XM Cyber helps identify risk by creating a shadow environment mirroring the production system. While it doesn't directly mitigate risks, it simulates attacks across this replica, uncovering vulnerabilities and weak points within the system. Once a WISC is established, it highlights the vulnerability and offers recommendations for improvement. It provides reporting templates, making the process faster. I rate it an eight out of ten.
We are also resellers and also use the product ourselves. We have an almost 100% request for POCs after a one-hour demonstration. I've never seen that before. We are using the most recent version of the solution. You normally don't have a choice at the moment. To my knowledge, there's only a cloud version you can license that's kept accurate and up to date by XM itself. We have, for some reason, an on-premise version and take care of that on our own, however, we have the latest version since it's important to maintain up-to-date versions. I'm not saying it makes you 100% secure. It's an automated pen test. It's not as good as a pen tester is, however, it raises the bar to a level that makes it very, very difficult for an attacker to get somewhere. In a real environment, persistent attacks, people that want to get persistence in your system, ATPs, and stuff like that, if they manage to get access to your network, they don't know in which environment they move or they live there. They don't know if they're IDS systems, SIEM systems, et cetera. Using scanners is not an option there. If you are limited in your technical means anyway, and there's something like XM that takes away 70% or 80% of your typical starting techniques, it's great. It's not 100%, however, it makes it so difficult for attackers to get somewhere without setting off alarms. I strongly believe that makes you more secure. That was the reason why we bought it for ourselves. I'd advise others to get a demo. From my personal experience, I saw a demonstration. Since I have a good technical background and I know all the hassles with vulnerability management, I immediately saw the possibilities. People in a demo go, "Wow, finally, a way to manage all this overload of information." This is what almost anybody saw immediately in the presentation. During a POC, which is a 30-day audit where you get a full installation paid, it's going to give you lots of interesting results. We've done that a couple of times before, and we did not have one person say "I didn't like the program. We saw in 30 days and it's no use." Not one person has ever said that. I'd rate the solution nine out of ten. There are some minor improvements it can make, however, overall, it's very good.
Vulnerability Management (VM) is a critical cybersecurity process focused on identifying, evaluating, and mitigating vulnerabilities in IT systems. It helps organizations protect their networks and assets by proactively managing security weaknesses before they can be exploited by threats.
XM Cyber helps identify risk by creating a shadow environment mirroring the production system. While it doesn't directly mitigate risks, it simulates attacks across this replica, uncovering vulnerabilities and weak points within the system. Once a WISC is established, it highlights the vulnerability and offers recommendations for improvement. It provides reporting templates, making the process faster. I rate it an eight out of ten.
We are also resellers and also use the product ourselves. We have an almost 100% request for POCs after a one-hour demonstration. I've never seen that before. We are using the most recent version of the solution. You normally don't have a choice at the moment. To my knowledge, there's only a cloud version you can license that's kept accurate and up to date by XM itself. We have, for some reason, an on-premise version and take care of that on our own, however, we have the latest version since it's important to maintain up-to-date versions. I'm not saying it makes you 100% secure. It's an automated pen test. It's not as good as a pen tester is, however, it raises the bar to a level that makes it very, very difficult for an attacker to get somewhere. In a real environment, persistent attacks, people that want to get persistence in your system, ATPs, and stuff like that, if they manage to get access to your network, they don't know in which environment they move or they live there. They don't know if they're IDS systems, SIEM systems, et cetera. Using scanners is not an option there. If you are limited in your technical means anyway, and there's something like XM that takes away 70% or 80% of your typical starting techniques, it's great. It's not 100%, however, it makes it so difficult for attackers to get somewhere without setting off alarms. I strongly believe that makes you more secure. That was the reason why we bought it for ourselves. I'd advise others to get a demo. From my personal experience, I saw a demonstration. Since I have a good technical background and I know all the hassles with vulnerability management, I immediately saw the possibilities. People in a demo go, "Wow, finally, a way to manage all this overload of information." This is what almost anybody saw immediately in the presentation. During a POC, which is a 30-day audit where you get a full installation paid, it's going to give you lots of interesting results. We've done that a couple of times before, and we did not have one person say "I didn't like the program. We saw in 30 days and it's no use." Not one person has ever said that. I'd rate the solution nine out of ten. There are some minor improvements it can make, however, overall, it's very good.