Please share with the community what you think needs improvement with Deep Instinct.
What are its weaknesses? What would you like to see changed in a future version?
Reporting on incidents needs improvement. It doesn't give very much information compared to Sophos. Sophos will give you a graphic that you can zoom in on the subject and find out everything that the exploit tried to do. It gives you a visual sense of what is going on. When it does find something I am not 100% sure that they are exploits or if they are false positives. At times, it can be difficult to tell what the problem is. The deployment was a bit difficult. It was more difficult than Sophos, for example, with having to create an installer. I had to read through a lot of documentation to figure it out. It's clunky and cumbersome. In Sophos, I can click what I want and it downloads an installer for each tenant. It just takes seconds. Whereas with Deep Instinct, I have to create a whole script and a lot more steps to deploy it. You have to be more technical to deploy it. You can't just send a file to an end-user and have them install it. You have to have technical expertise. The dashboards are quite primitive compared to Sophos, which is both good and bad. It's good because it's fast. Easier Deployment would be better. More integration with RMMs, such as LabTech or Automate. Also, there should be more optics. When it does something, more information on what's happening would help us to make better decisions.
The Achilles heel in our industry is reporting. I would love to see exceptional, outstanding level of reporting. I know that's like asking for a unicorn to leap out of the sky with any of these products. But reporting is always the thing that it is challenging. Fortunately, because as operators we get information through the dashboard, it hasn't been an issue yet. But for us, to really differentiate and really squeeze the full value out of this with our clients, the reporting is critical. Why is that? When everything works, clients began to wonder: "Everything's fine. Why do we need you?" That's where the reporting capabilities would allow us to really demonstrate: "Hey, here's what's actually going on, Mr. Customer."
If they can bring some additional, complementary solutions, like network scanning and the like, that will help. If they had some sort of a firewall which could help detect DDoS attacks and other things. It's just an extension of what they do, so it would not be just the endpoint. If they can take the technology and make it more useful across the network and add anything that could help improve the work environment, that would be good. I'm watching closely to see what they next bring onboard. But within the product itself, overall I don't see any required improvement because it has a very lightweight agent, it's fast and quick, and it detects everything. I haven't experienced any negativity on the Deep Instinct side. The UI is pretty straightforward. It's very simple. It would be nice to have if there were options where, if I have to do SIEM integration, I could do so from the UI: Just pick and choose what SIEM solutions the customers use and have options to have out-of-the-box connection facility. If I had an option to do SIEM integration out-of-the-box from the user interface, that would be handy.
The Management Console is not localized.
I am looking forward to them adding Linux in Q1 or Q2 of 2019, as this is often requested by my partners and customers. Currently, Deep Instinct only has Windows, Mac, Android, and iOS. At this point, they don't have a local quarantine feature that can be triggered by the agents. It has to be done by whitelisting. Deep Instinct has also said that this will be available in Q2 2019.
I would like to see improvement in the user interface so that the user has more control. For example, it would be good if a user could change their grouping if they want to be part of another group. Or if I want to right-click and scan a specific file that I just imported, that would be helpful. Sometimes you just want to do an extra scan to make sure you're safe.