Try our new research platform with insights from 80,000+ expert users

Arctic Wolf Managed Detection and Response vs CRITICALSTART comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Binary Defense MDR
Sponsored
Ranking in Managed Detection and Response (MDR)
7th
Average Rating
9.2
Number of Reviews
16
Ranking in other categories
No ranking in other categories
Arctic Wolf Managed Detecti...
Ranking in Managed Detection and Response (MDR)
2nd
Average Rating
9.2
Reviews Sentiment
10.0
Number of Reviews
19
Ranking in other categories
SOC as a Service (1st)
CRITICALSTART
Ranking in Managed Detection and Response (MDR)
32nd
Average Rating
9.4
Number of Reviews
10
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (29th)
 

Mindshare comparison

As of November 2024, in the Managed Detection and Response (MDR) category, the mindshare of Binary Defense MDR is 0.6%, up from 0.4% compared to the previous year. The mindshare of Arctic Wolf Managed Detection and Response is 9.8%, down from 10.7% compared to the previous year. The mindshare of CRITICALSTART is 0.8%, down from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Managed Detection and Response (MDR)
 

Featured Reviews

Rich Ullom - PeerSpot reviewer
Worth the money, fantastic communication, and fast service with an average response time of about four minutes on an alert
This is my third SOC. I have never had anybody react as well. So, it's hard for me to provide something that they could do better because I'm really happy with them. I just signed another three-year contract with them. I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine. Consistent staffing is the only challenge they have because when you're hiring level-one analysts, you go through them pretty quickly. You'll probably hire them at 50K or 55K, and after they do it for a year, they find out they can make 85K somewhere else, and they bounce. So, their turnover is a little high, but that's it.
Jared Kruger - PeerSpot reviewer
Particularly valuable for smaller and mid-sized businesses without a dedicated cybersecurity team
The scalability of this solution is great. It offers user-based licensing, so if there is an increase in the number of IT users, it can easily scale accordingly. In contrast to other solutions that base pricing on data ingestion, which can be challenging as data grows, user count tends to be more predictable, making this model highly scalable. Arctic Wolf is flexible and works with clients to ensure smooth scaling. Our clients for this solution come from a range of business sizes, primarily focusing on small and medium-sized enterprises. We generally don't cater to large enterprises, but instead, our clients typically fall within the medium-sized category, with user counts ranging from 50 to around 3,000.
reviewer1395576 - PeerSpot reviewer
Offers the ability to close review tickets or alerts through a mobile phone and to interact with engineers on their side via the app
They could dig a little bit deeper into the Splunk alerts when they feel like they need to be escalated to us. For example, if a locked account shows up, they could do a little extra digging to verify that the locked account was due to a bad password on the local system. They could just do a little extra digging within the Splunk environment instead of pushing it onto us to go do that extra little digging. We actually created dashboards for our help desk group to be able to hunt down locked down accounts. We've asked CRITICALSTART to start using that as a means of validating the lockdown accounts before they just start escalating them to us. If we go down the endpoint protection route, then I could probably have other input after I've used that for a while.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Our mean time to response has gone down. We're much faster with direct response and have more investigative capabilities than we did before."
"The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."
"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."
"The best part about Binary Defense MDR is that it runs on everything, and they keep an eye on things 24/7."
"Binary Defense has a human service department that provides live monitoring for our systems."
"Binary Defense is comprehensive. We see most of the questionable activity. Once you see things a couple of times and are familiar with the processes, you know what those are. The level of activity is definitely favorable."
"One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."
"The case interface is Binary Defense MDR's most valuable feature."
"Arctic Wolf is our eyes and ears 24/7 because we can't possibly watch all of our alerts. We may see all of these alerts, but our attention is distracted because we're working on other things."
"The product provides integrations with several different SaaS applications."
"Arctic Wolf is laser-focused on providing top-notch customer service."
"We can effectively manage the massive amounts of security data that we receive from various sources such as firewalls, switches, endpoints, and other log sources."
"The integration between Cisco AMPs and the Windows servers is most valuable. So, they can also sandbox machines on which they see something suspicious."
"Security protection is the best feature of this product."
"The most valuable feature was its cost-effectiveness compared to the alternatives."
"The agents give pretty good visibility into what is happening at the endpoint."
"There are two parts of CRITICALSTART's services that are most valuable to us. The MDR solution where they monitor our computers, laptops, and users across the board; and their knowledge of Palo Alto firewalls."
"The new mobile app is awesome. It is one of the best I've ever seen. It's much better than its predecessor. It's more intuitive, a whole lot easier to navigate and get where you need to go. It's less repetitive and just generally easier to use. It allows me to not have to be sitting at my computer all the time. I can be on my phone or tablet or wherever I'm at. It makes it a lot easier to answer tickets and do that kind of thing."
"I also use their mobile app. It's very easy to use and very convenient to be able to respond to alerts wherever you are. I love the app. You can respond and communicate, per ticket, with their SOC in near real-time. The response is very quick."
"Outside of using the platform to manage alerts, the feature of the service that we get the most value from is being able to reach out to them and say, "Hey, we might go buy a SIEM," for example. They give us their overview of what's out there, what they've dealt with, what they integrate with, and what that looks like. That's been pretty powerful over the years for us."
"The main difference between the other options and this one is the quality of the personnel within the SOC. It's their knowledge and depth and the way they handle customers."
"Customer service and their response are phenomenal. I would give their customer support a nine point five (out of 10). Our easy access to their SOC analyst, sales team, and leadership team instills confidence in me that they are there for us 24/7."
"Their Zero Trust Analytics Platform (ZTAP) engine, which is kind of their correlation engine, is by far and away one of the best in the business. We can filter and utilize different lists to build out different alerts, such as, what to alert on and when not to alert. This engine helps reduce our number of alerts and false positives."
"The way that the user interface presents data enables our team to be able to make decisions significantly quicker, rather than have to dig into the details or go back to the original tools."
 

Cons

"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."
"We should be able to isolate devices faster. They should shorten the time between clicking on a device to contain it and carrying out the action. That would be a welcome improvement."
"We found a couple of bugs in the user interface."
"I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine."
"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."
"The current reporting system could benefit from improvement."
"Binary Defense MDR could be even better with additional features, like automatic scans and file quarantine."
"I would like to see more frequent check-ins with our security status."
"I have heard that the tool doesn't go right to the endpoints."
"We need an easier way to audit and act on agents."
"I would actually be interested in having fewer features at a lower price."
"It would be great if the whole process of determining vendor risk could be simplified by Arctic Wolf."
"I can't think of any specific features that they need to add at the moment. As long as they continue to develop new solutions to support different operating systems and technologies, we are satisfied with their service. We appreciate the effort they put into adding new features and functionality to their service and believe they are doing a great job in providing us with all the necessary tools and resources to stay secure."
"It will be helpful if the dashboard is more granular."
"If you are not in the security field, this can be difficult to figure out from time to time."
"They focus on detecting administrator-level control compromises. Because they're focusing more on administrator-level compromise, they are less able to see if an individual user has been compromised. It is, admittedly, very difficult because they don't know what normal human behavior is. If a hacker compromises a human account and then acts just like the human, how are you ever going to notice, unless you have some inside knowledge of how the company works? For example, they overlook account lockouts on user accounts, whereas in our own alerting system, we do not. We review every account lockout, and if it is bad, we contact the person, whereas they think of that as noise because they're more focused on the administrator-level compromise."
"The updated UI is actually pretty bad. Regarding the intuitiveness, it is fairly easy to use, but the responsiveness, on a scale of one to 10, is a one. It's really poor performance."
"During the six-month integration and rollout, there were some bumpy roads along the way. There were communication breakdowns between the project manager, CRITICALSTART leadership, and us (as the customer). I expressed my displeasure during the integration in their inability to effectively communicate when there were holdups or issues. They were going through some growing pains at that time, but they have been right there for us ever since."
"In terms of responsiveness, when I open up an alert, sometimes it takes a bit of time to load. However, it only happened once or twice."
"The only thing I can think of that I would like to see, and I'm sure they could work this into a service pretty easily, is not only alerts on issues that are affecting my company, but some threat intelligence of a general nature on what's out there in the environment. That might be a nice add-in."
"They could dig a little bit deeper into the Splunk alerts when they feel like they need to be escalated to us. For example, if a locked account shows up, they could do a little extra digging to verify that the locked account was due to a bad password on the local system. They could just do a little extra digging within the Splunk environment instead of pushing it onto us to go do that extra little digging."
"The biggest room for improvement is not necessarily in their service or offering, but in the products that they support. I would like them to further their knowledge and ability to integrate with those tools. They have base integrations with everything, and we haven't come across anything. They should just continue to build on that API interface between their applications and other third-party consoles."
"There is room for improvement with the new UI, and that's about it. I would like to see a more intuitive design."
"The UI has become slower but it's not something I would call them out on."
 

Pricing and Cost Advice

"Binary Defense has changed its pricing model from being primarily based on the volume of data to one based on escalations and incidents they handle."
"It's valued at the right price. Even with the number of endpoints we have, we don't feel that it's a lot more than any competitor. In fact, it might be less expensive when you look at the fact that you're getting a full flex SOC out of it along with the tools."
"Binary Defense MDR is priced competitively and may be slightly lower than CrowdStrike."
"From the initial cost that Binary Defense came in with, we pared it down quite a bit over the course of 30 or 60 days. My leadership would say that their cost was high, but realistically, they were in line with the market."
"After we acquired this platform, we met with a number of different vendors. Binary Defense came in with a proposal that was surprisingly affordable. In fact, we were able to recoup the cost of their services within a short period of time. This is because Binary Defense is able to provide the same level of security as a team of two or three in-house analysts but at a fraction of the cost. As a result, Binary Defense is saving us an estimated $250,000 to $300,000 per year."
"The solution's price is spot on; if anything, it's slightly below the norm for most services. Compared to building the same team internally, it would cost more to create the same amount of capability than what we get from an external team. Price-wise, Binary Defense is in a great spot."
"The pricing isn't that bad, it's very competitive. I don't feel that it's over-priced and I don't feel that it's under-priced."
"The pricing is on target. Working with their sales team on pricing negotiations was a pleasant process. They were very respectful of the constraints we had and I feel that we're paying a fair price."
"I find their pricing to be reasonable and competitive."
"It is more expensive than CrowdStrike, but it also has more features. I don't remember the amount, but I do remember that it was on the higher side. I believe we have five sensors, and the sensors have a yearly cost. We don't have any additional costs, but I know that if we have more features, they will add to the cost."
"I rate the tool's pricing a nine out of ten."
"The pricing is fair."
"The pricing is pretty competitive."
"Overall, for what I'm paying for it, and the benefit I'm getting out of it, it is right where it needs to be, if not a little bit in my favor. For what it costs me to actually have this service, I could afford one internal person to do that job, but now I have a team of 10 or more who are doing that job, and they don't sleep because they work shifts."
"It costs a lot for what we felt comfortable to spend."
"The pricing of other services was so insane that they weren't even an option."
"The pricing has always been competitive. They have always been good to us. They will make it a fight. They don't try to hide anything; it's always been fully transparent and well-worth what we pay for it."
"I've told CRITICALSTART that I think the managed service they provide is cheaper than it should be. It's a really good deal."
"As far as the expense goes, it's very competitive pricing and the services you get are almost like you have a person on your team."
"There are contractual penalties if their SLAs are not met. This commitment was very important in our decision to go with this service, because not having downtime is extremely important to us. The providers has not missed an SLA in the 18 months that I have worked with them."
report
Use our free recommendation engine to learn which Managed Detection and Response (MDR) solutions are best for your needs.
816,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Healthcare Company
8%
Financial Services Firm
7%
Manufacturing Company
7%
Computer Software Company
15%
Manufacturing Company
11%
Government
7%
Financial Services Firm
6%
Computer Software Company
14%
Financial Services Firm
11%
Healthcare Company
9%
Retailer
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Binary Defense MDR?
The most valuable feature is reviewing tickets and the notes added by technicians.
What is your experience regarding pricing and costs for Binary Defense MDR?
The pricing is very competitive; it's on par with or below others. For those sensitive to pricing, I'd advise that th...
What needs improvement with Binary Defense MDR?
Sometimes, something may not install right; however, whenever we have challenges, they are very solution-oriented and...
What do you like most about Arctic Wolf Managed Detection and Response?
The agents give pretty good visibility into what is happening at the endpoint.
What needs improvement with Arctic Wolf Managed Detection and Response?
I have heard that the tool doesn't go right to the endpoints. With CrowdStrike, I don't think that it is a bad thing ...
Ask a question
Earn 20 points
 

Also Known As

Binary Defense Vision, Binary Defense Managed Detection and Response, Binary Defense Managed Detection & Response
Arctic Wolf AWN CyberSOC
Critical Start, CriticalStart
 

Overview

 

Sample Customers

Securitas USA, Black Hills Energy, Lincoln Electric,The J.M. Smuckers Company, New York Community Bank, State of Connecticut, NCR
Agero, Madison Memorial Hospital, DLZ, Howard LLP, City of Sparks
Information Not Available
Find out what your peers are saying about Arctic Wolf Managed Detection and Response vs. CRITICALSTART and other solutions. Updated: October 2024.
816,406 professionals have used our research since 2012.