Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Works and integrates well with Palo Alto NGFW
What do you like best about the product?
Reporting/inventory of systems and being able to identify agent levels and operating system. The ability to triage/investigate from the mainpage is great. The continual development is nice as we've seen steady improvement from the Traps days.
What do you dislike about the product?
licensing has been a bit all over the place and hopefully is simplified now. Would love to see it integrate more with other security products and not just Palo Alto. Bringing some extra flexibility would be nice.
What problems is the product solving and how is that benefiting you?
Being able to identify machines that don't have coverage has always been the problem. We have increased visibility now that we've never had before. Ease of deployment and upgrades of agents is also fairly straightforward.
- Leave a Comment |
- Mark review as helpful
Cortex XDR best in Endpoint Protection and also provides Wealth of information from Endpoint
What do you like best about the product?
Ease of use and details information provided from Endpoints. Cortex XDR also detects threats with behavioral analytics more accurately and allows you to contain and isolate endpoints quickly before any damage is done.
What do you dislike about the product?
Cortex XDR does not currently allow us to download Policies, thereby making it difficult to audit applied policies Easily.
What problems is the product solving and how is that benefiting you?
Problem: Ensuring Endpoints are protected using both signature and behavioral pattern
benefit: Tight integration with enforcement points accelerates containment, enabling you to stop attacks before the damage is done.
benefit: Tight integration with enforcement points accelerates containment, enabling you to stop attacks before the damage is done.
One of the better endpoint security products
What do you like best about the product?
Traps has prevented anomalous behavior in our environment a couple of times. This has saved us a lot of trouble. The management interface is intuitive and easy to comprehend. Agent impact on performance in negligible.
What do you dislike about the product?
At the moment the rollout on MacOS Cataline gave us a little headache, but as of today Traps supports Cataline. Just make sure you update Traps first to the newest version. Otherwise you have to uninstall Traps and reinstall the new version.
I don't like to way to create Agent Installations. For every new version you create a new installation "package". You should never delete it as long as machines make use of that installation.Just hide them. But it feels this could be done easier.
I don't like to way to create Agent Installations. For every new version you create a new installation "package". You should never delete it as long as machines make use of that installation.Just hide them. But it feels this could be done easier.
What problems is the product solving and how is that benefiting you?
A legacy signature based antivirus doesn't work nowadays. You need behavior based detection. Traps has this and is a full replacement for a signature based antivirus. As admins we feel a lot more at ease.
Recommendations to others considering the product:
Definitely try Palo Alto Traps as one of your choices if you are looking for a new product. Especially if you have more Palo Alto products.
Execute network-wide information security
What do you like best about the product?
It is very helpful to handle the various operational requirements of firewalls with Palo Alto. It allows you to build shared laws which can be enforced in many proxy servers. It also utilizes software actions to spot hostility and prevent our system. As each category of firewalls has different uses, Palo Alto helps to detect if there are unidentified devices that generate unwanted traffic and what sort of traffic it is. Also, filters introduced between organizational sessions in several areas are able to remain permanent.
What do you dislike about the product?
It is very helpful to handle the various operational requirements of firewalls with Palo Alto. It allows you to build shared laws which can be enforced in many proxy servers. It also utilizes software actions to spot hostility and prevent our system. As each category of firewalls has different uses, Palo Alto helps to detect if there are unidentified devices that generate unwanted traffic and what sort of traffic it is. Also, filters introduced between organizational sessions in several areas are able to remain permanent.
What problems is the product solving and how is that benefiting you?
We use Palo Alto for unified firewall monitoring and regulation of the execution of network-wide information security. We attempted other AV services, but at some stage they all crashed and Palo Alto Panorama have rarely disappointed us.
Recommendations to others considering the product:
Palo Alto Panorama is a great option if in your workplace there are specific conditions for various firewall classes. It allows you to track aspects such as scheduling and tools that are accessible. However, the effective tracking system has its flaws, that's why I don't consider it as an all-in solution.
Handle all of our settings at all of our distinct locations
What do you like best about the product?
Palo Alto Traps is very helpful for updating the majority of the software by a single tap. The Control Panel and the ACC provide helpful data to display all firewalls or to be able to select which one we want to work with.
What do you dislike about the product?
We switch from local to the cloud variant of Traps, as in the cloud version's there were almost no training alternatives, which have changed over time. Also, sometimes the PANOS extension to the firewalls merely stops working with no particular reason. In general, I think the system does not have a big customer environment. Also, it appears to be too severe (so much that’s unnecessary) when any small threat is detected.
What problems is the product solving and how is that benefiting you?
Palo Alto Traps is used by our network safety group to handle all of our settings at all of our distinct locations. Only IT staff are responsible for device management of these tools. It is also used to implement central console patches and press strategies. I think of Palo Alto Traps as a useful method to retain data and to maintain the division of duties separate, as we can offer participants from other groups a little space to display the settings without providing them with immediate entry to the firewalls.
Recommendations to others considering the product:
If a customer wishes to readily handle the configurations, or want to handle firewall backups without running between so many cabinets, Palo Alto Traps is vital and straightforward. However, you must consider that this tool is not meant to be used as a tool for monitoring your system.
Next Gen Anti Virus - Finally ready for the marketr
What do you like best about the product?
We have used traps for 2 years now and the 5.0 platform solves so many of the current issues. The interface is 100x better and the application protects us the way it should.
What do you dislike about the product?
My only complaint is that you still cant use the traps client as a palo alto identity source for User ID.
What problems is the product solving and how is that benefiting you?
Protection from Malware/Spyware/Ransomware.
Recommendations to others considering the product:
Take a look at Traps and carbon black. They are both great next gen firewalls.
Great Next Gen Antivirus
What do you like best about the product?
The ability to configure it and know that it will auto update without needing regular input.
What do you dislike about the product?
If a piece of software gets updated that you have whitelisted by hash control, it can re trigger after each update. This only happens with smaller oneoff software the system hasnt seen before,
What problems is the product solving and how is that benefiting you?
Palo Alto is our primary antivirus and ransomware protection.
Recommendations to others considering the product:
This is a great product and we couldn't be happier with it. If you need something that wont require having someone look at every issue in it and fix issues daily, this is a great fit.
Excellent threat hunting capabilities
What do you like best about the product?
that with secdo our security team is really able to be proactive and not just handle alerts in a reactive way. Because we handle alerts faster, we have time to threat hunt – based on leads, IOCs or even behavioral IOCs we created in secdo.
And because they record all endpoint activity and store it for months – we can really hunt. We can find advanced, fileless, and in-memory attacks, and go deep into suspicious activity to identify anomalies that could lead to silent threats.
And because they record all endpoint activity and store it for months – we can really hunt. We can find advanced, fileless, and in-memory attacks, and go deep into suspicious activity to identify anomalies that could lead to silent threats.
What do you dislike about the product?
I am waiting for them to add some features we asked for, but other than that - none.
What problems is the product solving and how is that benefiting you?
the biggest problem we had is the lack of time and tools to effectively hunt for threats that our detection/protection systems didn’t catch. So with Secdo our tier1 analysts handle most alert WORK, and the Tier 2/3 can actually have time to hunt. and the hunting is really granular and depth – because they store endpoint activity and let you search everything. We actually found hidden threats in our network already a week after we start using Secdo. It’s a really useful tool for sec teams
Great combination of EDR with security automation
What do you like best about the product?
We're aware of some of the top EDRs - None of them gives an automation layer that would allow insight to investigate incidents and alerts automatically.
That’s a game changer for us – instead of drilling into each alert and trying to match it with the relevant endpoint data – Secdo does that automatically for us (they call the algorithm that does that ‘causality analysis engine’).
That’s a game changer for us – instead of drilling into each alert and trying to match it with the relevant endpoint data – Secdo does that automatically for us (they call the algorithm that does that ‘causality analysis engine’).
What do you dislike about the product?
Orchestration would be a great add on for such a product
What problems is the product solving and how is that benefiting you?
we don't have the capacity to investigates all of our daily alerts.
Secdo allows us to get better coverage, about 30 times the coverage which is unbelievable !
Secdo allows us to get better coverage, about 30 times the coverage which is unbelievable !
Recommendations to others considering the product:
Definitely get involved with this product - it's ease of use, ability to drill down and coverage at volume would make your life easier !
SecDo Host visibility – for IT and Security
What do you like best about the product?
Their endpoint visibility capabilities. From what I’ve seen in other EDR tools, they
have 3 advantages:
Thread level visibility (all others do process level visibility)
They keep all endpoint data that they collect for a minimum of 30 days (all
the other vendors keep it up to 30 days)
They collect way more endpoint activity types then other EDRs, so they also
cover uses cases as insider threats, business risk, user activity, policy
violations, System/File attribute violations, etc.)
have 3 advantages:
Thread level visibility (all others do process level visibility)
They keep all endpoint data that they collect for a minimum of 30 days (all
the other vendors keep it up to 30 days)
They collect way more endpoint activity types then other EDRs, so they also
cover uses cases as insider threats, business risk, user activity, policy
violations, System/File attribute violations, etc.)
What do you dislike about the product?
That they don’t also have an EPP solution.
What problems is the product solving and how is that benefiting you?
Before Secdo, both the IT team and the security team were lacking information
about what’s going on our endpoints. We needed it for IT inventory, compliance, and
risk assessment, and for insider threats. So we searched for EDR tools that have the
most granular endpoint visibility. We tested 5 and decided about Secdo. With Secdo
we can query the endpoint population to identify areas of risk and possible
vulnerabilities (we see into USB activity, installed software, autoruns, downloaded
files, running drivers, and even captures of users’ screens)
about what’s going on our endpoints. We needed it for IT inventory, compliance, and
risk assessment, and for insider threats. So we searched for EDR tools that have the
most granular endpoint visibility. We tested 5 and decided about Secdo. With Secdo
we can query the endpoint population to identify areas of risk and possible
vulnerabilities (we see into USB activity, installed software, autoruns, downloaded
files, running drivers, and even captures of users’ screens)
showing 11 - 20