Try our new research platform with insights from 80,000+ expert users

Arctic Wolf Managed Detection and Response vs CRITICALSTART comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Binary Defense MDR
Sponsored
Ranking in Managed Detection and Response (MDR)
7th
Average Rating
9.2
Number of Reviews
15
Ranking in other categories
No ranking in other categories
Arctic Wolf Managed Detecti...
Ranking in Managed Detection and Response (MDR)
2nd
Average Rating
9.2
Number of Reviews
18
Ranking in other categories
SOC as a Service (1st)
CRITICALSTART
Ranking in Managed Detection and Response (MDR)
32nd
Average Rating
9.4
Number of Reviews
10
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (29th)
 

Mindshare comparison

As of November 2024, in the Managed Detection and Response (MDR) category, the mindshare of Binary Defense MDR is 0.6%, up from 0.4% compared to the previous year. The mindshare of Arctic Wolf Managed Detection and Response is 9.8%, down from 10.7% compared to the previous year. The mindshare of CRITICALSTART is 0.8%, down from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Managed Detection and Response (MDR)
 

Featured Reviews

Rich Ullom - PeerSpot reviewer
May 1, 2023
Worth the money, fantastic communication, and fast service with an average response time of about four minutes on an alert
This is my third SOC. I have never had anybody react as well. So, it's hard for me to provide something that they could do better because I'm really happy with them. I just signed another three-year contract with them. I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine. Consistent staffing is the only challenge they have because when you're hiring level-one analysts, you go through them pretty quickly. You'll probably hire them at 50K or 55K, and after they do it for a year, they find out they can make 85K somewhere else, and they bounce. So, their turnover is a little high, but that's it.
Jared Kruger - PeerSpot reviewer
Oct 11, 2023
Particularly valuable for smaller and mid-sized businesses without a dedicated cybersecurity team
The scalability of this solution is great. It offers user-based licensing, so if there is an increase in the number of IT users, it can easily scale accordingly. In contrast to other solutions that base pricing on data ingestion, which can be challenging as data grows, user count tends to be more predictable, making this model highly scalable. Arctic Wolf is flexible and works with clients to ensure smooth scaling. Our clients for this solution come from a range of business sizes, primarily focusing on small and medium-sized enterprises. We generally don't cater to large enterprises, but instead, our clients typically fall within the medium-sized category, with user counts ranging from 50 to around 3,000.
BF
Aug 17, 2020
Offers the ability to close review tickets or alerts through a mobile phone and to interact with engineers on their side via the app
They could dig a little bit deeper into the Splunk alerts when they feel like they need to be escalated to us. For example, if a locked account shows up, they could do a little extra digging to verify that the locked account was due to a bad password on the local system. They could just do a little extra digging within the Splunk environment instead of pushing it onto us to go do that extra little digging. We actually created dashboards for our help desk group to be able to hunt down locked down accounts. We've asked CRITICALSTART to start using that as a means of validating the lockdown accounts before they just start escalating them to us. If we go down the endpoint protection route, then I could probably have other input after I've used that for a while.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."
"The customization has been the most valuable aspect and was really the reason we ended up selecting Binary Defense. They worked with us to provide exactly the level of support, features, response, and collaboration we needed."
"The best part about Binary Defense MDR is that it runs on everything, and they keep an eye on things 24/7."
"Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."
"Our mean time to response has gone down. We're much faster with direct response and have more investigative capabilities than we did before."
"The case interface is Binary Defense MDR's most valuable feature."
"The most valuable features are the SIEM and the ticketing function; the latter is very smooth and easy to read and understand. We don't have any issues looking at the ticketing information when we're trying to identify what's going on."
"The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."
"Having quarterly meetings with the team to review the last 90 days and determine what if any changes need to be made."
"Arctic Wolf is laser-focused on providing top-notch customer service."
"The product provides integrations with several different SaaS applications."
"We can effectively manage the massive amounts of security data that we receive from various sources such as firewalls, switches, endpoints, and other log sources."
"What's valuable about Arctic Wolf AWN CyberSOC is the cost savings it provides for companies that no longer have to hire a bunch of security people and pay for a SIM."
"The tool's most valuable feature is its ease of implementation."
"They have a portal where you can evaluate and mitigate any vulnerabilities that you and your network might have."
"They provide useful quarterly updates."
"There is a team of people who monitor our traffic and processes 24/7, so if anything raises a flag or alert, it will escalate back to me right away. That's the most incredible part: Humans working behind the scenes 24/7 to monitor our networks."
"The most valuable feature of their service is their tuning... If we were getting 1,000 alerts a day without them, they tune it until they know what to do for 999 of them, and one will make it through to us per day. That tuning is the most valuable part of their solution."
"The main difference between the other options and this one is the quality of the personnel within the SOC. It's their knowledge and depth and the way they handle customers."
"The quick interaction between the agents is the most valuable feature. If we have questions, they're quick to answer. If we make a change to our system, they quickly make the changes that are necessary to filter the logs correctly."
"Outside of using the platform to manage alerts, the feature of the service that we get the most value from is being able to reach out to them and say, "Hey, we might go buy a SIEM," for example. They give us their overview of what's out there, what they've dealt with, what they integrate with, and what that looks like. That's been pretty powerful over the years for us."
"Their Zero Trust Analytics Platform (ZTAP) engine, which is kind of their correlation engine, is by far and away one of the best in the business. We can filter and utilize different lists to build out different alerts, such as, what to alert on and when not to alert. This engine helps reduce our number of alerts and false positives."
"Customer service and their response are phenomenal. I would give their customer support a nine point five (out of 10). Our easy access to their SOC analyst, sales team, and leadership team instills confidence in me that they are there for us 24/7."
"From where we were prior to going into them, the service has increased our analysts’ efficiency to the point that they can focus on other areas of the business. It gives me the ability to allow analysts to do Level 3 and 4 work and stay out of the weeds of the alerts, where you tend to get alert fatigue. The service takes care of much of the Tier 1 and Tier 2 triage. It is more effective than what we had been used to, because it allows the filtering of Level 1 and Level 2 type alerts to be taken care of. This leaves less for us to handle, which is a good thing."
 

Cons

"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."
"The current reporting system could benefit from improvement."
"It's hard to think of anything that they need to improve on, but just to point out something, I would like to see them provide advanced XDR."
"The only area I see for improvement with Binary Defense is their service portal. It could benefit from some enhancements."
"I would like to see more frequent check-ins with our security status."
"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."
"While my understanding is that they're working on this, I would like to see some more of the quantification or reporting."
"We found a couple of bugs in the user interface."
"They could probably expand on their integration tools. They can integrate with more security tools."
"While it isn't a regular occurrence, there have been some gaps in response to some support questions. Questions get answered, yet there are times it takes longer than I'm comfortable with."
"Arctic Wolf Managed Detection and Response's analysis and remediation parts could be improved. It's not bad, but it needs improvement."
"They focus on detecting administrator-level control compromises. Because they're focusing more on administrator-level compromise, they are less able to see if an individual user has been compromised. It is, admittedly, very difficult because they don't know what normal human behavior is. If a hacker compromises a human account and then acts just like the human, how are you ever going to notice, unless you have some inside knowledge of how the company works? For example, they overlook account lockouts on user accounts, whereas in our own alerting system, we do not. We review every account lockout, and if it is bad, we contact the person, whereas they think of that as noise because they're more focused on the administrator-level compromise."
"It can sometimes take up to an hour to get notification of a problem and that's a long time."
"We need an easier way to audit and act on agents."
"I would actually be interested in having fewer features at a lower price."
"The implementation process could be a little more streamlined."
"The only thing I can think of that I would like to see, and I'm sure they could work this into a service pretty easily, is not only alerts on issues that are affecting my company, but some threat intelligence of a general nature on what's out there in the environment. That might be a nice add-in."
"It has frustrated us that they don't have a native Slack integration, because most things do now. That's something we've asked for, for years, and it just doesn't really seem like it's a priority."
"The biggest room for improvement is not necessarily in their service or offering, but in the products that they support. I would like them to further their knowledge and ability to integrate with those tools. They have base integrations with everything, and we haven't come across anything. They should just continue to build on that API interface between their applications and other third-party consoles."
"In terms of responsiveness, when I open up an alert, sometimes it takes a bit of time to load. However, it only happened once or twice."
"During the six-month integration and rollout, there were some bumpy roads along the way. There were communication breakdowns between the project manager, CRITICALSTART leadership, and us (as the customer). I expressed my displeasure during the integration in their inability to effectively communicate when there were holdups or issues. They were going through some growing pains at that time, but they have been right there for us ever since."
"The UI has become slower but it's not something I would call them out on."
"They could dig a little bit deeper into the Splunk alerts when they feel like they need to be escalated to us. For example, if a locked account shows up, they could do a little extra digging to verify that the locked account was due to a bad password on the local system. They could just do a little extra digging within the Splunk environment instead of pushing it onto us to go do that extra little digging."
"They just did a user interface overhaul to the website portal that you use for troubleshooting tickets. The old one was fine. The new one is not intuitive..."
 

Pricing and Cost Advice

"It's valued at the right price. Even with the number of endpoints we have, we don't feel that it's a lot more than any competitor. In fact, it might be less expensive when you look at the fact that you're getting a full flex SOC out of it along with the tools."
"The pricing is very good. They are definitely competitive and they were lower at the time that we went with them."
"From the initial cost that Binary Defense came in with, we pared it down quite a bit over the course of 30 or 60 days. My leadership would say that their cost was high, but realistically, they were in line with the market."
"The pricing isn't that bad, it's very competitive. I don't feel that it's over-priced and I don't feel that it's under-priced."
"The pricing is on target. Working with their sales team on pricing negotiations was a pleasant process. They were very respectful of the constraints we had and I feel that we're paying a fair price."
"Binary Defense MDR is priced competitively and may be slightly lower than CrowdStrike."
"The solution's price is spot on; if anything, it's slightly below the norm for most services. Compared to building the same team internally, it would cost more to create the same amount of capability than what we get from an external team. Price-wise, Binary Defense is in a great spot."
"Binary Defense has changed its pricing model from being primarily based on the volume of data to one based on escalations and incidents they handle."
"I find their pricing to be reasonable and competitive."
"The pricing is fair."
"I rate the tool's pricing a nine out of ten."
"The pricing is pretty competitive."
"It is more expensive than CrowdStrike, but it also has more features. I don't remember the amount, but I do remember that it was on the higher side. I believe we have five sensors, and the sensors have a yearly cost. We don't have any additional costs, but I know that if we have more features, they will add to the cost."
"The pricing has always been competitive. They have always been good to us. They will make it a fight. They don't try to hide anything; it's always been fully transparent and well-worth what we pay for it."
"There are contractual penalties if their SLAs are not met. This commitment was very important in our decision to go with this service, because not having downtime is extremely important to us. The providers has not missed an SLA in the 18 months that I have worked with them."
"I've told CRITICALSTART that I think the managed service they provide is cheaper than it should be. It's a really good deal."
"It costs a lot for what we felt comfortable to spend."
"The pricing of other services was so insane that they weren't even an option."
"Overall, for what I'm paying for it, and the benefit I'm getting out of it, it is right where it needs to be, if not a little bit in my favor. For what it costs me to actually have this service, I could afford one internal person to do that job, but now I have a team of 10 or more who are doing that job, and they don't sleep because they work shifts."
"As far as the expense goes, it's very competitive pricing and the services you get are almost like you have a person on your team."
report
Use our free recommendation engine to learn which Managed Detection and Response (MDR) solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Healthcare Company
8%
Financial Services Firm
7%
Manufacturing Company
7%
Computer Software Company
15%
Manufacturing Company
11%
Government
7%
Financial Services Firm
6%
Computer Software Company
14%
Financial Services Firm
10%
Healthcare Company
9%
Retailer
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Binary Defense MDR?
The most valuable feature is reviewing tickets and the notes added by technicians.
What is your experience regarding pricing and costs for Binary Defense MDR?
The pricing is very competitive; it's on par with or below others. For those sensitive to pricing, I'd advise that th...
What needs improvement with Binary Defense MDR?
Sometimes, something may not install right; however, whenever we have challenges, they are very solution-oriented and...
What do you like most about Arctic Wolf Managed Detection and Response?
The agents give pretty good visibility into what is happening at the endpoint.
What needs improvement with Arctic Wolf Managed Detection and Response?
I have heard that the tool doesn't go right to the endpoints. With CrowdStrike, I don't think that it is a bad thing ...
Ask a question
Earn 20 points
 

Also Known As

Binary Defense Vision, Binary Defense Managed Detection and Response, Binary Defense Managed Detection & Response
Arctic Wolf AWN CyberSOC
Critical Start, CriticalStart
 

Overview

 

Sample Customers

Securitas USA, Black Hills Energy, Lincoln Electric,The J.M. Smuckers Company, New York Community Bank, State of Connecticut, NCR
Agero, Madison Memorial Hospital, DLZ, Howard LLP, City of Sparks
Information Not Available
Find out what your peers are saying about Arctic Wolf Managed Detection and Response vs. CRITICALSTART and other solutions. Updated: October 2024.
814,763 professionals have used our research since 2012.