Continuous monitoring has strengthened payment security and now reduces incident impact quickly
What is our primary use case?
Deepwatch provides continuous rest monitoring, detection, and response to protect our organization from cyberattacks.
In our organization, Deepwatch's continuous monitoring and detection help us monitor logs from applications and infrastructure whenever there is suspicious activity. Unusual login attempts or malware are detected, which generates alerts and helps our team respond accordingly, ensuring security even outside business hours.
For our organization, Deepwatch continuously monitors our application whenever we deploy our application in the European regions, especially for another application in V4, which is a payment application gateway similar to PhonePe. Deepwatch improves the security posture by enabling faster threat detection and response, reducing the chances of any breaches that can happen.
What is most valuable?
Deepwatch offers continuous security watching, even when we are outside our business hours. We work here from 11 to 9, but after that, our application still needs to be monitored. Deepwatch functions as a 24/7 managed detection and response (MDR) with human-led SOC support. It provides continuous monitoring of systems, not just during business hours. The combination of human plus AI, with automated threat detection backed by security expert SOC analysts, leads to faster incident response, immediate alerts, and guided responses. The real impact is not just detecting threats; Deepwatch actively helps investigate and respond, significantly reducing the response time and risk.
Deepwatch has automation and human intelligence for real-time threat detection and response.
Deepwatch positively impacts our organization by reducing incident response time because previously, there was no mechanism to follow up on incidents, such as any security breach in the payment gateway. It has reduced response time by 40 to 60 percent. Threat detection accuracy has also improved significantly, with 24/7 monitoring even after business hours.
What needs improvement?
There are specific details that can be improved in Deepwatch. After implementing it, we tracked both response time and threat detection accuracy using the SIEM dashboard. We measured response time using MTTD and MTTR. There are areas that can be improved, such as every alert having a timestamp for detection time and acknowledgment. We observed the MTTR dropping from a few hours to under one hour after using Deepwatch, so baseline metrics can be enhanced.
Deepwatch can reduce alert fatigue since sometimes it generates a high volume of alerts that overwhelm our team. This can create too many alerts in a short amount of time, making it hard for our team to understand what to do. Additionally, the dashboard can be improved for better user-friendliness for end-users, requiring better visualization of MTTR, threat trends, and risk scoring. Improvements can also be made in more automated playbooks for automated response to common threats, and there is room for deeper integration capabilities, as integration with some internal tools may require additional effort.
For how long have I used the solution?
I have been currently working in my current field for the last three years.
What do I think about the stability of the solution?
Deepwatch is quite stable in my case.
What do I think about the scalability of the solution?
Scalability-wise, Deepwatch is excellent. We have grown from 10,000 users to 10 lakh users, and Deepwatch is still working fine for our payment gateway applications.
How are customer service and support?
Deepwatch customer support is excellent. We haven't used customer support extensively, but they do have a 24/7 helpline number and a feedback mechanism for paying customers, which is commendable.
What was our ROI?
I have seen a return on investment because, as I mentioned previously, our downtime due to security issues used to be two to three hours, but now it is reduced to under one hour. The MTTR is reduced by 40 to 60 percent. Incidents that previously took two to three hours are now resolved in under one hour. The impact includes faster containment of threats, reduced damage and downtime, and a lower need for a large security team due to not having to build a full 24/7 in-house SOC team. Additionally, detection efficiency has improved, with false positives reduced by 30 to 40 percent, alongside risk avoidance and hidden ROI from preventing potential data breaches, compliance penalties, and reputation loss.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup costs, and licensing was mostly positive. Pricing was subscription-based, with costs dependent on logs, data volume, number of assets, endpoint monitoring, and the level of MDR services. Pricing was somewhat on the higher side compared to basic tools but justified due to the inclusion of 24/7 SOC support. Setup costs involved moderate initial effort, which was manageable.
What other advice do I have?
My advice for others considering using Deepwatch is that if someone has an application where security threats are common, especially in regions with strict security compliance requirements in Europe, then Deepwatch is an excellent application to use. I would rate this review an eight out of ten.
Amazing Security Operations with Expert Guidance and Continuous Monitoring by Deepwatch.
What do you like best about the product?
Deepwatch manages our Security Services by enhancing organization security operations and providing continuous monitoring. Deepwatch's team acts as true security guider rather than just a service provider. They deliver actionable insights clear communication and strategic guidance that helpping us stay ahead of upcoming threats also in out automation platforms like Torq Hyperautomation to orchestrate faster response workflows and reduce manual effort.
What do you dislike about the product?
We observed the documentation could help us a lot if the smoothness was better in transition. When we had big amount of log data than Splunk searches can be slow and this really depends on how driven the query is. In last if integrated partner systems have limitations can cause constraint to Deepwatch's performance and visibility.
What problems is the product solving and how is that benefiting you?
The team at Deepwatch was knowledgeable and able to help us negotiating some problems on our side which is awesome. They were very organized and able to provide adhere to a project plan. Even the team was willing to help us when we added more servers.
Reliable and Advanced AI Driven Cybersecurity With Deepwatch Nexa.
What do you like best about the product?
Deepwatch has provided a reliable and consistent service and deepwatch has collaborated with us to deliver a robust solution and has surpassed our expectations in addressing complex security issuse.The evaluation and contract negotiations were smooth at the right time.The transition went superior to anticipated and with what we would consider typical challenges.
What do you dislike about the product?
Initial on boarding and fine -tuning may take time for complex environments.Faster UI performance and more flexible integrations with niche security tools would also improve the overall experience and maintenance of the different service components has been a bit difficult.
What problems is the product solving and how is that benefiting you?
We recommend it for all Cybersecurity Company Organizations because Deepwatch Nexa Agentic AI is designed to solve and automate threat detection investigations and responses to help our teams reduce risk improve efficiency and corporate data being sold on the (DWMR) Dark Web Monitoring and response provides takedown services.
Best tool for secure employee data and compliance
What do you like best about the product?
It is keeping our employee data very safe. The dashboard is showing clear reports of any suspicious activity by staff. It is giving peace of mind that our sensitive HR records are fully protected 24/7.
What do you dislike about the product?
The price is on a higher side for a mid size company budget. Some of the technical words in the weekly reports are simply beyond me (I am not a professional), too. "We need more plain language for the management team.
What problems is the product solving and how is that benefiting you?
We’re using it to protect employee- and salary-sensitive information against hacking. It’s also enabling us to watch for the insider threats. We are now in compliance of data privacy laws and feel a lot more comfortable.
Exceptional 24/7 Security Monitoring with Proactive Human Insight
What do you like best about the product?
Deepwatch brings together top-tier human analysts with smart tools and delivers 24/7 monitoring in a way that really feels like an extension of our security team. Their responsiveness has been excellent and their insight into our environment has helped us improve awareness and detection.
What do you dislike about the product?
One small point: their communication via certain channels (for instance Slack) can feel quieter than we’d like for real-time collaboration. Also, because they’re focused heavily on certain technologies (like Splunk) you might need to check how well your own tool-stack integrates.
What problems is the product solving and how is that benefiting you?
We were facing issues with alert overload, limited internal SOC capacity and stretched resources. Deepwatch stepped in to take on tier-1/2 triage, tune alerting, reduce false positives and bring more clarity to our security posture. That meant our internal team could focus more on strategic tasks, our detection improved and our operational load went down.
Outstanding Detection Improvements and Fast, Responsive Support
What do you like best about the product?
The Deepwatch team has been great! They're very responsive and our requests are processed fast. The improvements in detection engineering from their DRS 2.0 update have been outstanding. Fewer false positives, fewer unnecessary alerts, more detections enabled, etc. They leverage the Splunk platform for the backend, which is great because we've had no issues integrating our log sources. Splunk is well supported, and that's been fantastic to have.
What do you dislike about the product?
This is not a knock on the Deepwatch team. I'm just not a huge fan of Service Now, which is what the DW team leverages for escalations. It works just fine for what it is. I just find other systems like Jira to be easier to use, especially for multi-line comments.
What problems is the product solving and how is that benefiting you?
We have a small internal team, so it's a must to have a provider managing the tier 1 and tier 2 aspects of our SOC. That allows us to operate with a much smaller team, and focus on the most important workloads, and letting the Deepwatch team handle the bulk of the triage, which they do very well.
24/7 Managed Service provides a relief to security teams
What do you like best about the product?
Dynamic risk scoring method versus 1:1 alerting has reduced false positives. Their tooling is fairly easy to use, and wasn't overly cumbersome to implement. The management of Splunk has reduced a lot of workload for our teams
What do you dislike about the product?
Internal team communications among Deepwatch. They have struggled to accomplish simple requests in a timely manner in terms of customer support
What problems is the product solving and how is that benefiting you?
Deepwatch is solving for a need of 24/7 managed service and alerting in terms of security
Wonderful experience
What do you like best about the product?
Customer support and variety of features
What do you dislike about the product?
Not applicable, likea sll the services provided by deepwatch
What problems is the product solving and how is that benefiting you?
Deepwatch security center provides the best security solution for the organization
DW is a well-rounded third-party SOC provider.
What do you like best about the product?
Understanding the need and implementing.
What do you dislike about the product?
They should have more integration option
What problems is the product solving and how is that benefiting you?
Deepwatch is an amazing SOC provider. They truly understand the needs of their customers and put in amazing effort in implementing those needs. They have an amazing support system for the customer and are very responsive.
Strong MDR provider with experienced engineers and analysts working with Splunk
What do you like best about the product?
Deepwatch employes a skilled team of engineers, analysts, and CSMs who are able to assist with implementation of new log sources and alerts. The team is able to respond to security events quickly and effectively, while providing additional support if needed.
What do you dislike about the product?
Deepwatch's core competencies are currently focused on leveraging the Splunk SIEM but are expanding to MS Sentinel.
What problems is the product solving and how is that benefiting you?
Deepwatch is able to serve as an extension of the security team by serving as an MDR leading the offsite SOC for the organization. Deepwatch also helps manage the vulnerability management practice for the organization allowing us to outsource some of the workload.
