Top 8 Security Incident Response Tools
Carbon Black CB DefenseIBM ResilientCarbon Black CB ResponseFireEye HelixSecureworks Red Cloak Threat Detection and ResponseSECDO PlatformProofpoint Threat ResponseD3 Security
The initial setup is very easy.
The visibility provided has been great.
The UBA, User Behavior Analytics, is very good.
The solution is very easy to use.
Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread.
It is kind of simple and very easily deployable. You can start working with it very fast.
I like that it's easy. It's got the protection set up, and we can see whatever is required. We write our own rules and the rules that we can input. I think it is good.
The features that I have found most valuable are that the search capabilities are easy to use. The dashboards are good. The reports are good. It is just simple from a deployment standpoint - that was easy.
Technical support is great. Palo Alto is extremely helpful and responsive.
The ease of deployment is a valuable feature.
It has reduced our manual efforts to remove emails from each user's inbox, and in this case we do not have to ask our IT department or users to do so.
Advice From The CommunityRead answers to top Security Incident Response questions. 542,029 professionals have gotten help from our community of experts.
Hi community, I'm working on a document about the Security Operation Center best practices, and I would like to get your inputs about it. Thanks
Hi dear community, Can you explain what an incident response playbook is and the role it plays in SOAR? How do you build an incident response playbook? Do SOAR solutions come with a pre-defined playbook as a starting point?