Deep Instinct Prevention Platform Reviews

The product helps to identify undetected advanced search behaviors and IDS/IPS. Sometimes, it detects low-severity and high-level threats. Normally, you won't have a use case built for low-detection purposes, especially for minor things, like LOLBAS binaries. Deep Instinct Prevention Platform identifies threats to the organization at a very early stage.

The solution's stability is good. If the tool was able to provide fine-tuning capabilities from the product's end depending on the environment of its user, then it would be a good improvement in the solution. The product can build prebuilt binaries for major providers, like infra or telecom agencies, who can fine-tune it according to the environments so that they know what applications are considered normal and what is considered abnormal. The tool provides additional support for areas like whitelisting and allowlisting, but it will be very useful to quickly deploy the tool in an environment if it comes in a prebuilt binary package.

I have been using Deep Instinct Prevention Platform for three and a half years.

Deep Instinct Prevention Platform did not initially provide me with an impression of its stability part. Over a certain time period of around three months, I saw that the tool understood our company's environment, after which the solution was able to provide us with critical alerts that were not picked up by the other products. The product initially required a lot of work and fine-tuning. After the product is fine-tuned, it works properly. The solution was able to provide some alerts that are not detected by other products in our company's environment.

Deep Instinct Prevention Platform is deployed on a cloud model, so there are no issues with the scalability part of the product. The product can be scaled up and scaled down. The only thing my company does is that we put the agents in the endpoints, which need to be analyzed.

My company operates as an MSSP provider, so the tool is used by three or four clients. My company deals with around 30,000 endpoints.

My company has a separate team that uses the portal provided by the product to raise our issues with the support team. My company usually gets back a solution as per the agreed SLA.

The solution is deployed on a cloud model.

The product's deployment process can be carried out with the help of our in-house team members, but my company had to seek help from a consultant due to resource constraints.

There is a need for customers of the product to pay towards the licensing costs of the tool.

The solution has improved the organization's ability to prevent cyber threats as it helps its users detect unknown threats that are not covered in their use cases. One caveat when it comes to solutions stems from the fact that users need to do a lot of fine-tuning to let the product detect unknown threats. When you turn on the tool, you will have a lot of alerts that pop up in your environment. You need to fine-tune the tool according to your environment so that you differentiate between normal and abnormal factors. Once the tool's fine-tuning process is correctly done, the solution will show you some alerts that are not detected by other products.

I can't comment on the features I found to be the most valuable or effective for threat prevention since I haven't used the product much to deal with threats. The product is mainly used as a signature-based or behavior-based tool. For threats, my company uses other products to identify or to get more additional context to it.

The deep learning aspect of the product has enhanced our company's cyber defense over a period of time as the tool helps understand the behavior of a particular environment, and it automatically reduces the number of false positives going forward.

I recommend the product to those who plan to use it. I would suggest others get an inventory of their systems so that they can fine-tune all the things before going into the production phase. Once you get through the PoC phase, you can put all your allowlisting and whitelisting into the tool. When you move into production, the number of alerts it shows at the initial stage will be less. You can have a proper alerting mechanism or a real threat identifier in your environment rather than having a tool that throws a huge number of false positives.

I cannot give an exact number on whether the product has helped in the reduction of false positives. My company mainly concentrates on reducing the number of false positives and having the actual alerts shown to us.

The solution integrates with our company's existing security infrastructure, as everything can be automated on Azure platform. The product offers integration capabilities and is also easy to use.

The benefits of the product stem from the fact that it gives clear visibility on the attacks. The product also identifies some of the early threats that were not identified by the other products in our company's environment. The overall defense approach offered by the product elevates the security posture of the organization.

I rate the tool an eight out of ten.

We use the solution for our MSP and MSSP clients. Our clients' range of industries involves finance, insurance, and professional services. So, we use it across almost all companies.

One of the advantages of the solution is that it provides only two updates a year.

It performs most of its duties effectively in the pre-execution stage. Whenever someone downloads a file, the system immediately detects it and prevents its execution if required. If a file bypasses the initial download detection, the system will still intercept and stop it in the pre-execution stage.

I think it's probably the administration, especially the administration platform, which could be improved in the solution. It's clunky and hard to navigate, especially for inexperienced technicians. So, I want to see better platform administration and easy navigation in the future.

I have experience with Deep Instinct Prevention Platform for three years. Also, I am using the latest version of the solution. My company is a reseller of the solution.

Stability-wise, I rate the solution a ten out of ten.

Although not currently within our organization, we have a potential use case for approximately 850 endpoints or clients in finance, professional services, and other businesses.

Scalability-wise, I rate the solution a nine out of ten.

The solution's technical support is very responsive and helpful. In the past, technical support has answered all my queries very quickly. So, I rate the solution's technical support a nine out of ten.

Positive

Previously, I used Trend Micro. Trend Micro is a bad product, as it uses too many resources from my clients. So, none of my clients wanted the solution.

It doesn't cost us anything to maintain the solution. So as far as investing any time into deployment or maintaining it, there's none. It's deployed very easily. Also, the deployment can be done remotely.

The deployment process takes about one and a half minutes per PC. So depending on the size of the client, we might spend an hour or two deploying it. And depending on the technology our clients possess, they may be able to deploy it by themselves. We can also help them deploy the solution over the phone.

We have a return on investment of about 100% using the solution. So, we charge a reasonable amount for the solution from our clients.

There are no additional costs on the price, and our company has a support contract, which bundles in those services anyway. The cost is something I can't split out exactly for each desktop or each endpoint.

Though I can't tell you what we, in our company, looked at as an alternative for Trend Micro, we chose Deep Instinct Prevention Platform since we needed it.

I would absolutely recommend Deep Instinct Prevention Platform to those planning to use it. Overall, I rate the solution a ten out of ten.

Our primary use case is anti-malware, to prevent endpoints from getting viruses.

Deep Instinct complements the solutions we already have. You don't need to rip and replace any antivirus or endpoint that you have. It's easy to use and it's easy to have it side-by-side with other solutions. That makes it really easy to have an additional level of endpoint protection, rather than to hassle with doing solution migration.

It helps with real-time prevention of unknown malware. I have seen several instances where, when I surf the web, Deep Instinct prevents it and quarantines it for me. The other solution that I am using doesn't pick it up. Deep Instinct prevented me from clicking on it. Otherwise, I would have been infected.

Also, the CPU consumption is low compared to what I have been using in my current environment. The footprint is a lot smaller, about a quarter of what I have now. It is very small. It doesn't use up many resources. It's only when it's running one particular type of scan that it really spikes up the resources. Otherwise, it really just stays in the background and is low on footprint.

What is commendable about Deep Instinct is that they have a single platform, regardless of whether you have Windows, Mac, or even Android phone. It's a very good platform because it's all-in-one.

In addition, it's easy, because once you deploy the endpoint, the policy comes in and there is not much to configure. You can do whatever you like, unlike other solutions where you need to explicitly create exceptions if you want to do certain things. Here, you can do anything that you want and have the assurance that Deep Instinct will catch anything that is malicious.

The malware classification is very good because it tells me, "This is most likely ransomware or a worm." In other solutions, they usually just have a flat statement saying it's a worm or just that it's a virus. That leaves it open-ended and you have to do your own investigation, put it into a sandbox and really explore it before you actually know what it is. A lot of technical or even expert knowledge is required before you can analyze it. Here, you can do it without an expert opinion. It's better laid out in the static form. It even tells you the process chain, where you know what executes and then what happens to it. If it's running something that it shouldn't, then that's potentially something bad.

I would like to see improvement in the user interface so that the user has more control. For example, it would be good if a user could change their grouping if they want to be part of another group. Or if I want to right-click and scan a specific file that I just imported, that would be helpful. Sometimes you just want to do an extra scan to make sure you're safe.

So far it has not crashed. It has not given me any problems. It's a very stable application.

Because it is cloud-based, you can scale. Because it runs on AWS, ultimately the bandwidth is as big as AWS can provide, which is as big as you can imagine.

In my office there are about 20 users, but we do have customers outside our office who are also using it.

So far they have been rather responsive. They have been able to give an analysis of instances or events that we have sent them, and they have been able to come back with positive results. Turnaround has been within a day.

I work for a company that is a distributor for Deep Instinct. We use it as well as sell it. It's in our interest to be familiar with the product to sell it and support it.

It's very easy. You can deploy to many endpoints in a very short amount of time. If you are doing it manually, it's just one simple command.

I can deploy it in a number of minutes for one or two machines. Configuring the policies takes about five minutes, and then deploying takes another five minutes or. All in all, ten minutes.

In terms of an implementation strategy, to deploy it to the masses it would be easier to go by Microsoft SCCM or any Mass Deployment Tools. You just put in a script and it will run and everyone will be done automatically. You just monitor it through the Deep Instinct dashboard. Usually, in other solutions, you won't get updates until a long time after. Here you see the overall status of every user: Are they registered? Are they deployed? Are they uninstalled? It is very intuitive.

You don't need a lot of people to maintain it. You might need two or three people to do round-the-clock standby. 

I don't deal with sales, I am the technical guy, the sales engineer. I do see satisfaction from customers. They are happy that there is a solution that differentiates itself from the other solutions and is really able to complement whatever they have. I do see many customers being satisfied with this solution.

Time savings are definitely there. If you cut down the incidents, you save the time dealing with them. If you don't have to deal with them, that's a lot of time saved. And since you don't have to have people to manage the solution, that's people saved. In multiple ways there is ROI, it's definitely there.

Because we are doing the MSSP model for Deep Instinct, we are able to get even very few licenses. Users can sign up even if they have a small office or, of course, a big office. It's really scalable and elastic in that sense.

Now that I have Deep Instinct, I don't know if one day I will just uninstall my current solution.

Compared to various competitors, Deep Instinct has a differentiator: It really does deep learning. Many of those doing machine-learning require the cloud. Deep Instinct is able to do it on-prem and fully self-contained. Once I install it I can even go offline or even go away from the cloud. It gives assurance that you're protected for a long time.

Generally, as a company, we like the solution. As compared to many other solutions on the market, it has a differentiator: the deep learning, and they even share what their deep learning algorithms are. You are really assured that this thing will be able to solve real-world problems.

In terms of Deep Instinct finding any malicious files which were underscored by other solutions, I have not really gone into the details but I do see that sometimes, when I click on the link to go to Virus Total, it doesn't show up anywhere else. But I haven't really dug deep enough.

As for the extent to which it is used in our organization, it is generally used, everybody has it. The beauty about Deep Instinct is that you can set and forget it. You don't really have to deal with it, unlike other solutions where you have to constantly have an IT administrator who manages it day in, day out. Here, it's more like when and if something happens, then I take a look.

I expect we will increase our usage of it. As more users come on board, we could have it installed as part of the standard package. In general, I would like to see more people install and use Deep Instinct.

One feature that is not utilized that much is the appliance on-prem sandbox where you can generate static notices for P-Files, because people generally don't log in much to take a look. So they don't generate messages. Similarly, the upload locks are under-used, because you can do it centrally. You don't have to visit the users, you can just do it from the console which is a very awesome feature.

In terms of the rate of false positives, compared to other solutions, it depends on the environment. Some environments have more, some have less. Some don't even have any. It varies. It's more conditional. Every solution has its fair share of false positives. In some environments there are more, some there are less. If you were to put them all together in the same environment then you will be able to make an apples to apples comparison.

We are a software reseller and managed service company, and Deep Instinct is one of the EDR solutions that we implement for our customers. It is one of two EDR solutions that we offer to our client base as a managed service and a 24/7 basis.

The primary use case is ransomware control.

We think of this product as a fishing net that fits into the computer and has all of the capabilities and understanding of what ransomware and malware look like. It reacts to the look of ransomware, as opposed to trying to detect it by using a signature.

In our experience, it is a whole different concept that is extremely effective.

The most valuable feature is its ability to detect and eradicate ransomware using non-signature-based methods. It is not a traditional EDR.

My primary concern is that there are elements of the MSSP model that need updating. Specifically, there are some technical controls that need to be updated and it means that rolling it out is a little bit more complicated than it has to be. If the client is working remotely and doesn't have a VPN then the deployment is difficult to do.

In the future, I would like to see additional reporting made available.

Adding a firewall would negate the need for some products by other vendors. More generally, adding traditional endpoint security features over time would mean that we would not have to support multiple platforms.

We have been using Deep Instinct for eight months.

The stability seems to be fine. Occasionally, we have to consider the brain of the solution, which is the component agent that goes to the endpoint. It remains stable because you're only pushing it out three or four times a year. Because it is not signature or EDR-based, you don't have updates.

Scalability with this product is superb. We currently have about 2,000 clients who are using Deep Instinct.

We also work with FortiEDR.

The initial setup is very straightforward.

The length of time required for deployment depends on the number of users that the client has. We have some clients with 500 to 1,000 users, whereas one of our clients only has eight. I would say that you can finish deploying this product in less than half a day, regardless of size.

We are satisfied with the pricing. 

The most complicated part about endpoint security these days has to do with COVID because you have so many people who are working remotely, and they made the transition without a lot of forethought. The cloud-based deployment helps because if you are in an on-premises environment, it's extremely complicated unless they have VPNs.

Overall, this is a good product and it is extremely effective. That said, changes to the deployment process and making the reports a little prettier would be a good way to improve it. Functionally, it meets our requirements, but it doesn't have all of the bells and whistles that other products have.

I would rate this solution a seven out of ten.

We are using Deep Instinct for malware protection on servers and workstations. We are using its latest version.

It has given us a more structured approach for detecting and preventing threats. It has machine learning-based detection and prevention. Their engines, in even older versions, are able to pick these viruses and malware. They have posted a lot of use cases online for detecting different viruses and malware that have been out for many years. 

The Deep Instinct client stops working when you have two servers and you add high availability or Windows Failover Cluster mode. It doesn't work in a clustered mode. I haven't yet had time to go back and talk with their support and get it fixed.

It would be good if they can make the installation independent of an actual user. Currently, its installation is dependent on the actual user being logged in. For example, a computer has to be logged in for the installation to happen. If it is not logged in, then on the cloud platform, it is going to show that the client is offline. 

On the management side of the cloud platform, we would like to have the administrators segregated by logical entities. We have told them that on their cloud management platform, we would like to be able to segregate clients into different logical entities or organizations so that the administrators are able to manage only those entities that are within their designated organization.

I have been using this solution for four months.

It is stable. There are no issues related to its stability. 

We haven't scaled it yet. We have 250 or so endpoints, which include workstations, servers, etc.

Tech support is provided by our MSP, Cyberforce. They are based out of Austin. They are also providing the solution. They respond very quickly, and they are good. I would rate them a nine out of ten.

We didn't use any other solution.

It was very straightforward and simple. You can obviously do the installation through the command line. It is not a typical EXE file that you just double click and install. 

We have NinjaRMM as our remote management tool for all endpoints. We were able to create a script on NinjaRMM and just do an automated install to Ninja. In a matter of 15 minutes, we had installed it over 200 servers or workstations.

We are a nonprofit. The MSP had provides pretty decent nonprofit rates for us. This was one of the key factors that made us choose Deep Instinct over its competitors who were significantly more expensive.

We compared Deep Instinct with Cylance and CrowdStrike, and we ended up going with Deep Instinct. We felt it was going to give us better coverage, and the cloud management platform was also much easier to use.

It is definitely worth looking at before you make a decision. 

I would rate Deep Instinct a seven out of ten. There are a few kinks, but it is a new company, so we can't expect everything from day one. With that understanding, we accepted some of the shortfalls.

We used it basically with the idea of replacing antiviruses. We've done a proof of concept with a few customers. The experience has been at some customers of ours, but there hasn't been a final sale. We used the latest version of this solution.

The most important thing is that it is for prevention. It prevents attacks of any type of malware. Normally, what we've seen in other products is that they are not for prevention. They isolate a possible threat that they don't understand or know about, and then they check it with our database to see if it needs any correction or elimination. This means that the threat is already inside a customer's base, whereas Deep Instinct prevents a threat from getting in. Prevention is basically done by an agent in each installation, PCU, or product. An agent has its own intelligence to be able to detect if it should stop a threat or not. It has been taught. It is like a brain that has been taught to react according to any possible threat.

Deep Instinct is very light. It doesn't take too much CPU attention or memory. It doesn't slow down the performance. You don't really realize any change in the performance, which makes it very different from other solutions. They are usually heavy for the users.

Its support for Linux and Unix operating systems can be improved. Currently, they cover macOS and Windows, but they don't cover Linux and some of the Unix products.

Pricing is also an issue. Its pricing is not as aggressive as it could be, and its price makes it difficult to sell. Customers feel that they can get an antivirus for a lower price, even though it is not a similar product. It is technically different. 

Their SLAs can be better. They have to give you 24/7 support, but their SLAs are not very good. They should be better documented, and the offerings should also be a little bit better. What happens is that the SLAs end up in the hands of the intermediary, seller, or the local partner of Deep Instinct in a country. The customers want very fast SLAs in a very short time, but Deep Instinct doesn't give them at the same speed. Having said that, SLAs are important when you have a lot of issues, but this product doesn't have too many issues, so it is not a big concern. However, for a customer who doesn't know the product, it could be a concern.

I have been using this solution for a year or so.

It is totally stable. There is no problem with its stability.

It is scalable. Our clients are medium to large organizations. 

Their support is pretty good. Their documentation is also all in order.

It is pretty straightforward to have it working. Its deployment is very fast. You put the agent into a computer or mobile phone, and it is very light. Everything is connected and registered in the console, and the console will do an audit and follow up with every unit in the network. You can get those statistics and information out of the console.

It is pretty simple to deploy and maintain. It doesn't really need maintenance. Many other competitor products have very frequent revisions or upgrades of the product, sometimes even in the same month or week, whereas with this product, there are at the most two revisions or upgrades in a year. It is very simple to administer it.

Its pricing is too high, but that is not because of the product. It is expensive because of the cost of the console. You need a console to control the whole thing, but the console is expensive. You have to split this cost among all possible users. Normally, to be able to make it economically attractive, you need at least 1,000 agents, PCs, or users. If you have a customer with 300 to 500 agents, PCs, or users, it becomes too pricey.

It is very simple to get it working and keep it working.

I would rate Deep Instinct a nine out of ten. It is a great product.

I'm a security consultant and we are customers of Deep Instinct. 

The user interface is a good feature. It shows which process has been accessed and the flow. The detections for PowerShell are also pretty good as is the active scripts detection feature. 

Some of the features are very resource intensive, such as the ransomware detection. It consumed so much of the resource on the endpoints that we have disabled those functions. If they could improve the detection logic so that those elements would consume less resource, that'd be effective. They could also improve the reporting feature so it coul be more like you find in Maltego or IBM's i2. They could introduce a graph feature to coordinate between search and those things, perhaps a dashboard of some kind.

I've been using this solution for almost a year and a half. 

This is a stable solution. 

This is a scalable solution. We have around 3,000 endpoints and one person in our company who deals with maintenance. 

We had difficulty connecting with them and initially we were not sure who to contact. It took around eight to 10 hours to get hold of that person so support could be improved. 

I would not recommend this solution for small companies but for companies that deal with sensitive data, I would recommend it as an additional layer of security. It cannot be used as a stand alone product from my perspective, but it can be used with a defense-in-depth approach.

I would rate this solution an eight out of 10. 

Unknown malware can be prevented using this solution.

It provides a very high detection rate and a very low false-positive rate. 

It also helps with real-time prevention of unknown malware, easily. For example, when a file attached to an email is opened, Deep Instinct prevents any malware immediately, when compared with similar solutions.

The most valuable features are the static/dynamic analyses. Deep Instinct's predictive model has very high accuracy and provides threat information for unknown malware, such as malware classification, static analysis information, and sandbox information. The information can be obtained easily. Malware classification information is displayed automatically, within the event.

In addition, we have found there is malware prevented by DI, which other solutions did not prevent.

The Management Console is not localized.

DI is lightweight and very stable.

Tech support answers quickly and they are caring.

We did have a previous solution but the detection rate with DI is higher.

The initial setup is a little bit complex. The reason is that there is no online help. The deployment takes one to two days. In terms of an implementation strategy, use it together with Windows Defender.

We have installed it on Win PCs, Mac, and Android. The installation work is very easy.

The pricing is a little bit expensive but we are satisfied with DI's performance. CPU consumption during scanning is under five percent.

We evaluated some competitive products, for example, Cylance, and Deep Instinct's false-positive rate was less than one-tenth of Cylance's.

It is a very good and stable product. Our CISO noted that the client features are a little bit different than in our previous product. However, he understood the reasons.

We have 150 users of Deep Instinct and they fill a range of roles, as we are a reseller. It is installed on all our employees' PCs. Two people are required for deployment and maintenance of the solution.