2019-05-07T23:23:00Z

What needs improvement with Awake Security Platform?


Please share with the community what you think needs improvement with Awake Security Platform.

What are its weaknesses? What would you like to see changed in a future version?

Guest
55 Answers

author avatar
Top 10Real User

Some of the searching capability is a bit hard to use without in-depth knowledge. In one of the earlier versions, there was a tool that helped you build some of your searches and help you correlate your data manually. This seems to have been removed in a later version. That is probably the biggest thing I've noticed. Be prepared to update your SOPs to have your analysts work in another tool separately. There are some limitations in the integrations right now. One of the things that I want from a security standpoint is integration with multiple tools so I don't need to have my analysts logging into each individual tool. They are working on this at the moment with Splunk and should have something ready in two weeks.

2020-05-03T06:36:00Z
author avatar
Real User

The only issue is that Awake affords you so much information behind its fingerprinting capability. When it does trigger, you need to have a hard look at what is going on because there is a reason for that trigger. They have worked very hard on the interface. I would like to see things laid out somewhat differently, and not due my familiarity with the tool. The tool has grown a lot since I started using it in October, and there is room for user interface improvements. I would like to see the capability to import what's known as STIX/TAXII in an IOC format. It currently doesn't offer this. This would be a nice, like a wish list. We are looking at cloud TAPs for visibility into cloud infrastructure. We offer a software as a service leveraging cloud. To take things to the next level, it is putting the ability and capability of the device into: * Our cloud offering to look for threats. * Leverage it further for any cloud services or SaaS that we use here.

2020-01-29T11:22:00Z
author avatar
Vendor

I would like to see a bit more in terms of encrypted traffic. With the advent of programs that live off the land, a smart attacker is going to leverage encryption to execute their operation. So I would like to see improvements there, where possible. Currently, we're not going to be decrypting encrypted traffic. What other approaches could be used?

2019-10-28T06:34:00Z
author avatar
Real User

I enjoy the query language, but it could be a bit more user-friendly, especially for new users who come across it. I'm conversant with the query language, but if I put it in front of somebody else they have difficulty in learning how to address the query language. That is the biggest area of room for improvement. They should push it more into a natural language style as opposed to a query language.

2019-09-10T09:04:00Z
author avatar
Real User

There's room for improvement with some of the definitions, because I don't have time and I'm not a Tier 4 analyst. I believe that is something they're working towards. They're working with me to add new features to make it easier for me to tell what a threat is and determine whether it's important or not. They're making improvements and providing updates almost monthly now, so each time they make those improvements it gets clearer for me.

2019-05-07T23:23:00Z
Learn what your peers think about Awake Security Platform. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,041 professionals have used our research since 2012.