CrowdStrike Falcon is a comprehensive endpoint protection platform, primarily designed to meet the evolving cybersecurity needs of modern enterprises. It employs machine learning, behavioral analytics, and integrated threat intelligence to combat a wide range of cyber threats. CrowdStrike Falcon stands out for its cloud-native architecture, ensuring real-time protection and threat intelligence, essential for safeguarding dynamic environments. Its lightweight agent architecture minimizes system performance impact while offering extensive network visibility.
I do not have experience with the cost or licensing of the product.
The pricing will depend upon your volume of usage.
I do not have experience with the cost or licensing of the product.
The pricing will depend upon your volume of usage.
Palo Alto Networks WildFire is a highly effective cloud-based advanced threat protection (ATP) solution that organizations in a wide variety of fields trust to help them keep safe from digital threats. It is designed to enable businesses to confront even the most evasive threats and resolve them. It combines many techniques to maximize the level of threat protection available to users.
It IS a bit expensive, but I think you get what you pay for. Value is there.
It's not particularly cheap, but it is absolutely worth it.
It IS a bit expensive, but I think you get what you pay for. Value is there.
It's not particularly cheap, but it is absolutely worth it.
Cisco Secure Network Analytics is a highly effective network traffic analysis (NTA) solution that enables users to find threats in their network traffic even if those threats are encrypted. It turns an organization’s network telemetry into a tool that creates a complete field of vision for the organization’s administrators. Users can find threats that may have infiltrated their systems and stop them before they can do irreparable harm.
It is worth the cost.
Pricing is much higher compared to other solutions.
It is worth the cost.
Pricing is much higher compared to other solutions.
LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM is for organizations that require an on-premises solution and offers:
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.
Look for whatever will give you the most value. That's the main point. It is not one size fits all.
Palo Alto Networks delivers a complete solution that helps Tier-1 through Tier-3 analysts and SOC managers to optimize the entire incident life cycle while auto documenting and journaling all the evidence. More than 100+ integrations enable security orchestration workflows for incident management and other critical security operation tasks.
There is a perception that it is priced very high compared to other solutions.
From the cost perspective, I have heard that its price is a bit high as compared to other similar products.
There is a perception that it is priced very high compared to other solutions.
From the cost perspective, I have heard that its price is a bit high as compared to other similar products.
Recorded Future is a powerful and effective cyber threat intelligence (CTI) platform that aims to empower administrators to protect their organizations from threats, both known and unknown. The machine learning engine that Recorded Future utilizes can process the same amount of data that 9,000 analysts working five days a week, eight hours a day for an entire year can process. It simplifies threat detection and remediation so that organizations can focus on other tasks.
There appear to be up to five different levels, with the most expensive version costing around $95,000 to $105,000 a year for subscription services.
The price of the solution is worth it. The overall performance of the solution outweighs the cost.
There appear to be up to five different levels, with the most expensive version costing around $95,000 to $105,000 a year for subscription services.
The price of the solution is worth it. The overall performance of the solution outweighs the cost.
USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
AlienVault is flexible on their pricing for unlimited licenses.
Pricing is very competitive with other products and you get much more functionality from AlienVault.
Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats.
I don't know the exact price, but for my region, it is very expensive.
In my opinion, the price is high, but if you want good products, you have to be willing to pay for them.
I don't know the exact price, but for my region, it is very expensive.
In my opinion, the price is high, but if you want good products, you have to be willing to pay for them.
Keep ahead of the latest threats and protect your critical data with ongoing threat prevention and analysis.
TippingPoint is not as expensive as Palo Alto but it's not as cheap as Fortigate.
It's an expensive product.
TippingPoint is not as expensive as Palo Alto but it's not as cheap as Fortigate.
It's an expensive product.
Fortinet FortiSandbox is a behavior-based threat detection solution that prevents and detects malicious code in files transferred within the organization. It is integrated with FortiGate firewalls and FortiMail for threat protection and can be used for monitoring and reporting. The solution inspects files in a virtual environment with different types of virtual machines and can block or quarantine files based on their score.
There are no costs in addition to the standard licensing fees.
The solution is not expensive at all.
There are no costs in addition to the standard licensing fees.
The solution is not expensive at all.
ServiceNow Security Operations is a cutting-edge security solution designed to elevate organizations' security incident response (SIR) processes through automation and orchestration. Going beyond traditional SOAR, this comprehensive Security Operations Suite integrates seamlessly with other ServiceNow products and offers a wide array of features. Its components include Security Incident Response (SIR), which automates incident workflows and offers pre-built playbooks; Security Configuration Compliance (SCC), continuously scanning and automating compliance tasks; Vulnerability Response (VR), prioritizing and remediating vulnerabilities; Threat Intelligence (TI), aggregating threat data for proactive threat hunting; and additional features like IT Service Management integration, Machine Learning and AI, reporting, and a mobile app. The benefits span improved incident response speed, reduced mean time to resolution, increased security posture, enhanced compliance, collaborative synergy between security and IT teams, and operational cost reductions.
This product is a good value for the money.
The solution is more expensive than BMC Remedy, the other ITSM tool available in the market.
This product is a good value for the money.
The solution is more expensive than BMC Remedy, the other ITSM tool available in the market.
Fortinet FortiSOAR (Security Orchestration, Automation, and Response) is a comprehensive security operations platform created to help SOC teams effectively respond to the growing volume of alarms, repetitive manual tasks, and resource shortage. This patented and customizable security operations workbench provides companies with automated playbooks, incident triaging, and real-time remediation to identify, defend, and counter threats. FortiSOAR effortlessly integrates with more than 350 security products and performs more than 3,000 actions to increase SOC team productivity. With this solution, response times are accelerated, containment is simplified, and mitigation times are cut from hours to seconds.
Pricing is fine compared to other solutions.
The solution offers both licensing and subscription models that are similar in price to other products.
Pricing is fine compared to other solutions.
The solution offers both licensing and subscription models that are similar in price to other products.
Mandiant Advantage is a multi-vendor XDR platform that provides security teams of all sizes with frontline intelligence. Mandiant Advantage aims to speed up operational as well as strategic security and risk decision making. Mandiant Advantage provides security teams with an early knowledge advantage through the Mandiant Intel Grid, which provides platform modules with current and relevant threat data and analysis capabilities. Organizations are better protected from cyber attacks and more confident in their readiness when they have access to continuous security validation, detection, and response.
NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.
It’s cheaper to run virtual machines in a VMware environment.
The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).
It’s cheaper to run virtual machines in a VMware environment.
The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).
The Resilient Incident Response Platform (IRP) is the leading platform for orchestrating and automating incident response processes.
It is very expensive.
There is a license you need to pay for in order to use this product.
It is very expensive.
There is a license you need to pay for in order to use this product.
Swimlane is a leader in security orchestration, automation and response (SOAR). By automating time-intensive, manual processes and operational workflows and delivering powerful, consolidated analytics, real time dashboards and reporting from across your security infrastructure, Swimlane maximizes the incident response capabilities of over-burdened and understaffed security operations.
Cost is clearly a consideration, but the important thing is what we do with the data and how we protect it.
One of the fastest ways to cut costs is reducing staff, and this product can reduce staff by 70 percent.
Cost is clearly a consideration, but the important thing is what we do with the data and how we protect it.
One of the fastest ways to cut costs is reducing staff, and this product can reduce staff by 70 percent.
Anomali ThreatStream is a Threat Intelligence Management Platform that automates the collection and processing of raw data and transforms it into actionable threat intelligence for security teams.
Sixgill’s fully automated threat intelligence solutions help organizations fight cyber crime, detect phishing, data leaks, fraud and vulnerabilities as well as amplify incident response in real-time.
The pricing is cheap compared with Recorded Future. Sixgill's cost-effectiveness is very good.
Sometimes, Cybersixgill Investigative Portal is cheaper than its competitors.
The pricing is cheap compared with Recorded Future. Sixgill's cost-effectiveness is very good.
Sometimes, Cybersixgill Investigative Portal is cheaper than its competitors.
AutoFocus contextual threat intelligence service accelerates analysis, correlation and prevention workflows. Unique, targeted attacks are automatically prioritized with full context, allowing security teams to respond to critical attacks faster, without additional IT security resources.
It is expensive.
The solution is reasonably priced.
It is expensive.
The solution is reasonably priced.
ThreatQ is a Threat Intelligence Platform (TIP) designed to enable threat operations and management. ThreatQ is the only solution with an integrated Threat Library, Adaptive Workbench and Open Exchange that help you to act upon the most relevant threats facing your organization and to get more out of your existing security infrastructure.
Flashpoint Intelligence Platform grants access to our expansive archive of Finished Intelligence reports, Deep & Dark Web data, and Risk Intelligence Observables in a single, finished intelligence experience.
IntSights is the only all-in-one external threat intelligence and protection platform, purpose-built to neutralize threats outside the wire. With the IntSights solution suite, cybersecurity teams worldwide are equipped with the tools they need to detect, assess, and mitigate threats externally from the source, well-before before they reach the perimeter.
Microsoft Defender Threat Intelligence is a comprehensive security solution that provides organizations with real-time insights into the latest cyber threats. Leveraging advanced machine learning and artificial intelligence capabilities, it offers proactive threat detection and response, enabling businesses to stay one step ahead of attackers. With Microsoft Defender Threat Intelligence, organizations gain access to a vast array of threat intelligence data, including indicators of compromise (IOCs), security incidents, and emerging threats. This data is collected from a wide range of sources, such as Microsoft's global sensor network, industry partners, and security researchers, ensuring comprehensive coverage and accuracy. The solution's advanced analytics and machine learning algorithms analyze this threat intelligence data in real-time, identifying patterns, trends, and anomalies that may indicate a potential security breach. By continuously monitoring the network and endpoints, Microsoft Defender Threat Intelligence can quickly detect and respond to threats, minimizing the impact of attacks and reducing the time to remediation.
They offer two license plans: Microsoft Defender for endpoints and Microsoft Defender for businesses.
The product’s pricing is worth it.
They offer two license plans: Microsoft Defender for endpoints and Microsoft Defender for businesses.
The product’s pricing is worth it.
Anomali Match is an intelligence-driven extended detection and response solution that helps organizations quickly identify and respond to threats in real time. Anomali Match boosts organizational efficiency and productivity by automating detection actions that quickly profile a danger and its impact on the organization, allowing for an effective response.
When comparing the price of Anomali Enterprise to other solutions it is in the medium to high range. However, I am satisfied with the price.
The solution is costly.
When comparing the price of Anomali Enterprise to other solutions it is in the medium to high range. However, I am satisfied with the price.
The solution is costly.
Cisco Threat Grid crowd-sources malware from a closed community and analyzes all samples using proprietary, highly secure techniques that include static and dynamic (sandboxing) analysis. It correlates the results with hundreds of millions of other analyzed malware artifacts to provide a global view of malware attacks, campaigns, and their distribution. Security teams can quickly correlate a single samples of observed activity and characteristics against millions of other samples to fully understand its behaviors in a historical and global context. This ability helps analysts effectively defend against both targeted attacks and the broader threats from advanced malware. Threat Grid’s detailed reports, including the identification of important behavioral indicators and the assignment of threat scores, let you quickly prioritize and recover from advanced attacks.
If I remember correctly, the licensing cost is a little bit higher than that of the competitor.
If I remember correctly, the licensing cost is a little bit higher than that of the competitor.
With InsightConnect, your team will get more done and respond to security events faster than ever before. And with significant time savings and productivity gains across overall security operations, you’ll go from overwhelmed to operating at maximum efficiency in no time flat.
Cyware Fusion and Threat Response
A threat response automation platform that combines cyber fusion, advanced orchestration, and automation to stay ahead of increasingly sophisticated cyber threats affecting enterprises in real-time
EclecticIQ Platform is a Threat Intelligence Platform (TIP) that empowers threat analysts to perform faster, better, and deeper investigations while disseminating intelligence at machine-speed.
Defend Better Together
TruSTAR is an Intelligence Management Platform that helps you operationalize data across tools and teams, helping you prioritize investigations and accelerate incident response.
PLATFORM OVERVIEW
Integrate threat intelligence into endpoint protection, expose threats outside the perimeter
and gain access to industry-leading, adversary-focused research.
Breachsense is a data breach monitoring platform that enables security teams to reset stolen passwords before criminals exploit them.
Stop the damage of a data breach before it’s all over the news. VigilanteATI delivers actionable, targeted threat intelligence with context and analysis to alert you to potential attacks before they become a risk to your organization. We scour the dark web for chatter from bad actors, analyze threat data, and offer insights into how you can keep your business assets safe from past, present, and future cyber threats. VigilanteATI is way more than a dark web news feed; it gives you the who, what, where, when, why, and how so you can create the best defense plan for your business.