Action1 is an autonomous endpoint management platform that is cloud-native, scalable, and configurable in 5 minutes. It is free for the first 200 endpoints, with no functional limits. By pioneering autonomous OS and third-party patching - AEM’s foundational use case - through peer-to-peer patch distribution and real-time vulnerability assessment without needing a VPN, it eliminates costly, time-consuming routine labor, preempts ransomware and security risks, and protects the digital…
N/A
Darktrace
Score 8.6 out of 10
N/A
Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for your organization. This allows it to tackle complex cyber-attacks as they happen and prevent future cyber-attacks from happening.
N/A
SentinelOne Singularity
Score 8.9 out of 10
N/A
SentinelOne is endpoint security software, from the company of the same name with offices in North America and Israel, presenting a combined antivirus and EDR solution.
To be honest, I might have been lucky, but Action1 was the first I actually tested. I've heard from our mother company from Italy, that they have tested NinjaOne but it was not what they were expecting in terms of vulnerability and patch management. I've recently suggested them …
Action1 is a similar but less feature-filled product than ConnectWise or Kaseya. However, Action1 can fulfill the main use-case scenarios of both products at a much lower cost per endpoint. Action1 is also constantly innovating and working with its users to improve upon the …
SentinelOne Singularity is a far superior product to Symantec Endpoint Security, which is the product we migrated from, when we purchased SentinelOne. Symantec simply missed security incidents it should have been able to catch, and support has recently changed for the worse. …
If your organization is like mine (nonprofit and tight budget) this product is for you. The first 200 endpoints are free and being we are a small organization, this product is perfect for us. I was able to use Action1 to upgrade all my endpoints from Windows 10 to 11 pretty much effortlessly. If you are not a nonprofit and have more endpoints over 200, this is still a great product to use as I don't find it very expensive to incorporate into your infrastructure.
Darktrace is a product well suited for the vast majority of infrastructures and helps monitoring and responding to threats based on the network in a very elastic way. This is a product based on on-premise infrastructures that hosts its machines locally, of course it can be technically difficult to monitor an entire On-Cloud infrastructure but even there there's room for sensors and monitoring, not to mention the SaaS and mail integration that completes the product.
It works extremely well for investigating the root cause analysis of events because you can see so much detail into what was happening before, after, and around the detective incident. A weak point would be when the AI gets a little over-aggressive or doesn’t quite understand the use case for specific tools. Our RMM tool was detected as a pup.
Easy remote access to devices. That simple. We have some very unskilled users in the field where asking them to access their PC via conventional remote tools like TeamViewer, Anydesk, etc. was always a pain. Now, all they have to do is ensure their PC is online, and we can connect to them.
Remote software deploy. Before Action1, we did have some GPOs and scripts, but again - being able to deploy to PCs outside of our office/LAN, is just beautiful. On top of the standard repository, being able to create new packages is very useful for our scenario.
Inventory Reporting. Recently we had to identify PCs running old versions of Windows. Can't highlight enough how easy it is.
Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network.
Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation.
Darktrace comes with it autonomous AI model detection and responses capabilities.
Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network.
The deployment screens for update deferrals can be hard to understand at first and easy to skip since it carries some default info when you create a new automation rather than a more conspicuous prompt to update.
There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update.
Action1 has taken many of the tasks that are time consuming and made them simple automated tasks that can be run on a schedule. I can schedule tasks to run off-hours and know that they will be done and I no longer have worry about it. As someone who does IT support for a living, it just makes my job so much simpler with less stress.
The Darktrace toolset is very expansive, allowing it to handle many different tasks, but this leads to a user interface that is sometimes not at all intuitive. Icons don't always make sense visually, and the associated tool tips do not always provide enough detail on what action the button performs
There are some minor issues with the platform that can be mildly frustrating, but the overall performance, peace of mind, and ROI make it worth using. The management console is intuitive and easy to learn, the endpoint clients are simple but give IT professionals enough data to make management easy and simple
Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.
Their support is good and quick to respond. The one issue we faced was when a non-protection issue arose there was a lot of dancing around trying to figure things out. This was frustrating as it took significantly longer to figure out issues. Lots of repetitive log gathers, screen caps, uninstalls that never seemed to resolve issues. Eventually, the product would be updated and the issue seemed to be resolved, but seemed to be the only solution.
After looking at different solutions, Action1 [Cloud Remote Monitoring and Management Solution] was the perfect fit for us that delivered all of the features we wanted without being as costly as some of the others alternatives we've looked at. There was no minimum endpoint count and they even offer up to 50 endpoints for free, which is really great for a small organization like us to help us lower our starting costs and still allows us to grow at our pace without having to commit to a defined amount of endpoints to start.
We did NOT select Darktrace. OSSIM/AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.
SentinelOne had all of the major features that we were looking for. The other products either required too much administrative attention or were lacking key features. For example, one could be uninstalled by the end user. We required that the installation be password protected to protect against end user disabling or uninstalling. One product required manual intervention for all remediation which put to high a burden on limited staff. All products are always being revised so these may no longer be issues but they had a significant impact on our decision.
Saved hours per week on patching and able to ensure a 100% patching success rate.
Able to create custom alerting on potential problems as well as able to create some automation to automatically address problems.
Improved support to our remote locations and users.
Custom deployments allow us to have a mechanism to deploy custom applications we build as well as other third party applications we need to distribute.
One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network.
If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind.
You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic.
SentinelOne has already proved its value by stopping attacks that would have gone otherwise unnoticed until much later in their infection process.
The Vigilance team has provided quick response to threats that were not easily contained via the automated response SentinelOne's agents provide. This has given us a significant piece of mind.
