Cyber Security Consultant at a tech consulting company with self employed
Consultant
2020-12-22T03:10:02Z
Dec 22, 2020
The integration engine needs to improve. We try to integrate it with other tools, especially with Splunk or with the MyDLP engine, and even with Microsoft Exchange. As much as they tried to make it seem like it was easy, it wasn't easy. There was a lot of stuff that we had to do that we ended up having to do via an API or something special for a new case. That's a big issue for me. Integration is daunting. It leaves a lot of room for failure and frustration. There are just little nuances that make everything difficult. You're supposed to be able to flip this toggle thing here, and you're supposed to be able to get the feedthrough from Splunk. Then, from there everything should be perfectly fine. However, when you find out it is not perfectly fine and you find out that it's because this thing isn't necessarily correct, you have to do an update on it or they have to update their file to make it work correctly. It's very small, minute things that aren't quite right. It's not something that you can really pinpoint. There's a lot of nuanced issues. It the nuanced technical issues that you would notice once you cross its path. It's not one of those "Hey, this is something I would know off the top of my head." They are very small nuance issues that make you say "Oh, well I guess we've got to go and change this thing now." You get this with certain tools - mostly with Mandiant tools more than anything else in general. It's one of those Mandiant quirks that still carries on and persists to this day - even with this tool.
Breach and Attack Simulation (BAS) software solutions are designed to help you identify and address vulnerabilities within your security posture. By simulating cyber-attacks in a controlled environment, BAS tools allow continuous assessment and validation of your security controls, ensuring they are operating effectively against evolving threats.
BAS software provides an automated and consistent method to simulate real-world attack scenarios in your network. These solutions enable continuous...
The integration engine needs to improve. We try to integrate it with other tools, especially with Splunk or with the MyDLP engine, and even with Microsoft Exchange. As much as they tried to make it seem like it was easy, it wasn't easy. There was a lot of stuff that we had to do that we ended up having to do via an API or something special for a new case. That's a big issue for me. Integration is daunting. It leaves a lot of room for failure and frustration. There are just little nuances that make everything difficult. You're supposed to be able to flip this toggle thing here, and you're supposed to be able to get the feedthrough from Splunk. Then, from there everything should be perfectly fine. However, when you find out it is not perfectly fine and you find out that it's because this thing isn't necessarily correct, you have to do an update on it or they have to update their file to make it work correctly. It's very small, minute things that aren't quite right. It's not something that you can really pinpoint. There's a lot of nuanced issues. It the nuanced technical issues that you would notice once you cross its path. It's not one of those "Hey, this is something I would know off the top of my head." They are very small nuance issues that make you say "Oh, well I guess we've got to go and change this thing now." You get this with certain tools - mostly with Mandiant tools more than anything else in general. It's one of those Mandiant quirks that still carries on and persists to this day - even with this tool.