The integration engine needs to improve. We try to integrate it with other tools, especially with Splunk or with the MyDLP engine, and even with Microsoft Exchange. As much as they tried to make it seem like it was easy, it wasn't easy. There was a lot of stuff that we had to do that we ended up having to do via an API or something special for a new case. That's a big issue for me. Integration is daunting. It leaves a lot of room for failure and frustration.

There are just little nuances that make everything difficult. You're supposed to be able to flip this toggle thing here, and you're supposed to be able to get the feedthrough from Splunk. Then, from there everything should be perfectly fine. However, when you find out it is not perfectly fine and you find out that it's because this thing isn't necessarily correct, you have to do an update on it or they have to update their file to make it work correctly. 

It's very small, minute things that aren't quite right. It's not something that you can really pinpoint. There's a lot of nuanced issues. It the nuanced technical issues that you would notice once you cross its path. It's not one of those "Hey, this is something I would know off the top of my head." They are very small nuance issues that make you say "Oh, well I guess we've got to go and change this thing now." You get this with certain tools - mostly with Mandiant tools more than anything else in general. It's one of those Mandiant quirks that still carries on and persists to this day - even with this tool.