![]() This is one small piece that they need to improve. So, they still have room to improve on the EDR part. Even though it has already got AI, but it is quite a different thing. I hope they have more AI or intelligence filtering on the EDR events. There are bugs that you have to deal with." "They recently released an EDR integration. Everybody is connected nowadays, and they want to do everything via cloud or fast internet connections, however, that's still not possible in many situations." "The stability needs to be improved. "The solution lacks the automation I need." "The integration capabilities might be lacking a bit." "They should focus more on the offline market as well. if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something." The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product." "In terms of the user experience, if the UX design could be much simpler. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. Eventually, we had to shut down the Exploit Prevention system. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. They continue to innovate in the right way." "I would like to see integration with Cisco Analytics." "It could be improved in connection with artificial intelligence and IoT." "The GUI needs improvement, it's not good." "The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. We think that Cisco covers all of the security aspects on the market. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through." "We don't have issues. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. That way you could get a more accurate device count, so you're not having an inflated number." "In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. "An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful." We had Umbrella in place and we were using Anåonnect as well as Firepower. We're able to dig in and really understand how things came to be and where to focus our efforts." "The integration with other Cisco products seemed to be really effective. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP." "Device Trajectory is one of the most valuable features. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. ![]() It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us." "Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. I can track everything that happens on our server from my PC or device. It should protect all kinds of things that might happen on the servers, things that I cannot see." "appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. "The most valuable feature is signature-based malware detection." "The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices." "The entirety of our network infrastructure is Cisco and the most valuable feature is the integration." "I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |