CRITICALSTART Reviews

Name: CRITICALSTART
Brand: Critical Start
Rating: 4.7 (10 reviews)

4.7 out of 5

10 reviews
100% willing to recommend

What is CRITICALSTART?

The cybersecurity landscape is growing more complex by the day with the arrival of new threats and new tools supposedly designed for combating them. The problem is it’s all creating more noise and confusion for security professionals to sort through.

Get the CRITICALSTART Buyer's Guide and find out what your peers are saying about CRITICALSTART, ServiceNow Security Operations and more!

CRITICALSTART is the #31 ranked solution in SOAR tools and #32 ranked solution in top Managed Detection and Response (MDR) solutions. PeerSpot users give CRITICALSTART an average rating of 9.4 out of 10. CRITICALSTART is most commonly compared to ServiceNow Security Operations: CRITICALSTART vs ServiceNow Security Operations. CRITICALSTART is popular among the large enterprise segment, accounting for 63% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 15% of all views.

Helped 831,158 peers since 2012

Featured reviews

Preston Broesche

Director of Information Technology at Kirby Corporation

The Trusted Behavior Registry helps resolve alerts in the sense that CRITICALSTART is doing a lot of that initial triage for me. Out of a given 500,000 events and alerts, for example, that come through, they're taking out 495,000 of them. That only leaves me with a subset of that to actually have to triage, and that's where it benefits us. They take care of Tier-1 and Tier-2 triage. And the new mobile app is awesome. It is one of the best I've ever seen. It's much better than its predecessor. It's more intuitive, a whole lot easier to navigate and get where you need to go. It's less repetitive and just generally easier to use. It allows me to not have to be sitting at my computer all the time. I can be on my phone or tablet or wherever I'm at. It makes it a lot easier to answer tickets and do that kind of thing. Also, the intuitiveness of the updated user interface for the service is spot-on. It is much easier to navigate, and know where to navigate, in the newer interface. I've never had an issue with responsiveness. It's very quick and doesn't sit there and chug on anything. It's fast, it's efficient. It has enabled our SecOps team to take action faster because if you have multiple ways of connecting to it and actually getting your alerts answered and taking care of things fast, it is extremely helpful. All the information that you need to make a determination is usually in the alert itself that comes through the Zero-Trust Analytics Platform (ZTAP). I don't find myself going back to the app itself very often. That still happens, but not as often. The ability to flow the information forward, from the alert standpoint, helps me because it saves me from running back to get the information. It's improved my efficiency. Finally, there haven't been any data sources that the service wasn't able to integrate with.

Read full review

Justin Hadley

Sr. Manager, Security Engineering at a financial services firm with 501-1,000 employees

Their Zero Trust Analytics Platform (ZTAP) engine, which is kind of their correlation engine, is by far and away one of the best in the business. We can filter and utilize different lists to build out different alerts, such as, what to alert on and when not to alert. This engine helps reduce our number of alerts and false positives. The service's Trusted Behavior Registry helps the provider solve every alert. The way that they have it built out is very intelligent. The way every alert comes in, it gets triaged one direction or another. If it is already a false positive, then it is still getting addressed and reviewed on a regular cadence. Also, true positive alerts get escalated to the appropriate personnel. Its mobile app is great. The ability just to be able to quick reference and see what's coming in when you're on the move or go. You don't always need to have your computer or laptop handy, because you can operate it just from the mobile app. It can communicate with analysts, which is great. The mobile app is great at affecting the efficiency of our security operations. Those guys are using it throughout the day, whether that be at the office, home, or off hours. Typically, they triage from the mobile app. Then, if an escalation needs to be done on a computer, they will pull out a computer. We were on the original UI for a few years, so the updated UI has been a refreshing change. It has significantly more ability to filter and translate data, then load that data. It is rather intuitive to click through for some of our junior analysts or interns, especially as we are starting to onboard and teach them different aspects of the security operations team.

Read full review

Charles F.

Senior Director of IT Security at a financial services firm with 501-1,000 employees

Our analysts do like getting into the console more than they like getting into the mobile app. We have questioned them on the level of an alert and why alerts have come in lower than we would had anticipated them, e.g., it was maybe a medium instead of a high or medium instead of a critical. We have a lot of homegrown applications, and we don't push a lot of those data sources to them. We are kind of a unique outfit in that way. So, there are some data sources that the service wasn’t able to integrate with. We're working on having the service be able to ingest them through a SIEM and provide us access right now. They will be storing some of those logs for us. From a project management standpoint, better communication was needed with the customer during the setup/project phase. I have expressed that, and they have understood this. They have tried to make corrective actions.

Read full review

CRITICALSTART mindshare

As of January 2025, the mindshare of CRITICALSTART in the Security Orchestration Automation and Response (SOAR) category stands at 0.3%, up from 0.2% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Security Orchestration Automation and Response (SOAR)

PeerAnalyst reports

Type	Title	Date
Category	Security Orchestration Automation and Response (SOAR)	Jan 21, 2025	Download
Product	Reviews, tips, and advice from real users	Jan 21, 2025	Download
Comparison	CRITICALSTART vs Microsoft Sentinel	Jan 21, 2025	Download
Comparison	CRITICALSTART vs Palo Alto Networks Cortex XSOAR	Jan 21, 2025	Download
Comparison	CRITICALSTART vs Splunk SOAR	Jan 21, 2025	Download

Title	Rating	Mindshare	Recommending
ServiceNow Security Operations	4.0	4.5%	94%	19 interviews Add to research

Valuable Features

CRITICALSTART's key features include efficient alert management, trusted behavior registry, responsive SOC, and intuitive user interface. Their Zero-Trust model enhances security by filtering out unnecessary alerts. The mobile app allows users to manage alerts remotely, increasing flexibility and efficiency. Their quick responses and proactive tuning ensure reduced alerts and streamlined communication. The service facilitates reduced Tier-1 and Tier-2 workload, enabling SecOps teams to focus on critical tasks and improve overall security posture.

"Their Zero Trust Analytics Platform (ZTAP) engine, which is kind of their correlation engine, is by far and away one of the best in the business. We can filter and utilize different lists to build out different alerts, such as, what to alert on and when not to alert. This engine helps reduce our number of alerts and false positives."
"The way that the user interface presents data enables our team to be able to make decisions significantly quicker, rather than have to dig into the details or go back to the original tools."
"The most valuable feature of their service is their tuning... If we were getting 1,000 alerts a day without them, they tune it until they know what to do for 999 of them, and one will make it through to us per day. That tuning is the most valuable part of their solution."

Room for Improvement

CRITICALSTART has several areas for improvement. Users express frustration with non-priority alerts and lack of Slack integration. They find the user interface unintuitive and desire more intuitive design and a monthly report on changes. There are challenges integrating with certain data sources and improving Splunk alert analysis. Users seek enhanced internal compliance and data security disclosures and desire threat intelligence. Additionally, issues with project communication and responsiveness, including a slow UI, have been noted.

"The biggest room for improvement is not necessarily in their service or offering, but in the products that they support. I would like them to further their knowledge and ability to integrate with those tools. They have base integrations with everything, and we haven't come across anything. They should just continue to build on that API interface between their applications and other third-party consoles."
"They just did a user interface overhaul to the website portal that you use for troubleshooting tickets. The old one was fine. The new one is not intuitive..."
"The only thing I can think of that I would like to see, and I'm sure they could work this into a service pretty easily, is not only alerts on issues that are affecting my company, but some threat intelligence of a general nature on what's out there in the environment. That might be a nice add-in."

ROI

CRITICALSTART offers substantial financial savings and operational efficiency. Clients express immense satisfaction with its cost-effectiveness, noting significant reductions in resource requirements compared to establishing an in-house SOC. They observe improved management of alerts and log centralization, which enhances security oversight. Their teams experience enhanced work-life balance due to reduced alert burdens while benefiting from responsive and professional support. Trusted Behavior Registry effectively filters millions of alerts, saving extensive hours weekly for the teams involved.

Pricing

CRITICALSTART's pricing is considered competitive and fair by enterprise users, who appreciate the transparent and aggressive value offered. While some feel the managed services are cheaper than expected, others note it costs more than comfortable, but the benefits justify the expenses. The contracts include SLAs, ensuring reliable service, and customers value their commitment to meeting service expectations. Pricing creativity and negotiation opportunities are highlighted as positive aspects, making them a strong choice against competitors.

"The pricing has always been competitive. They have always been good to us. They will make it a fight. They don't try to hide anything; it's always been fully transparent and well-worth what we pay for it."
"The pricing of other services was so insane that they weren't even an option."
"Overall, for what I'm paying for it, and the benefit I'm getting out of it, it is right where it needs to be, if not a little bit in my favor. For what it costs me to actually have this service, I could afford one internal person to do that job, but now I have a team of 10 or more who are doing that job, and they don't sleep because they work shifts."

Popular Use Cases

CRITICALSTART's primary function is managing high-volume alerts, minimizing false positives, and optimizing monitoring systems. Organizations use it for 24/7 management of SIEM tools like Splunk and endpoint solutions such as Cylance and Carbon Black. They benefit from its ability to relieve in-house teams from alert overload and enhance cybersecurity measures. By integrating with existing cybersecurity tools, companies achieve better threat detection, allowing internal teams to focus on critical issues.

Service and Support

CRITICALSTART customer service is rated highly for responsiveness and availability. They provide 24/7 access to real professionals, facilitating effective issue resolution. Communication via tools, email, and phone ensures quick responses. Users appreciate the knowledgeable support team, describing interactions as positive and timely. Project management has seen improvements, meeting deadlines and budget requirements. Technical support is considered excellent, offering clear assistance, even during challenging scenarios. The team's focus on customer needs enhances trust and confidence in their support services.

Deployment

Users generally found CRITICALSTART's initial setup to be straightforward, although the full integration process varied from a few weeks to several months. Some experienced communication challenges during onboarding, requiring additional support. The setup involved minimal local configuration and was often aided by CRITICALSTART's team. Users had to adjust settings and perform tuning post-setup to achieve optimal results. Over time, CRITICALSTART's project management improved, addressing early issues and streamlining the process.

Scalability

CRITICALSTART shows varying adoption levels. Some prioritize other tasks, yet the upgrade is increasing due to less pressing priorities. Full adoption with extensive endpoint coverage is achieved, though some growth areas remain unexplored. Plans for increased use are on hold, continuing current satisfaction. Successful deployment across expansion sites impresses users. Interest in broadening functionality with favorable pricing exists, particularly in comprehensive management beyond endpoint protection. Users include security, sysadmin, and network operations teams.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our CRITICALSTART Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

15%

Healthcare Company

10%

Financial Services Firm

10%

Retailer

Real Estate/Law Firm

Energy/Utilities Company

Manufacturing Company

University

Legal Firm

Educational Organization

Comms Service Provider

Insurance Company

Hospitality Company

Government

Wholesaler/Distributor

Logistics Company

Media Company

Outsourcing Company

Pharma/Biotech Company

Mining And Metals Company

Non Profit

Construction Company

Consumer Goods Company

Maritime Company

Recreational Facilities/Services Company

Transportation Company

Compare CRITICALSTART with alternative products

Learn more about CRITICALSTART

CRITICALSTART is the only MDR provider committed to eliminating acceptable risk and leaving nothing to chance. They believe that companies should never have to settle for “good enough.” Their award-winning portfolio includes end-to-end Professional Services and Managed Detection and Response (MDR). CRITICALSTART MDR puts a stop to alert fatigue by leveraging the Zero Trust Analytics Platform (ZTAP) plus the industry-leading Trusted Behavior Registry, which eliminates false positives at scale by resolving known-good behaviors. Driven by 24x7x365 human-led, end-to-end monitoring, investigation and remediation of alerts, their on-the-go threat detection and response capabilities are enabled via a fully interactive MOBILESOCapp.

CRITICALSTART was previously known as Critical Start, CriticalStart.