Field Effect MDR Reviews

We are an IT-managed service provider, offering comprehensive IT solutions to our customers, including robust cybersecurity protection. One key element of our Security-as-a-Service stack is Field Effect Covalence, which provides continuous 24/7 vulnerability scanning.

We understand that our clients expect us to protect them from external threats. However, this presented two challenges. Firstly, this level of security wasn't included in their standard service desk or network monitoring contracts. As a result, providing this unbilled service significantly increased our risk exposure. Therefore, we sought a solution that could both effectively safeguard our clients and mitigate risk for our own business, without compromising service quality. Field Effect Covalence is perfectly aligned with our needs in this regard.

Typically, we deploy an appliance at our clients' main locations where significant foot traffic is present, ten individuals or more. This local appliance monitors all firewall traffic and synchronizes with the cloud-based Covalence platform. Additionally, every endpoint device has a Covalence agent installed that regularly checks in, enabling us to perform web DNS filtering. This prevents endpoints from accessing unauthorized or potentially harmful categories. We also monitor clients' 365 or Google Workspace accounts for potential malware threats, including SharePoint environments. This comprehensive approach, implemented at both physical locations and remotely through the cloud, ensures effective threat scanning and detection.

The expertise behind Field Effect Covalence is crucial. Its team constantly monitors for cyberattacks and risks, offering an immense advantage in today's landscape saturated with new, competitive cybersecurity companies. Our core partners at Field Effect, with their backgrounds in cybersecurity and collaboration with Canadian intelligence services, provide invaluable insights and protection for our Canadian business clients. As former security professionals, their capabilities and dedication inspire complete trust.

Managing cybersecurity vulnerabilities has become effortless with Covalence. Unlike traditional solutions, which simply dump a mountain of alerts and potential threats on us, Covalence takes the burden off our shoulders with its managed detection and response service. Their advanced filtering removes the noise and prioritizes genuine threats, saving us valuable time and effort. This streamlined approach lets us focus solely on addressing critical issues and ensuring the safety of our customers.

Every day, we rely on the tagging system. Recently, we had a client who traveled from Africa to Europe and then back to Canada. The system immediately flagged this activity, alerting us to the logins from different locations. Having this awareness is crucial, especially compared to the risk of compromised credentials in vulnerable countries to threats originating from elsewhere in the world. The tagging system consistently proves its value, and we proactively patch vulnerable third-party applications thanks to its insights.

Covalence represents a significant advancement towards a unified cybersecurity solution that actively safeguards all our threat services. It continuously provides round-the-clock vulnerability assessment and scanning. However, it's crucial to complement this service with additional measures like password managers, end-user cybersecurity training, and multi-factor authentication. Therefore, I'd say Covalence covers roughly 80 percent of what we need to keep our customers secure, making it an ideal complement to other aspects of our Security-as-a-Service offerings.

Implementing Covalence has significantly improved our security team's efficiency. The proactive approach it fosters allows us to identify and counter potential threats before they materialize, unlike the reactive post-incident response we used to employ. The immediate notification of malware or lateral movement has been invaluable, with Covalence successfully intercepting such attempts on several occasions. Consequently, since deploying Covalence for our customers, we haven't experienced a single major cybersecurity incident. While it's true that our service desk team now dedicates more time to proactive maintenance, this translates to long-term time savings. Without Covalence, a significantly higher number of incidents would be inevitable, potentially damaging our reputation and causing days, if not weeks, of disruption while we handle incidents and mitigate threats. In summary, Covalence has saved us resources, personnel, and, most importantly, reputational damage from cyberattacks.

Covalence keeps us informed about cybersecurity threats and how to address them. When an alert is triggered, it automatically integrates with our existing ticket system and generates a checklist of mitigation steps and recommendations. We simply follow these instructions to handle the threat. However, if we need further information or assistance at any point during the mitigation process, Covalence's team is readily available. They provide immediate phone support and actively help us overcome any challenges we encounter.

Every month, we receive a set of personalized recommendations for each client and their devices. These recommendations cover everything from updating Windows core operating system patches to addressing vulnerabilities in specific third-party applications. By working through these notifications, we keep our clients safe. With 1,800 endpoints and a wide range of applications, such personalized recommendations are critical. Manually tracking vulnerabilities across every piece of software would be impossible. Therefore, having a system like this in place is crucial for saving time and reducing risk.

Covalence has been instrumental in transforming our security posture. It propelled us from a conventional network monitoring help desk to a leading, security-first managed service provider in Ottawa. This shift puts us head and shoulders above our competitors and has truly revolutionized our business. With Covalence in our arsenal, we've been able to renew and expand existing three-year contracts with all our clients and win significant new business by offering this cutting-edge security solution.

We use Field Effect MDR to deliver managed IT services to our clients.  It can be deployed on-premises via a line network appliance. You can also use a virtual cloud appliance. It depends on the client's needs. They're flexible. 

We were using a highly regarded competing product, but the company decided to go directly to one of our largest clients, which is the kiss of death for a managed service provider. Once your partner decides to go directly to your client base, they have breached the partnership, so we decided to look for alternatives. After due diligence research, we found Field Effect MDR, which we weren't familiar with then. After going through the demos, we realized that this solution was broader in coverage than what we already had in place.

We saw the benefit within the first week because Field Effect identified a malware infection in our environment other solutions had missed. We were running blind in that area. When we deployed it, Field Effect found an actionable alert within the first couple of days that gave me a lot of peace of mind. I realized we had much broader visibility than I thought we had. The ability to catch that incident quickly, in real time and then block it in real time, helped me as a security officer rest easier at night knowing that we had this level of visibility and actionable response.

It's lowering our overall security risk levels and helping our clients level up their protections. It enables our clients to focus on business without worrying about the underlying cybersecurity posture. They can avoid a massive ransomware or a large-scale phishing event that costs them hundreds of thousands, if not millions, of dollars. 

Some companies provide all the tools that Field Effect has, but in different, point solutions. It's important that Field Effect is a consolidated solution enabling us to be as efficient as possible. Fragmenting the infrastructure too much creates administrative overhead because we need to be in three, four, or more portals and admin consoles. Consolidating our toolsets streamlines process while enabling us to leverage automation helping us scale as an organization. 

Field Effect's security analysts triage the incoming alerts as they come in and weed out false positives. That saves our engineers a lot of time because we're only getting the actionable information we need to act on, ensuring the client is protected most effectively. If we have a high-severity alert, we can knock it out. We know exactly what to do. Very low false positive rate.

In the previous solution, we had to devote more higher-level engineering resources to understand that system and support it properly. We faced a long-term scalability issue. By switching to Field Effect, we avoid spending extra time spinning wheels for something that doesn't matter. We're only spending effort on things that are identified and validated.

We replaced Cisco Umbrella and CrowdStrike with Field Effect. Those were the main ones, but we also replaced SentinelOne and Sophos. It broadened the coverage of the ecosystem. These previous solutions each covered little slices of the ecosystem, whereas Field Effect has a wider breadth. 

We use Field Effect Covalence for multiple cases including, our internal protection, standard client protection, and for incident response for all of our customers.

Along with the cloud product APIs & Endpoint Agents, the network Appliance can be deployed on-premises, in the cloud, and on hybrid platforms. On-premises solves for data sovereignty requirements. We have clients that use all three configurations.

The expert-backed monitoring of Field Effect Covalence is a crucial advantage. While many security products offer monitoring, it's the quality that sets Field Effect apart. Their data centers in Australia, the UK, Canada, and the US ensure real-time human oversight of traffic, eliminating the noise and false positives that plague other solutions. Having sold dozens of similar products, I can confidently say that Field Effect is the most effective and efficient in its class. Their alerts are actionable and accurate.

Field Effect Covalence is by far the easiest product to manage that I have ever dealt with.

The Action Recommendations Observations (ARO) feature of Covalence is a fundamental tool. It effectively guides people on how to prioritize tasks. "Actions" clearly indicate specific steps to take, while "recommendations" advise whether something deserves attention and what Covalence suggests doing about it. This flexibility is crucial, as not every observation translates to a problem requiring action. Some may simply require monitoring and context to determine the appropriate response. Compared to other priority systems in the market, ARO offers several advantages. Firstly, it facilitates clearer communication and understanding. Secondly, it empowers lower-skilled resources to address issues effectively, leading to cost savings. In essence, ARO serves not only as a valuable communication tool but also as a driver of profitability.

Covalence could be used as a single cybersecurity product for some organizations and it is the most important product in our stack but it is not our whole stack.

Covalence saves us a significant amount of time compared to other security systems we've used. We spend 50 percent less time managing Covalence because it eliminates false alarms. In the past, we'd constantly receive alerts that required us to investigate and ultimately dismiss as non-critical, like a door left open or a window unlocked. With Covalence, if it tells us something is wrong, it's truly wrong. No more wasted time on trivial issues. The way Covalence structures alerts and communicates information also allows us to dispatch the right resources efficiently. It automates many of the tasks we used to handle manually, taking the guesswork out of decision-making. It's as simple as following Covalence's instructions. Before, we'd have to verify the alert, determine the appropriate response, and then execute it. Covalence takes care of all that, which is a game-changer. For example, if Covalence detects an open door in a specific room, it automatically sends the right person to close and lock it. No more scrambling to figure out who to send or wasting time on unnecessary communication.

Covalence identifies and prioritizes critical threats, providing actionable intelligence and step-by-step instructions to mitigate them. This simplicity and efficiency are hallmarks of Covalence's effectiveness.

Covalence offers recommendations on how to mitigate risks proactively. While most MDR, XDR, and even EDR products simply alert us to ongoing threats, Covalence takes a preventative approach. They provide data that delves deeper into vulnerability management, highlighting outdated browsers, operating systems, and suspicious domain registrations that could be precursors to attacks. This focus on predictive and proactive measures helps prevent issues before they arise, setting Covalence apart from many other security products.

Investing in proactive security with Covalence has significantly enhanced our security posture. Preventing incidents before they occur is demonstrably the most cost-effective approach, as compared to the reactive expense of emergency response. By enabling us to address potential problems proactively, Covalence fosters a remarkably efficient and stress-free environment. This translates to happier customers, happier employees, and an overall phenomenal outcome.

I internally implement it to enhance our cybersecurity measures, especially given the management of numerous clients. The primary use cases involve comprehensive management and monitoring functions. It effectively oversees all incoming and outgoing internet traffic, providing a centralized control hub from the headquarters. Furthermore, it extends endpoint protection to all computers within the network. Additionally, the solution continuously monitors the Microsoft 365 environment around the clock. The synergy of these three functionalities offers an enhanced and constant overview of internet traffic, enabling the detection of any suspicious activities in real time.

One of the primary advantages is the assurance and peace of mind that comes from constant surveillance. Unlike the previous approach, which involved manually sifting through logs, having Covalence means there's always someone monitoring everything. Another significant benefit is the enhanced ability to meet security protocol objectives, especially when dealing with high-profile clients or pursuing government contracts. Covalence plays a crucial role in achieving compliance, addressing the stringent requirements set by cybersecurity insurance.

The realization of benefits from deployment is almost immediate. Once Covalence is deployed, it begins recording and monitoring right away. Within the initial three to five days, it establishes a comprehensive understanding of the data flow within the organization. In cases where there are issues, especially in a newly installed environment, it might take a few days to identify patterns. However, once up and running, any malicious activity triggers immediate recognition, allowing for swift response and mitigation.

An integral aspect of the solution's effectiveness lies in its backing by a team of dedicated experts. These professionals engage in continuous monitoring for potential attacks and risks, providing a crucial layer of security. The significance of this support becomes evident in the daily influx of alarms, where numerous alerts are generated regularly.

In terms of IT management, this product stands out as the most user-friendly solution I've encountered in years. Its ease of management and deployment is unparalleled.

It offers the convenience of a single cybersecurity product that proactively safeguards all the diverse services across our organization or for our clients. Notably, the latest updates to the Covalence client, installed on computers, are as effective as any standalone antivirus solution suggesting that, in the future, Covalence could serve as a comprehensive solution encompassing antivirus, malware protection, and cybersecurity monitoring.

It's crucial to rely on a single cybersecurity product for trust and efficiency. Managing multiple solutions for different aspects can be cumbersome, requiring constant monitoring of various portals. Covalence simplifies this by providing a centralized dashboard where everything is easily accessible in one place.

It significantly contributes to time savings for our security team. By leveraging an automatic scheduling system, we efficiently connect to client computers to address identified issues promptly. While the percentage of saved time might be less for a smaller operation like ours, where regular client connections are the norm, the real value lies in pinpointing where immediate attention is needed.

It has become our singular cybersecurity solution, leading us to phase out multiple other cybersecurity products. Specifically, we've begun removing Bitdefender solutions from clients who now utilize Covalence.

The communication with Covalence is primarily facilitated through our ticketing system, although critical incidents may prompt phone call alerts. They inform us of significant threats through various channels, and their active monitoring solution empowers them to take immediate action, such as shutting down compromised computers or Microsoft 365 accounts. This multi-faceted notification approach is highly beneficial, particularly when incidents occur outside regular working hours. It ensures prompt action even if we're not actively monitoring, a capability that wouldn't be possible without their service.

The swift response to evolving threats is crucial. Moreover, the simplicity of deploying and using their solution is a key factor that streamlines the provision of cybersecurity services to my clients, significantly easing my workload.

The impact on our security posture has been significant, greatly enhancing our overall cybersecurity coverage. By utilizing their products, I feel more confident that we are comprehensively protected, extending beyond a mere antivirus and malware solution.

It is a part of our security stack to help identify any vulnerabilities for our clients.

It is very important that Field Effect MDR is backed by experts who are constantly monitoring for attacks and risks. The main reason we went with Field Effect was the experience that the CEO brings and the experience we had with the team. Their process for educating us was another reason.

I do not have direct access to its user interface, but I have heard from the team that it is very easy for them to access and see alerts come in. They found it very easy.

We could see its benefits pretty much right away. We started getting the alerts as soon as we started using it. We started to receive alerts on areas that we needed to address right away.

It definitely adds a specific layer of protection. I would not want to be without it, but it is not the only piece that we would use to proactively protect all our threat surfaces. It creates a very good layer, and for myself, the team has been a good access point to be able to get information and share that with clients too. That has been a big help for me. Compared to other software that we use, whenever we need assistance, they are the easiest ones to work with. We can get immediate assistance through chat.

Field Effect MDR helps our security team save time. We do not have to monitor a lot of things and go digging behind the scenes. They are doing that monitoring for us. It has almost added an employee who would have been doing that work for us. It has probably cut down on a third of our workload.

It informs us of the threats that matter and how to address them. We get alerts on even small issues that we do not need to address immediately. It helps to keep such things in the front of mind so that we can plan and schedule. It feels like it has made our operations run smoother because it is alerting us. Instead of just leaving it, we can schedule an update right away. We are addressing things right away. If an immediate problem comes up, we can deal with it as soon as possible because we have already scheduled something smaller, like an update.

Field Effect MDR gives us recommendations on how to reduce our risk. If there is something like a shared folder and they are seeing multiple accesses or credentials, they send us recommendations. We can let the client know as well about those recommendations. These recommendations are very important because our staff does not have to spend time thinking of a solution. The solution is already presented to us. We may add to the solution, but we do not have to spend time looking for a solution.

We use it for our clients, outsourcing our security operation center requirements. We rely on their solutions to meet our cybersecurity needs. It helped us gain a deeper understanding of the security landscape within our clients' networks, focusing on the intricacies of each endpoint. This became particularly crucial during the shift to remote work amid the COVID-19 pandemic. At that time, we reached out to Covalence to assess its compatibility with our requirements, and I believe that collaboration has proven to be successful.

The primary advantage is the notable improvement in our response time to incidents. With the categorization and severity indication, we can swiftly and efficiently react to security incidents. The action tag significantly boosts the internal priority, facilitating a quicker response.

It's crucial for us that Covalence is supported by a team of experts who consistently monitor it for potential attacks and risks. This aspect holds significant value for us, as it aligns with our expectations from a security vendor. Knowing that knowledgeable professionals are actively overseeing the system provides me with a sense of reassurance and peace of mind. In the initial three months, there were a couple of incidents where they promptly intervened and assisted in identifying issues. It took us approximately three to six months to fully recognize and experience these benefits.

Coordinating and handling Covalence is a breeze; we haven't encountered any management issues. The installation and deployment processes are straightforward and hassle-free, causing no complications on our end.

We leverage the solution's tagging system for categorizing security threats as recommendations or observations, aligning seamlessly with our internal ticketing system. When any action, observation, or recommendation is flagged, it automatically generates a corresponding ticket. These tickets are then scheduled with our technicians based on priority for timely resolution.

The categorization of security threats through tagging is instrumental in addressing the most pressing issues. Immediate actions are our top priority, demanding immediate attention and analysis. Observations fall into a medium priority category, as they may or may not pose a significant risk. Recommendations are assessed when a technician is available, and prioritized based on urgency.

It serves as a comprehensive cybersecurity product that proactively safeguards all our services against threats. This is crucial because, without it, we would spend hours attempting to decipher and correlate information across various tools.

It aids our security team in saving time by providing more actionable alerts. Their effectiveness in filtering out false positives and non-invasive alerts is commendable, preventing our team from investing time in non-critical matters. We haven't quantified it with specific metrics, so I can't provide a precise figure. However, based on my experience, I have observed a substantial amount of savings overall.

It has taken the place of several cybersecurity solutions for us, including replacing a previous SOC vendor. We are currently in the process of transitioning from our antivirus vendor to Covalence.

It has significantly enhanced our security coverage, providing me with a sense of peace of mind. Managing three different vendors, each with its own security focus, used to be challenging. With Covalence, having visibility across all aspects and layers, they can efficiently correlate logs without our intervention.

It keeps us informed about the significant threats and provides guidance on addressing them. Each ARO includes recommendations. Leveraging the integration with ConnectWise, they automatically generate a ticket for us, complete with a checklist of recommendations.

The impact we observe on our security operations is notable. The checklists provided, especially geared towards system administration and help desk tasks, are particularly beneficial. These checklists simplify processes for our team, reducing the need for extensive cybersecurity training. It's advantageous to have a vendor that collaborates effectively with our team, making the implementation of security measures more seamless and efficient.

They offer recommendations for risk reduction, encompassing aspects such as vulnerability scanning, code assessment, and evaluation of security tool effectiveness. These recommendations, termed AROs are communicated through tickets. Our team then reviews and prioritizes these recommendations to address them accordingly. There are instances where misconfigurations may occur, whether intentionally or unintentionally by our team. Having a third-party vendor closely examine these configurations is valuable. Even if a risk is acknowledged, it provides us with an awareness of its existence and potential impact.

It's our cybersecurity solution for cloud, network, and endpoints. We do a weekly review of the endpoints, and because software is always changing and no software is secure, we are updating software all the time. We rely on them for our cybersecurity solution.

Covalence informs you of the threats and how to address them. They send emails and texts. They tell you what the level is. You can see the recommendations and ask for help. You can escalate. It's very helpful.

For a small business that doesn't have a full IT or cybersecurity department, their guys are there when you need them. If something comes up and gets identified by the system, you can reach out to a human if you need help doing the analysis. A couple of times, I ran software that did the analysis, and then I sent it back to them. They were able to review what the malware was and evaluate whether it was safe or not to proceed after it was clean.

We leverage Field Effect Covalence for our customers' cybersecurity needs. We offer it as a value-added service to our clients, acting as a trusted reseller for Field Effect. For companies that have experienced security breaches or vulnerabilities, we prioritize recommending Field Effect Covalence's immediate deployment. Integrating Covalence enables swift remediation through its robust cybersecurity policies and tools. Moreover, we actively promote the adoption of Field Effect Covalence as a comprehensive security solution within our existing customer base, as we firmly believe in its efficacy.

We implement Field Effect Covalence to satisfy cybersecurity policies and remediate existing threats and incidences.

We've deployed Covalence in the cloud for some clients, but most have on-premise deployments due to our pre-existing on-premise equipment. While I anticipate a shift towards cloud adoption as clients transition to cloud services, our current focus remains on physical installations.

Covalence's backing by experts who constantly monitor for attacks and risks is a great advantage. I've had the pleasure of working with them for a long time, and their professionalism and expertise are truly commendable.

The tagging feature effectively prioritizes tickets by highlighting the most urgent issues. When someone receives a tagged alert, it automatically becomes a top priority. Observations, while important, are addressed later as resources permit.

Managing Covalence is easy and their support team is good if we run into a problem.

While Covalence doesn't proactively cover all our threat services, they've made significant strides over the years. Their continuous development efforts have expanded their capabilities beyond what we currently utilize. While we collaborate with their development team on specific needs, their overall coverage surpasses our current requirements.

Covalence saves us significant time by eliminating the need to manually search for vulnerabilities. Instead of hunting through side channels, we receive vulnerability reports directly, streamlining the process. Additionally, Covalence identifies outdated software, allowing us to automate updates previously handled manually. This automation, driven by Covalence's insights, saves us a considerable amount of back-end time by eliminating manual tasks.

We have implemented other cybersecurity solutions for our customers, including Darktrace, but have found them to be inadequate compared to Covalence, leading us to consolidate onto this superior platform.

Covalence has improved our client's security coverage. They love the solution.

Covalence keeps us informed about the most critical security threats and guides how to address them. We hold monthly meetings to discuss ongoing security concerns, and in case of urgent issues, we communicate directly with Covalence's team. Additionally, we maintain regular communication with their development, support, and admin teams.

Covalence delivers daily recommendations to help us reduce platform risk. These recommendations are crucial, as addressing them safeguards against potential threats. Therefore, they are of great importance to both us and our customers.