WPS Security Engineer at a tech services company with 201-500 employees
Real User
Top 5
2023-11-14T12:42:46Z
Nov 14, 2023
Initially, we found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules. This functionality, available in the Cortex XDR platform, wasn't present then. While there might have been changes since then, during our usage, we couldn't easily import or send Syslog data to the platform and could not create custom parsing rules for data recognition and correlation rule alerts. The query builder's functionality could have been more robust, forcing us to create broader exclusions than desired, resulting in a visibility gap due to the inability to make more granular exclusions within the query builder.
Find out what your peers are saying about Secureworks, Trend Micro, Darktrace and others in Network Detection and Response (NDR). Updated: November 2024.
What is Network Detection and Response (NDR)? Network detection and response (NDR) is a new category of cybersecurity solutions that focuses on monitoring network traffic, detecting, and responding to cyber threats.
As networks become more complex and distributed, organizations need to have eyes everywhere, so they can detect and stop threats before a disaster. These solutions provide visibility to known and unknown threats coming to the network.
Unlike signature tools such as intrusion...
Initially, we found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules. This functionality, available in the Cortex XDR platform, wasn't present then. While there might have been changes since then, during our usage, we couldn't easily import or send Syslog data to the platform and could not create custom parsing rules for data recognition and correlation rule alerts. The query builder's functionality could have been more robust, forcing us to create broader exclusions than desired, resulting in a visibility gap due to the inability to make more granular exclusions within the query builder.