Check Point Software Technologies provides threat intelligence via the Check Point ThreatCloud.
N/A
Cisco SecureX
Score 8.9 out of 10
N/A
Cisco Threat Response automates integrations across select Cisco Security products and accelerates key security operations functions: detection, investigation, and remediation. Threat Response integrates threat intelligence from Cisco Talos and third-party sources, which adds context from integrated Cisco Security products automatically so you know instantly which of your systems was targeted and how.
If you have the Check Point environment and want to utilize the Checkpoint environment, you should use the [Check Point] ThreatCloud. Without [Check Point] ThreatCloud, there’s no way to stop the 0days or APTs. However, [Check Point] ThreatCloud relies on the Checkpoint infrastructure to be used and integrated. If you have other firewall and/or endpoint vendors, [Check Point] ThreatCloud is not the best service to be used. Checkpoint also offers 24x7 threat cloud-managed security services to [...] organizations. Threat cloud-managed security services leverage the threat cloud decreasing the detection time and false-positive rates via increasing protection rates.
This is perfect for organisations with small or limited security teams who want to get more from their Cisco and third-party investments. With Secure Endpoint makes detecting and responding to threats much easier. Any organisation looking to overhaul its security infrastructure or even wrap around its cloud-first strategy with solutions such as Intune should seriously look at Cisco’s suite of products. I’ve implemented Secure Endpoint, Umbrella, and Duo for customers primarily using Intune for device management, and the cool new insight features in Cisco SecureX really help with visibility over their estate.
So the product enables end users to get visibility into their security environment, not only across the Cisco products but across the third-party products as well. The product also automates detection and response. So the product really offers end-user efficiency in the security operations center.
Of course, many companies prefer to obtain security from the cloud; however, not all of them prefer it, which is why having a local implementation would allow these companies to also use said software as their ally for their security.
Working with this software can be simple, that is, any threat can be visualized with greater precision, but when it comes to managing its orchestration, it is a bit complex.
Its integration with other software can be simple but with others it is not, that is why it would be ideal if all of them could be carried out in the same way.
Integrating with a larger number of third party software would be of great help, to further enhance the analysis and detection of threats.
As Checkpoint next generation firewalls were already implemented in the network, ThreatCloud was easy to implement and had better features and reputation than competitors
A lot of the look and feel of both products is quite similar. There's several best practices on visualization that are followed in both and integration of common telemetry is comfortable and quick. But while Microsoft ATP offers deep insights into mostly the Microsoft environment and a limited view into other common sources, SecureX shines in all the non-client areas Microsoft's product seems lackluster in.
High score rates [are] seen on breach systems after deploying systems integrated with [Check Point] ThreatCloud
Catch rates are very high compared to other vendors
One missing thing is the detection for localized URLs and IPs
Purchasing within the 3-year perspective is cheap compared to other solutions; ROI is generally six months
[Check Point] ThreatCloud eliminates the need [for] other additional services that may need to be deployed like dedicated IPS, Dedicated Sandbox, DNS solution, etc.
