Field Effect MDR Reviews

The main reason we wanted to have an MDR system was to monitor our network both internally and externally for any potential threats or risks that we might have that could create a problem for the business. That's the main reason for it. 

I like the solution in part due to the fact that it is Canadian-based, so being from Canada, I like to work with Canadian vendors if possible. It is very comprehensive, and the price point is better than some of the others that I looked at, which were more expensive, for example, Arctic Wolf and eSentire, and some of the other sick security solutions on the market.

We get regular AROs that alert us of anything that we need to be aware of that's happening. The ARO features are really important since they're also ranked by risk. Something that's high or critical would get our immediate attention. And then medium and low, these are things that we know that we need to address. However, we've got a little bit more time to take a look at them. We've got a really small IT team, and I can't afford to have a full-time security person working for me. Having this as a service where their analysts are reviewing the incidents as they come up is helpful. They can help us troubleshoot or understand the source of the issue. That is really, really important for us as we have no way of doing this otherwise with a team of three people.

I like that surveillance is backed by experts who are constantly monitoring for attacks and risks. That's really the key selling point for me. I want my system to be constantly monitored. You want to know what's happening at all times within the network or even on some of our cloud services. For example, we use Microsoft 365. If someone's trying to hack one of our user's accounts, I want to know that that's happening. With this product, I would get an alert for that.

The ease of managing the product is great. I don't do it myself on a day-to-day basis. The team does it. However, the team likes the software. They understand how it works. When they need assistance, they can ask one of the security experts who will help them do the analysis and understand exactly what's happening, why it's happening, and help them resolve the issue. We've activated the active response, so when there's a risk where they see a particular user account that looks like it may have been infiltrated, it will automatically shut that down. That way, if something is happening, they shut the door right away so that if it's a hack or trying to get in, no one is going to get access.

We make use of the tagging of security threats such as actions, recommendations, and observations. We also have the add-ins for Outlook, as phishing has become prolific now. We're getting a lot of phishing emails. We've trained our employees to be alert when they see a phishing email. They know that they can go and click on the Covalence button in Outlook to report that message. The team is alerted that there was a phishing email that came in that way. In addition to that, when they click that button, it asks them a few simple questions about what actions they've taken. For example, did they click on a link? Did they open a document? Did they actually do anything that might be triggering some kind of a virus or something like that in our network? Covalence gets that information, and they can assess if there's a risk there. 

We now have a single cybersecurity product that protects all of our threat services, and all the endpoints. East, West, North, South - it covers everything on all of our entry points. That's one of the big selling points is that every endpoint and every access point is covered.

Covalence helps our security team save some time. Since I don't actually have a full-time security team, it's really great. The IT team doesn't really have a lot of time to dedicate to security. And they aren't experts. They're more generalists. Therefore, just having access to true expertise in security is really, really important to me. And they're monitoring 24/7. My guys go home at night; they're not necessarily looking at any of the systems to see if something's going on. Having the alerts that come into all of our phones allows us to see right away if there's a high or critical alert, and we can immediately address it whatever time of day it is.

Besides the AROs that are really specific to my network, I get regular monthly reports. They include, for example, when there's a major threat that's out there that's been identified. They'll send out an email, and I can read up on that and determine if there's any risk to my organization.

Cylance gives recommendations on how to reduce risk. We meet regularly with the Covalence team, and we go over the status of our AROs, some of the situations that happened, any concerns, and things like that. They definitely provide recommendations as well on alert observations. Some of the recommendations are less of a priority for us. However, we definitely want to follow through on those so that we're closing the door on any possible threats.

I'd love the price to be a little bit less. I've been in IT for 25 years and security is obviously causing my budget to really balloon from what it used to be. I'm always looking to make things more cost-effective. 

While the interface is pretty good, they could always improve on it and make it more user-friendly. Darktrace, for example, has a really nice interface, however, its functionality wasn't necessarily what we needed. 

We originally started using the solution in February or March of 2022. However, I worked with it at a different company as well and used it there since 2019.

We've had no issues with stability at all. 

The solution is completely scalable. We went through a growth phase last year, and they were able to keep up with that. 

My team has contacted technical support, typically about pretty minor stuff. In the tear we've been on it, we've reached out maybe one to two times. They offer prompt responses. I've never heard anyone complain about them. 

Positive

It did not replace any cybersecurity solutions. However, we did not have anything like this in place. We did look at alternative solutions before we made the decision to go with Covalence. However, we did not really have much of anything other than your basic antivirus software. We needed proactive instead of reactive security, which is why we chose this product.

While I authorized its use, I was not involved in the initial deployment. My staff was. There were two people who handled the implementation. It was mostly handled by one individual, however.

It's maintained by the vendor, and they do that remotely.

I've never sat down and calculated the ROI.

While they were very competitive compared to some of the other ones we looked at, I'm always looking to reduce my costs.

I'm a customer and end-user.

If someone was interested in an MDR system, I would definitely tell them to look at this product and include them in any vendor comparison that they were doing. They're very comparable to the other bigger, more well-known MDR solution providers out there. They bring a lot to the table. The company was founded with members from the Canadian National Defense. They really know what needs to be done at the highest levels of security, and they were able to take that knowledge and experience and build a solution that is comparable to all of the others out there. 

They're a good team to work with. It's really important to me to have a team who are responsive and good to work with. 

I'd rate the solution ten out of ten.

We wanted a technology partner to provide complete cybersecurity protection to our entire organization.   

In the past, we had multiple solutions from different vendors and they were difficult to manage. I wanted one vendor to protect us from top to bottom and provide a single "pane of glass" for our technical team to manage.  

 I was also looking for a vendor with a stable team of cyber specialists who were easily and quickly accessible to us for consultation on any issues or questions.  Additionally, we wanted to be billed in Canadian dollars.  

The IT team is having to spend far less time investigating cybersecurity incidents and cybersecurity "noise" and more time on tasks that drive the business forward.  

We have one cybersecurity partner who has a 360-view of all activity on our network and is able to paint a picture of behaviour and respond to suspicious activity more intelligently. The result is fewer false alarms and less time wasted by our technical team on noise and fruitless investigations. The Field Effect team of experts is an extension of our IT team.

Direct and easy and quick communication to the Field Effect cybersecurity team experts has led to quick resolution of any problems or alerts. The ARO system provides easy explanations of issues detected and simple instructions for resolution. If an issue is expected we can respond accordingly and suppress future alerts pertaining to the same issue. If we believe we have resolved an issue, the Field Effect team will verify our solution and report on the issue again if our solution does not address the problem.  

The solution could improved DNS filtering and fuller integration into ConnectWise PSA (I understand both are in the works). The current roaming DNS filter doesn't seem to be too complete and we're hoping to be able to eliminate purchases on other filters, such as Umbrella.  

The ConnectWise PSA integration is two-way but does not send our comments back to the Field Effect portal. Additionally, they have recently come out with an option that does not require a physical appliance onsite.  This will be valuable for smaller locations.

I've used the solution for over two years - since Nov 2022 approximately.

The solution has been extremely stable and predictable.

It's very scalable from the very smallest organizations to the largest.  

Customer service and support are very responsive - particularly with possible cyber incidents. We hear from them nearly immediately on urgent issues and within a day on other questions.

Positive

We had used Arctic Wolf and a bundle from ConnectWise. The Arctic Wolf product, although very complete, was significantly more expensive. The ConnectWise solution included SentinelOne but was more challenging to use as it did not have one place to look for security issues.

Initial set up was very simple and detailed instructions were provided by FE for the appliance and network adjustments. FE engineers provided white glove support.

It was done in-house as the setup was very simple.

We didn't do a formal ROI.

In our evaluation, two years ago, we found the Field Effect Covalence product and service to be the simplest to set up and pricing was lower than the other competitors.   

We have tested and implemented a few other solutions.   

We're a managed service provider. So we resel Field Effect Covalence services to our customers for cybersecurity.

Field Effect Covalence can be deployed on-premises, in the cloud, or as a hybrid depending on each customer's requirements.

It is imperative that Covalence is backed by experts who are constantly monitoring for attacks and risks.

Managing Covalence is straightforward.

With Covalence, we have seen increased security, increased revenue, and a fuller product line, which helps us move into the security market.

Covalence provides a single cybersecurity product that proactively protects all of our threat surfaces.

It is nice that Covalence reduces the number of cybersecurity products needed by providing three threat services.

Covalence's 24/7 monitoring significantly reduces our security team's workload.

Covalence informs us of threats and provides recommendations on how to remediate them.

What I like the most about Field Effect Covalence is the ease of deployment, the fact that it's cost-effective to roll out, and it is reasonable. It's at a really good price point, and it provides great protection.

Field Effect Covalence could benefit from enhancing its packing slip process. When receiving multiple devices simultaneously, it can be challenging to initiate setup due to inadequate labeling on the packing slips, which often fails to clarify device-to-customer associations.

I have been using Field Effect Covalence for two years.

Field Effect Covalence is stable. We have not experienced any issues.

Field Effect Covalence is scalable.

The technical support responds quickly.

Positive

We have seen a return on investment with Field Effect Covalence.

The pricing is comparable to what else is out there.

I would rate Field Effect Covalence a nine out of ten.

Someone interested in a cybersecurity solution but has never heard of Field Effect Covalence, should check it out.

To anyone looking at Field Effect Covalence, I recommend doing their homework, doing a demo, comparing pricing, and ensuring it fits their environment.

My workplace experienced a service security incident, and we engaged the Field Effect team to assist us with investigation and recovery. As part of their services, they implemented the Covalence monitoring solution. After the initial three-month engagement, we opted to retain the solution and continue using it.

It is of paramount importance that the surveillance system is continuously monitored for attacks and risks by a team of qualified experts. This is one of the primary reasons why we chose Field Effect.

Device management is straightforward. The solution is practically ready to use. It took less than an hour to install their appliance and agents, and it is straightforward to configure and monitor.

Tagging security threats enhances the system's learning capabilities. However, in our environment, if an event is tagged as non-threatening, the system will disregard it in the future and learn from the process.

Covalence offers a unified solution that proactively safeguards against various threats.

Covalence helps identify issues even when we're not actively looking for them. This helps our security team save around ten percent of their time.

Covalence keeps us informed of potential threats and guides how to address them if they materialize. Since its implementation, we have not encountered an actual threat, but it does alert us to potential issues.

Covalence bolstered our confidence in our security posture. As a result, we now sleep better at night knowing that Covalence safeguards our data.

It recommends actions to take to mitigate risk. This is crucial because it identifies the nature of the risk and provides solutions to address it. Therefore, it is of substantial importance, and it is our responsibility to either heed these recommendations or disregard them if we deem the risk insignificant or unrealistic.

The most valuable aspect of Field Effect Covalence is its ability to continuously monitor for and identify potential threats.

Currently, Covalence responds to threats by deleting the entire machine. However, it would be more effective if it could surgically isolate the specific malicious process instead of deleting the entire machine. This would minimize disruption and allow for a more targeted response to the threat.

I have been using Field Effect Covalence for six months.

I have noticed a slight slowdown when using the better agent on my machine, but I have never experienced a crash, to my knowledge. The slowdown is also not that significant, as it only occurs during startup.

Covalence is quite scalable. As a small organization, we believe we have ample room to grow with our current implementation. If we were to expand, we believe Covalence could scale with us by adding additional appliances.

The initial deployment was straightforward and took only one hour to complete. We were up and running quickly. We coordinated with the Field Effect's personnel and one individual from our team for the deployment.

The implementation was completed in-house.

Covalence is a threat solution that provides a high return on investment when a real threat is encountered. Fortunately, we have not yet faced such a situation. However, if we were to encounter a significant threat, I would estimate that the return on investment could be in the range of hundreds of times the cost of the solution, even with just a single incident.

The pricing was very reasonable. We were particularly impressed with their pricing model, which charges per user rather than per system. This is especially beneficial for companies like ours that have a large number of systems and therefore require multiple systems for each user. This pricing model will be much more cost-effective for us than the competition's models.

I would rate Field Effect Covalence eight out of ten.

In addition to Field Effect Covalence, we also use an antivirus, a perimeter firewall, various password protection tools, and phishing tools.

Covalence requires minimal maintenance, just the monitoring essentially. Monitoring and looking at the action alerts.

I highly recommend Field Effect for several reasons. Firstly, they cater to businesses of all sizes, from small and medium-sized enterprises to large corporations. Their pricing is competitive, and their solutions provide peace of mind by enhancing overall cybersecurity posture. I wholeheartedly endorse their services.

When comparing Field Effect's pricing model to that of its competitors, businesses should consider the importance of the granularity of threat isolation.

I use Field Effect Covalence primarily for EDR across various clients. It serves as a crucial layer of backup protection, enhancing overall security measures. The valance feature is particularly appreciated for its effectiveness in safeguarding our systems.

In the beginning, our main goal was to provide our clients with the best possible cybersecurity solution, and that's when we implemented Covalence. The primary objective was to ensure top-notch security, and so far, it has proven effective – we haven't experienced any breaches since its implementation.

The main benefit I have experienced with Covalence over the years is the peace of mind it provides. I don't have to worry about anything – it is a reliable product that has never been hacked.

The most valuable aspects of Covalence for me are the exceptional customer service and the support from the dedicated team.

In terms of improvement, I have discussed with Covalence about improving reporting for vendors like us. While the reporting is good, I would like more of a white-label option with my company's name at the top and a clean look for the report, perhaps with "Field Effect" or "Covalence" at the bottom. They are already working on it, which is great.

I have been using Field Effect Covalence for about a year.

We have not experienced any issues with the stability of Covalence.

The customer support is excellent. They are very fast and helpful. I would rate the support as a ten out of ten.

Positive

The initial deployment of the solution is straightforward.

The pricing for Covalence is great.

It is extremely important to me that Covalence is backed by experts for constant monitoring of attacks and risks.

Managing surveillance with Covalence is super easy. It is user-friendly to the point that even someone without extensive technical knowledge finds it straightforward to handle.

It significantly helps our security team save time in various ways. We are spared from manual monitoring, and we no longer need to rely on other products that may not be as trustworthy.

Covalence is replacing multiple cybersecurity solutions for us. We are in the process of phasing out some, including Arctic Wolf, as we find that Covalence meets our needs more effectively.

Covalence informs me of threats and provides clear recommendations on how to address them. I find the recommendations to be wonderful, making it easy to address and hunt for the rest of the potential threats.

My advice to new users is that Covalence is like our secret weapon in cybersecurity. It might be newer and not widely known yet, but I would strongly advise them not to overlook it – implementing it is a smart move. Overall, I would rate the solution as a nine out of ten.

Basically, the solution is used for monitoring devices and monitoring agents. We install it on every machine that we bring online to actively monitor in terms of security - not monitoring how people are using it. If there is a threat on a machine, if there is outdated software, if there is malware, et cetera, we get alerts. 

We had a cyber incident prior to getting the solution. We decided to look around, and we found lots of reviews of the solution and decided to implement it. 

The solution offers actual recommendations. With any machine we bring online or any person using the machine, it creates an alert if it sees a threat or any observation such as missing updates. It will send an email to the IT department right away.

It's important that it's backed by experts who are constantly monitoring for attacks and risks. If there is a threat that is a high priority or something, they do monitor it, and they see if there is any action needed.

It is easy to manage surveillance.

We use the tagging feature for security threats to tag actions, recommendations, and observations. It's not technically tagging; it's watching the machine and alerting us to issues. 

We are using it in conjunction with our antivirus suite. This is enough to make sure that our machines are safe.

It's fairly easy to manage as well. It offers a quick overview. I can go into the portal and see what's happening. It gives me quite a bit of information.

I save time with the solution. I do not have to manually monitor all the equipment that we have now - since we installed the Kubernetes. That saves a lot of time. It does do the automatic reporting in detail, and it also tells us what needs to be done. While I've saved quite a bit of time, I can't say in hours or in days.

The product so far has informed me of threats and how to address them. When it creates the action, it does tell us what needs to be done. The recommendations they provide help us reduce risk. We can decide how to eliminate something or how to reduce occurrences. 

The reporting is fine. 

We've really felt secure after implementing this. 

This is a new solution for us. We're pretty comfortable with it and haven't had any issues so far.

They put too much detail into the emails. They should streamline them.

I've been using the solution since April 2023.

I haven't had any issues with stability. Whenever I go to the portal, it's solid, and the reporting is efficient. 

It's scalable. It's fairly good. 

Initially, we contacted technical support a number of times. We needed to understand the product and were not sure how things were going. 

Support is extremely quick. They were available whenever I contacted them.

Positive

I haven't used this type of security application before. 

We are using antivirus solutions; however, this solution actively monitors.

We're using an on-premise deployment with two portals: one on the cloud and one directly on the device. 

I was involved in the initial deployment, and it was fairly straightforward. It's a plug-and-play solution. 

Up to this point, I haven't performed any maintenance. 

We did have help from Covalence during the deployment. 

I'm not really involved in the pricing. 

I'd recommend the product. I'd rate the solution ten out of ten.

It's a fairly solid solution. It does what it's supposed to do.

We operate a security operations center for several companies. We rely on Field Effect Covalence as their primary endpoint detection and response platform, making it their main line of defense. Additionally, we leverage Covalence during incident response, especially for larger events. In such cases, we prioritize the rapid deployment of Covalence to the affected client, followed by engaging Field Effect's services to effectively contain the threat.

We wanted to proactively protect our clients, and deploying Field Effect Covalence gave us peace of mind knowing they were safe.

While we offer both cloud and on-site deployments, Field Effect typically recommends on-site devices for new clients. However, we're happy to accommodate cloud-based solutions for clients with specific reservations about on-site hardware.

The 24/7 expert monitoring for attacks and risks is crucial.

Covalence is straightforward to use and easy to figure out.

The tagging system is incredibly helpful, especially when action items are generated. As soon as these appear, I can immediately contact the client by phone or message to determine whether it's a false positive, an IT team member's activity triggering the flag, or a genuine threat. This information is invaluable, as relying on a standard user checking at random intervals could easily lead to missed threats. In my case, receiving both an email and a text message on my phone for each action item is a huge advantage. Time is of the essence when dealing with incidents, so the prompt notification through the action ARO is incredibly valuable.

Covalence offers a unified cybersecurity product that proactively strengthens all of our threat surfaces, simplifying maintenance and streamlining workflows. Having multiple tools consolidated into one platform saves a significant amount of time.

It helps save our security teams a few hours per day.

Covalence has helped replace other major EDR solutions for some of our clients.

Covalence provides helpful recommendations for reducing security risks, accessible through the "AROs" tab. These recommendations go beyond basic vulnerability scanning, which the platform also offers. It can pinpoint specific machines vulnerable due to outdated software or other issues, as well as highlight potentially suspicious behavior. For instance, I've encountered situations where a user had disabled multi-factor authentication, which raises security concerns. Therefore, Covalence is valuable for identifying specific vulnerabilities and suspicious behavior associated with individual devices or accounts. 

The AROs have been incredibly helpful. They not only provide a clear overview of activity but also act as a vulnerability scanner to some extent. However, with the vast amount of logs and other data we receive daily, it's still valuable to have a concise summary of everything happening.

We meet with the Field Effect team every month, and I understand that one potential project they're considering is a patch remediation component within Field Effect. The ability to directly patch machines would be a significant improvement, though I recognize it's a substantial undertaking. I believe they're exploring the feasibility of this feature, and its inclusion in the Covalence tool would be transformative, streamlining workflows and reducing reliance on additional tools.

I have a couple of suggestions for improvement. First, it would be great if we could remotely remove machines from the portal, either by uninstalling the agent remotely or completely deleting the machine entry. Currently, if a machine is upgraded, especially for our smaller clients who replace machines frequently, the old machine entry remains offline or otherwise inaccessible, cluttering the portal. Having a self-service option to remove these machines would be much more efficient than contacting support every time.

In the AROs tab, if we encounter multiple duplicate recommendations, it would be helpful to be able to select and resolve or dismiss them all at once. This would save time and effort when dealing with repetitive tasks.

I have been using Field Effect Covalence for eight months.

I haven't encountered any stability issues with Covalence, unlike the other tools we use. Throughout my time working with Covalence, I haven't experienced any downtime or problems accessing the software or web UI. I'm incredibly impressed with its uptime.

Covalence is highly scalable, accommodating small deployments of just ten clients up to larger implementations with 500 clients. This makes it ideal for businesses of all sizes, especially those with rapidly growing client bases like our smaller clients. Additionally, replacing hardware devices is easy by contacting the Field Effect support team.

For certain tags, if a substantial action item is received, I will first offer the client brief advice before internally contacting technical support for further assistance. Overall, I've been quite satisfied with the quality of support provided. While there have been a few instances of slightly slower response times than I'd prefer, the assistance offered has been excellent. When prioritizing tasks, the immediacy of action items, particularly important ones, takes precedence over mere recommendations or observations, as the former requires prompt attention.

Positive

Before adopting Covalence, we utilized CheckLite, a similar solution developed by another company section in collaboration with an external partner. While not as sophisticated as Covalence, it served us well until our recent acquisition. Following the buyout, we transitioned to Covalence due to its greater maturity, user-friendliness, and the exceptional support provided by its team.

The initial deployment was remarkably straightforward. We simply need to provide the person working on this project with information such as network resources, hardware types, and other relevant details.

Beyond Field Effect setting up the physical device and shipping it off to the client, only one person is required for the deployment.

We work directly with Field Effect and do all the implementations in-house.

While we evaluated other options like CrowdStrike, ultimately our decision went with Covalence. This was largely influenced by three factors: our CEO's prior experience, the evolving landscape of available tools, and the existing partnership we have with Field Effect.

I would rate Field Effect Covalence a nine out of ten. I've been extremely pleased with it overall. There are just a couple of minor areas in the web portal that could be improved for easier navigation. Apart from that, I've been incredibly happy with the service.

No real maintenance is required for Covalence.

For someone unfamiliar with Field Effect, I'd start with a quick internal product demo. This highlights key features and limitations, followed by directing them to their website and comprehensive support docs. Finally, I'd share my positive firsthand experience with the software.

For large-scale deployments of Covalence, having an RMM solution or another multi-machine deployment method is crucial. While manual installation is feasible for smaller clients, efficiently managing broader deployments requires automated tools. Otherwise, the setup process itself is straightforward.

We are dedicated to keeping our clients' fleets compliant and secure. Our proactive approach allows us to receive timely notifications when attention is needed, enabling us to act swiftly.

Our system highlights specific devices, files, or software that require attention and provides a CVE number detailing potential vulnerabilities and remediation steps. If you ever find yourself unsure about how to address an issue, their knowledgeable team is just a text message away. With real people ready to assist, they go above and beyond traditional security software to ensure your peace of mind.

Thanks to the MDR, it is easy for us to effectively develop policies to address vulnerabilities. By integrating Mobile Device Management (MDM) with our MDR, we can swiftly tackle detected issues. This combination enhances our cybersecurity posture and provides peace of mind, significantly reducing downtime. 

By proactively staying ahead of potential threats, we ensure our systems remain secure and efficient. This strategic approach not only safeguards our operations but also reinforces our commitment to maintaining a robust security environment.

The automated response feature is incredibly effective. For instance, we can automatically lock a Microsoft 365 account if a login attempt occurs from an unauthorized country. This proactive measure significantly enhances our security posture by swiftly mitigating potential risks. 

The system's ability to respond instantly to suspicious activities not only protects sensitive information but also provides peace of mind, knowing that our accounts are safeguarded against unauthorized access. Overall, this functionality is a valuable asset for maintaining robust security.

We've noticed that some alerts are indicating vulnerabilities that have already been resolved. While it's essential to stay informed about potential issues, the recurring notifications about past vulnerabilities can lead to confusion and may detract from our focus on current threats. 

Streamlining the alert system to filter out these resolved issues would enhance our efficiency and ensure that we concentrate on the most relevant and pressing security matters. Overall, refining this aspect would significantly improve our experience.

I've used the solution for two months now.

So far, we haven't had any issues; it's always been stable.

The solution is pretty scalable. You can go from a small company to a big company, from a local software agent to a network monitor.

Whenever we reached out for assistance or to whitelist a reported vulnerability that we knew was not harmful to our environment, we found the team exceptionally easy to work with.

Positive

We are in the process of integrating existing solutions with this new product. Rather than merely replacing what we have, this addition provides an opportunity to enhance our current capabilities.

The initial setup was straightforward.

Someone else acquired this solution for the company I'm working with.

As a technician, this question falls outside my role. That said, I recognize the significant benefits of a tool that accomplishes tasks in a fraction of the time compared to manual security methods.

The price is in accordance with the provided services.

We did not evaluate a different solution. 

You should certainly consider trying Field Effect; it is a robust solution that will soon be essential for any organization prioritizing security.