Uptycs CNAPP

I use Uptycs as part of cloud security threat detection, vulnerability management, and security operations initiatives in my organization.

One use case demonstrates how I used Uptycs for the vulnerability management solution with a project where Uptycs is already deployed. I can simply check what vulnerabilities are available in the organization, determine the critical vulnerabilities and the high-severity vulnerabilities to prioritize and remediate them based on priority.

From my perspective, I can identify two areas regarding Uptycs: one is vulnerability management and the other is cloud workload, and it also provides endpoint visibility. In vulnerability management, I need to know about the overall asset inventory, and while it is difficult to know which assets are working properly, this centralized solution helps me obtain all the endpoint details and endpoint visibility. I can check what vulnerabilities are present, the high-severity vulnerabilities, and whether vulnerabilities are mitigated, and I can also review if the vulnerability is actually mitigated, which helps reduce the risks for the overall organization.

As a subject matter expert in vulnerability management or TVM, I mostly use vulnerability management because it helps significantly to detect vulnerabilities and prioritize vulnerabilities, risk-based matrices, and mitigate the vulnerabilities with the remediation team. That is my primary area, and it has been really helpful.

Regarding Uptycs's impact on my organization, I can add two points regarding vulnerability management. First, in asset inventory management, I can obtain all the inventory details and check what my overall scope is, including whether any asset is dead, not working, or if it is not connected to the cloud or VM solution. This centralized solution provides the complete asset inventory in a single place. Secondly, vulnerability management provides vulnerability prioritization, which is impactful and helps reduce risks for the overall organization because I can prioritize vulnerabilities and mitigate those risks as soon as possible after prioritizing.

From my perspective, the features of Uptycs that stand out more for my projects and organization are the vulnerability management, endpoint visibility, and asset inventory management features.

I can share two specific outcomes that show this positive impact using Uptycs. First, it reduces significant time and effort from the asset inventory point of view because previously I needed to scan all of the assets which were in scope, but now I only scan those assets that are currently active and in scope, and the CMDB and asset inventory receive proper updates of those assets. Secondly, in vulnerability prioritization, I receive all the prioritized vulnerabilities so I can prioritize and mitigate or remediate them as soon as possible, which reduces the overall time of remediation as well.

Regarding improvements for Uptycs, I suggest simplified onboarding for complex cloud environments because the current onboarding method is complex and requires checks with the support team. Another area for improvement is the visualization of asset relationships. It should provide overall mapping of the assets, risk scores, matrices, and vulnerability prioritization so I can map all the assets and vulnerabilities.

I have used Uptycs for one year.

In my experience, Uptycs is stable with no downtime or reliability issues.

Uptycs handles growth and increased workload well. I have extensive data for vulnerability and asset data in the solution, and as of now, there have been no issues regarding scalability.

The customer support team is helpful, knowledgeable, and cooperative based on my interactions with them.

I have used multiple solutions for VM, including Rapid7, Qualys, and Nessus, because I am a subject matter expert in vulnerability management, and I have not switched from any of them. We started using Uptycs as it was our client's requirement.

I have seen a return on investment from using Uptycs, saving almost 25 to 30 percent in terms of asset investigations or asset inventory management and vulnerability prioritization, which is significant.

My advice for others looking into using Uptycs is that if you are looking for a centralized solution for all security practices, including endpoint security, vulnerability management, cloud security, and asset inventory management, then you can implement this solution, and it will be helpful. I would rate this review 7 out of 10.

We are using the solution for configuration and file integrity management. It's a validation tool.

They have multiple great features.

It offers most of the functionalities we need.

The one thing missing is the IPS part, the blocking part.

We end up facing a lot of issues after upgrades.

I've been using the solution for three or more years.

The solution is somewhat stable. It depends on how we are integrating it. Apart from the major upgrades and bugs around that, I'd rate the stability six or seven out of ten.

The solution is scalable. It covers multiple functionalities, operating systems, and clouds.

We have around 10,000 users on the solution currently.

Technical support is good. They provide us with valuable assistance.

The initial setup was really hard since the profiles you have to build around certain things. We had a lot of challenges implementing it.

It was a bit time-consuming to set up.

The pricing is moderate compared to other products in the market. However, it is not the cheapest option.

Depending on the requirements and how it is used, it's worth the money spent.

I'm an end-user.

We use the solution on multiple clouds.

I'd advise users to validate which product and metrics will help them the most. The solution has multiple functionalities. Don't go in blindly. Know what you want to get out of the product.

I'd rate the solution eight out of ten based on the scalability potential.