually prevent these malicious attacks from happening to begin with. As a service provider who is responsible for the wellbeing of our client base, that's a much more appealing approach than the ability to roll back, because in any rollback situation there is always an opportunity that it's not going to roll back exactly how you wanted it. So it aligned with our core business values. The ability to prevent threats is the most appealing aspect. Deep Instinct absolutely, 100 percent helps with real-time prevention of unknown malware. That's the strength of the product. We've just surpassed 20,000 endpoints under our purview, and over 75,000,000,000 files scanned. We had an event this past summer where there were some environments that hadn't fully migrated over to Deep Instinct. Within those environments, the machines that were defended by Deep Instinct continued without issue, whereas user machines that were not defended by Deep Instinct had substantial issues that were not resolved until we actually were able to get Deep Instinct on them. We have a running list of all the competitive products we run over the top of or concurrently with Deep Instinct. At one milestone, Deep Instinct had discovered over 5,000 existing threats that were present on existing workstations, across 32 different competitive products that were defending these workstations, though provided zero visibility into the fact that the risks were present. This number was at the 7,500 endpoints defended milestone and has grown significantly as deployments have expanded. It is worth mentioning, included in that list are all the aforementioned competitors we had considered. Deep Instinct provides classification of unknown malware without human involvement. Our analysts and engineers use that data as part of the validation and remediation process. The feature is tremendously insightful and tremendously helpful. As an operator, anything that shortens the path to clarity is a value. Finally, one of the most important things that we haven't highlighted yet is that it has a very low false-positive ratio. That is important because it means we're are maximizing our efficiency. Because the false-positives are so low, our need to carry excessive staffing is minimized by not requiring headcount to filter through the noise. In our assessments of other products, we learned some of the competing products literally have teams of hundreds of analysts breaking down threats that their tools are detecting due to excessively high false positives. Because of this, those solutions were not considered. We're able to support the entire 20,000-endpoint base with just a handful of engineers. The time savings are substantial, and impact on morale positive. We’re seeing false-positives at about 5 for every 10,000,000 files scanned. There's one company that comes to mind and I know they have more than a couple of hundred analysts filtering through what they're flagging. I actually don't know if Deep Instinct has any analysts because the detection rates are so high. View full review »
Ethan Ore
Senior Consultant at a tech services company with 11-50 employees
What is commendable about Deep Instinct is that they have a single platform, regardless of whether you have Windows, Mac, or even Android phone. It's a very good platform because it's all-in-one. In addition, it's easy, because once you deploy the endpoint, the policy comes in and there is not much to configure. You can do whatever you like, unlike other solutions where you need to explicitly create exceptions if you want to do certain things. Here, you can do anything that you want and have the assurance that Deep Instinct will catch anything that is malicious. The malware classification is very good because it tells me, "This is most likely ransomware or a worm." In other solutions, they usually just have a flat statement saying it's a worm or just that it's a virus. That leaves it open-ended and you have to do your own investigation, put it into a sandbox and really explore it before you actually know what it is. A lot of technical or even expert knowledge is required before you can analyze it. Here, you can do it without an expert opinion. It's better laid out in the static form. It even tells you the process chain, where you know what executes and then what happens to it. If it's running something that it shouldn't, then that's potentially something bad. View full review »
Find out what your peers are saying about Deep Instinct, Cylance, SentinelOne and others in Endpoint Protection for Business. Updated: September 2019.
365,820 professionals have used our research since 2012.
Chi Wing Wong
Regional Technical Manager at a retailer with 201-500 employees
* High accuracy * High detection rate * Low false positive rates * Easy deployment * It is not necessary to update signatures. * There is no database. The detection rate is very high. In all the testing with around 20 partners in different environments, quite a lot of them had installed with other anti-malware applications, like Sophos. This software can co-exist with those applications in the same machine. This is impressive. I found Deep Instinct can detect a lot of unknown malware early. Others, like Sophos, could find the same malware maybe a couple weeks weeks or a month later, since a lot of malware is not being reported to the virus websites. Deep Instinct's detection rate is close to 100 percent. After they introduced the behavior analysis engine, I even detected attacks via vulnerabilities in Microsoft. Its false positives are very low, because the behavior analysis engine double checks them. View full review »
FuyukiMotono
General Manager at a tech services company with 51-200 employees
The most valuable features are the static/dynamic analyses. Deep Instinct's predictive model has very high accuracy and provides threat information for unknown malware, such as malware classification, static analysis information, and sandbox information. The information can be obtained easily. Malware classification information is displayed automatically, within the event. In addition, we have found there is malware prevented by DI, which other solutions did not prevent. View full review »
Find out what your peers are saying about Deep Instinct, Cylance, SentinelOne and others in Endpoint Protection for Business. Updated: September 2019.
365,820 professionals have used our research since 2012.
Sign Up with Email