Adlumin is a security operations command center that simplifies complexity and keeps organizations of all sizes secure. Its technology and integrations create a platform that obtains security telemetry from across an organization to provide greater insights into security alerts and streamline workflows.
N/A
Cisco SecureX
Score 7.0 out of 10
N/A
Cisco Threat Response automates integrations across select Cisco Security products and accelerates key security operations functions: detection, investigation, and remediation. Threat Response integrates threat intelligence from Cisco Talos and third-party sources, which adds context from integrated Cisco Security products automatically so you know instantly which of your systems was targeted and how.
If you don't already have a system in place for anomoly detection, log monitoring, and alerting, you're doing your company a disservice. Whether Adlumin is the best choice for you depends on your budget and technology stack, but overall, Adlumin has been one of the best security purchases made by our company in the last few years, and has paid for itself by automatically preventing and protecting against specific attacks that were non-attacks due to Adlumin stopping them before they could start.
This is perfect for organisations with small or limited security teams who want to get more from their Cisco and third-party investments. With Secure Endpoint makes detecting and responding to threats much easier. Any organisation looking to overhaul its security infrastructure or even wrap around its cloud-first strategy with solutions such as Intune should seriously look at Cisco’s suite of products. I’ve implemented Secure Endpoint, Umbrella, and Duo for customers primarily using Intune for device management, and the cool new insight features in Cisco SecureX really help with visibility over their estate.
So the product enables end users to get visibility into their security environment, not only across the Cisco products but across the third-party products as well. The product also automates detection and response. So the product really offers end-user efficiency in the security operations center.
After an alert has been "Cleared" by internal IT, there should be no further action taken by the SOC team or the AI agent.
When there is an active internal incident or problem with Adlumin, there should be a notice in the incident or on the platform's active issues board about issues that may affect Adlumin agents. This would save people who have to respond a lot of time.
Have not been able to get one forwarder to function properly, despite documentation from a technician and the platform documentation. This is frustrating when a Windows collector option is available but doesn't work at all.
I have noticed some SentinelOne detections do not warrant responses or actions from the Adlumin team. These are usually repeated flags that do not require action, but some do, and some do not. I can't figure out what we reference specifically to determine a response from SOC or AI.
Of course, many companies prefer to obtain security from the cloud; however, not all of them prefer it, which is why having a local implementation would allow these companies to also use said software as their ally for their security.
Working with this software can be simple, that is, any threat can be visualized with greater precision, but when it comes to managing its orchestration, it is a bit complex.
Its integration with other software can be simple but with others it is not, that is why it would be ideal if all of them could be carried out in the same way.
Integrating with a larger number of third party software would be of great help, to further enhance the analysis and detection of threats.
A number of integrations were simple to set up and well documented, but a few things were difficult or undocumented yet. Some sections feel over-complicated and others feel way too vague during the setup process. Once the onboarding is finished though, the product is very simple, but there is a learning curve at the beginning.
ArcticWolf has been a great product that we have used, but the ability that Adlumin has is extremely comparable for a fraction of the price. There are no hardware requirements with Adlumin, but it still has all of the abilities as ArcticWolf without the overheard. Again, the SOAR actions are a game changer when it comes to automation and immediate action.
A lot of the look and feel of both products is quite similar. There's several best practices on visualization that are followed in both and integration of common telemetry is comfortable and quick. But while Microsoft ATP offers deep insights into mostly the Microsoft environment and a limited view into other common sources, SecureX shines in all the non-client areas Microsoft's product seems lackluster in.
We used to be with an MSP before I was hired, and the company spent over 20K per year for that service. With N-Able, we have reduced the cost by over half.
I spend minimal time now patching computers because this is all automated. I sometimes have to patch a couple of machines because I missed a patch, but it has saved me a great deal of time.
I save a great deal of time with Board Reports because they are automatically generated for me each month.
