Try our new research platform with insights from 80,000+ expert users

Arctic Wolf Managed Detection and Response vs Cortex XSIAM comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Binary Defense MDR
Sponsored
Average Rating
9.2
Number of Reviews
15
Ranking in other categories
Managed Detection and Response (MDR) (7th)
Arctic Wolf Managed Detecti...
Average Rating
9.2
Number of Reviews
18
Ranking in other categories
SOC as a Service (1st), Managed Detection and Response (MDR) (2nd)
Cortex XSIAM
Average Rating
9.2
Reviews Sentiment
7.3
Number of Reviews
7
Ranking in other categories
Security Information and Event Management (SIEM) (29th), Identity Threat Detection and Response (ITDR) (10th)
 

Mindshare comparison

Managed Detection and Response (MDR)
Security Information and Event Management (SIEM)
 

Featured Reviews

Rich Ullom - PeerSpot reviewer
May 1, 2023
Worth the money, fantastic communication, and fast service with an average response time of about four minutes on an alert
This is my third SOC. I have never had anybody react as well. So, it's hard for me to provide something that they could do better because I'm really happy with them. I just signed another three-year contract with them. I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine. Consistent staffing is the only challenge they have because when you're hiring level-one analysts, you go through them pretty quickly. You'll probably hire them at 50K or 55K, and after they do it for a year, they find out they can make 85K somewhere else, and they bounce. So, their turnover is a little high, but that's it.
Jared Kruger - PeerSpot reviewer
Oct 11, 2023
Particularly valuable for smaller and mid-sized businesses without a dedicated cybersecurity team
The scalability of this solution is great. It offers user-based licensing, so if there is an increase in the number of IT users, it can easily scale accordingly. In contrast to other solutions that base pricing on data ingestion, which can be challenging as data grows, user count tends to be more predictable, making this model highly scalable. Arctic Wolf is flexible and works with clients to ensure smooth scaling. Our clients for this solution come from a range of business sizes, primarily focusing on small and medium-sized enterprises. We generally don't cater to large enterprises, but instead, our clients typically fall within the medium-sized category, with user counts ranging from 50 to around 3,000.
Forrest Stevens - PeerSpot reviewer
Sep 28, 2023
A robust security operation that ensures achieving automation, stability, and scalability
There is room for improvement in some areas, and I would highlight three key aspects. Firstly, the Attack Surface Management (ASM) module could benefit from more contextual depth. Currently, it tends to provide a broad overview without enriched context, and there's room for enhancement in this regard. Secondly, further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous. This would enhance its versatility and interoperability within a broader ecosystem. Regarding performance, there's potential for optimization. When multiple tabs are open in Cortex XSIAM, it can experience slowdowns, leading to longer load times for web pages. It's worth noting that this isn't a severe issue, and it doesn't entail waiting for extended periods, but there is room for improvement in terms of performance optimization.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Binary Defense has a human service department that provides live monitoring for our systems."
"The customization has been the most valuable aspect and was really the reason we ended up selecting Binary Defense. They worked with us to provide exactly the level of support, features, response, and collaboration we needed."
"The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."
"Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."
"The case interface is Binary Defense MDR's most valuable feature."
"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."
"The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."
"Our mean time to response has gone down. We're much faster with direct response and have more investigative capabilities than we did before."
"Arctic Wolf is our eyes and ears 24/7 because we can't possibly watch all of our alerts. We may see all of these alerts, but our attention is distracted because we're working on other things."
"They have a portal where you can evaluate and mitigate any vulnerabilities that you and your network might have."
"The tool definitely saves money for our company's customers."
"The agents give pretty good visibility into what is happening at the endpoint."
"What's valuable about Arctic Wolf AWN CyberSOC is the cost savings it provides for companies that no longer have to hire a bunch of security people and pay for a SIM."
"Having quarterly meetings with the team to review the last 90 days and determine what if any changes need to be made."
"The most valuable aspect of this solution is the managed detection and response component."
"They provide useful quarterly updates."
"It operates on a single, extensive database which enables it to excel in detecting threats and anomalies across the network and endpoints, delivering a highly effective and comprehensive security solution."
"Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program."
"The most valuable features of Cortex XSIAM are the machine learning used to identify threats, the complexity of the environment of products, and efficiency."
"It does a better job of identifying anomalies that are more likely to be incidents of compromise without as many false positives or false negatives."
"The most valuable feature is the integration capability."
"The automation capabilities significantly improve response times by allowing us to respond to incidents from a single dashboard rather than navigating multiple dashboards."
"It is an effective solution in terms of performance and functionalities."
 

Cons

"I would like to get more reports from Binary Defense about what they're blocking."
"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."
"I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine."
"It's hard to think of anything that they need to improve on, but just to point out something, I would like to see them provide advanced XDR."
"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."
"We should be able to isolate devices faster. They should shorten the time between clicking on a device to contain it and carrying out the action. That would be a welcome improvement."
"The current reporting system could benefit from improvement."
"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."
"More integrations with various security tools to improve data ingestion would be beneficial."
"I would like to see them build the ability to co-sell an EDR platform, manage an EDR or manage the actual response, potentially from the issues that are coming up from the security risks."
"It can sometimes take up to an hour to get notification of a problem and that's a long time."
"It will be helpful if the dashboard is more granular."
"They focus on detecting administrator-level control compromises. Because they're focusing more on administrator-level compromise, they are less able to see if an individual user has been compromised. It is, admittedly, very difficult because they don't know what normal human behavior is. If a hacker compromises a human account and then acts just like the human, how are you ever going to notice, unless you have some inside knowledge of how the company works? For example, they overlook account lockouts on user accounts, whereas in our own alerting system, we do not. We review every account lockout, and if it is bad, we contact the person, whereas they think of that as noise because they're more focused on the administrator-level compromise."
"While it isn't a regular occurrence, there have been some gaps in response to some support questions. Questions get answered, yet there are times it takes longer than I'm comfortable with."
"The implementation process could be a little more streamlined."
"We get a lot of false alarms, but that's because they don't know our network in detail. I think that could be alleviated if we told them more about our network so they could create rules to skip some of those things."
"I am not sure if any improvements are needed right now."
"The platform isn't very developer-friendly and it should provide more flexibility and ease."
"The support could be a bit faster."
"The solution’s pricing and technical support could be improved."
"There is room for improvement in expanding integrations to include more cybersecurity solutions."
"Further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous."
"It could provide more integration with a large variety of products."
 

Pricing and Cost Advice

"After we acquired this platform, we met with a number of different vendors. Binary Defense came in with a proposal that was surprisingly affordable. In fact, we were able to recoup the cost of their services within a short period of time. This is because Binary Defense is able to provide the same level of security as a team of two or three in-house analysts but at a fraction of the cost. As a result, Binary Defense is saving us an estimated $250,000 to $300,000 per year."
"Binary Defense has changed its pricing model from being primarily based on the volume of data to one based on escalations and incidents they handle."
"The solution's price is spot on; if anything, it's slightly below the norm for most services. Compared to building the same team internally, it would cost more to create the same amount of capability than what we get from an external team. Price-wise, Binary Defense is in a great spot."
"Binary Defense MDR is priced competitively and may be slightly lower than CrowdStrike."
"From the initial cost that Binary Defense came in with, we pared it down quite a bit over the course of 30 or 60 days. My leadership would say that their cost was high, but realistically, they were in line with the market."
"It's valued at the right price. Even with the number of endpoints we have, we don't feel that it's a lot more than any competitor. In fact, it might be less expensive when you look at the fact that you're getting a full flex SOC out of it along with the tools."
"The pricing is on target. Working with their sales team on pricing negotiations was a pleasant process. They were very respectful of the constraints we had and I feel that we're paying a fair price."
"The pricing is very good. They are definitely competitive and they were lower at the time that we went with them."
"The pricing is fair."
"The pricing is pretty competitive."
"I find their pricing to be reasonable and competitive."
"It is more expensive than CrowdStrike, but it also has more features. I don't remember the amount, but I do remember that it was on the higher side. I believe we have five sensors, and the sensors have a yearly cost. We don't have any additional costs, but I know that if we have more features, they will add to the cost."
"I rate the tool's pricing a nine out of ten."
"The solution is expensive compared to its competitors."
"Since Palo Alto is trying to get as many new customers as possible, they're offering very competitive pricing."
"The solution comes at a significant cost."
"The product cost could be considered value for money compared to other solutions in the market, though it is quite high."
"In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate."
report
Use our free recommendation engine to learn which Managed Detection and Response (MDR) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Healthcare Company
8%
Financial Services Firm
7%
Manufacturing Company
7%
Computer Software Company
15%
Manufacturing Company
11%
Government
7%
Financial Services Firm
6%
Computer Software Company
14%
Manufacturing Company
11%
Financial Services Firm
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Binary Defense MDR?
The most valuable feature is reviewing tickets and the notes added by technicians.
What is your experience regarding pricing and costs for Binary Defense MDR?
The pricing is very competitive; it's on par with or below others. For those sensitive to pricing, I'd advise that th...
What needs improvement with Binary Defense MDR?
Sometimes, something may not install right; however, whenever we have challenges, they are very solution-oriented and...
What do you like most about Arctic Wolf Managed Detection and Response?
The agents give pretty good visibility into what is happening at the endpoint.
What needs improvement with Arctic Wolf Managed Detection and Response?
I have heard that the tool doesn't go right to the endpoints. With CrowdStrike, I don't think that it is a bad thing ...
What do you like most about Cortex XSIAM?
It is an effective solution in terms of performance and functionalities.
What is your experience regarding pricing and costs for Cortex XSIAM?
We do not deal with licensing. Only the accounts team handles that information.
What needs improvement with Cortex XSIAM?
I am not sure if any improvements are needed right now. The current features are satisfactory, and new features are i...
 

Also Known As

Binary Defense Vision, Binary Defense Managed Detection and Response, Binary Defense Managed Detection & Response
Arctic Wolf AWN CyberSOC
No data available
 

Overview

 

Sample Customers

Securitas USA, Black Hills Energy, Lincoln Electric,The J.M. Smuckers Company, New York Community Bank, State of Connecticut, NCR
Agero, Madison Memorial Hospital, DLZ, Howard LLP, City of Sparks
Information Not Available
Find out what your peers are saying about CrowdStrike, Arctic Wolf Networks, Huntress and others in Managed Detection and Response (MDR). Updated: November 2024.
814,649 professionals have used our research since 2012.