I use the solution as a SIEM and managed SOC. It collects events and incidents from all our systems like, EDR, NDR, servers, and switches. The managed SOC team raises incidents for us to review and take action on.
The best features are the comprehensive event collection and analysis. Once set up properly, we receive all events and information. The team analyzes our data and presents incidents to us. We can communicate with their team to escalate and resolve incidents. It has a feature we use to search for information about our environment and past incidents. This is very valuable.
The integration capability is very good - the ClearSkies SaaS NG SIEM team is collaborative. We've integrated most of our systems, including EDR and NDR. They have agents to collect events from servers and assets.
The main issue for improvement is the platform's slowness in presenting information. Retrieving information can take a little time when clicking on something.
I have been using the product for five years.
I'm satisfied with how stable the ClearSkies SaaS NG SIEM solution is. It's getting better and better over time.
It's good for scalability in terms of adding assets and collecting more information, but it depends on buying more licenses—so it's scalable with money.
It's a cloud solution, so installation is easy. We don't need to do any maintenance ourselves. When there's maintenance, they send a notification, and we just wait for them to finish the update. The cloud aspect means we don't have to handle any maintenance tasks.
Regarding pricing, I'd say it's in the middle range. Pricing is very good compared to others.
The tool is introducing AI features now, which we're just starting to check out to see how they'll benefit us. We're using some AI features, like real-time analysis and threat intelligence. They also offer vulnerability, identity, and access management, but we're not using those.
I rate the overall product a seven out of ten.
