The product needs integration with SOAR products to add more integration points, which is important for various clients. Additionally, integrating behavior detection alongside IOCs and threat detection would enhance the product.
The technical support is medium - they could improve, as communication is sometimes slow or late. There are missing detections that other tools catch. For improvements, we need easier ways to view full incident information and better presentation of data. Adding risk indicators for incidents would help decide on immediate actions. The platform should provide more information about incident risks to help less knowledgeable staff make decisions.
SOC Technical Lead at a educational organization with 1,001-5,000 employees
Real User
Top 5
2024-06-24T19:16:00Z
Jun 24, 2024
Some activity is outlined to be malicious, however, context explains that this is normal behavior. For example, outlook creates a new process in MSEDGE/Chrome when a link is clicked. Of course, that would happen. I would love to see the support of additional operating systems, such as MacOS and Windows 11 in future releases. One detail that would be nice but is truly asking for a lot is the included aesthetic formatting of the sandbox report. This would be great to present to key stakeholders following the analysis.
I don't have any suggestions, because the solution is company-maintained and I believe the company is adopting every feature based on their needs and requirements.
Anti-malware solutions are software programs that are designed to protect devices from malware. Malware is a broad term that encompasses any software that is designed to harm a computer system. This includes viruses, worms, trojans, ransomware, and other malicious programs.
The product needs integration with SOAR products to add more integration points, which is important for various clients. Additionally, integrating behavior detection alongside IOCs and threat detection would enhance the product.
The technical support is medium - they could improve, as communication is sometimes slow or late. There are missing detections that other tools catch. For improvements, we need easier ways to view full incident information and better presentation of data. Adding risk indicators for incidents would help decide on immediate actions. The platform should provide more information about incident risks to help less knowledgeable staff make decisions.
Some activity is outlined to be malicious, however, context explains that this is normal behavior. For example, outlook creates a new process in MSEDGE/Chrome when a link is clicked. Of course, that would happen. I would love to see the support of additional operating systems, such as MacOS and Windows 11 in future releases. One detail that would be nice but is truly asking for a lot is the included aesthetic formatting of the sandbox report. This would be great to present to key stakeholders following the analysis.
I don't have any suggestions, because the solution is company-maintained and I believe the company is adopting every feature based on their needs and requirements.