Cisco Threat Response automates integrations across select Cisco Security products and accelerates key security operations functions: detection, investigation, and remediation. Threat Response integrates threat intelligence from Cisco Talos and third-party sources, which adds context from integrated Cisco Security products automatically so you know instantly which of your systems was targeted and how.
N/A
LogDNA
Score 9.0 out of 10
N/A
LogDNA headquartered in Mountain View offers their eponymous cloud log management or on-prem/self-hosted log management solution.
This is perfect for organisations with small or limited security teams who want to get more from their Cisco and third-party investments. With Secure Endpoint makes detecting and responding to threats much easier. Any organisation looking to overhaul its security infrastructure or even wrap around its cloud-first strategy with solutions such as Intune should seriously look at Cisco’s suite of products. I’ve implemented Secure Endpoint, Umbrella, and Duo for customers primarily using Intune for device management, and the cool new insight features in Cisco SecureX really help with visibility over their estate.
Anytime we need to make any kind of log on any platform that we use, LogDNA is well suited. It is primarily used for logging errors on our server but also used for checking issues within our iOS apps when we need to identify a critical issue that is occurring. The search feature is very very good!
So the product enables end users to get visibility into their security environment, not only across the Cisco products but across the third-party products as well. The product also automates detection and response. So the product really offers end-user efficiency in the security operations center.
Of course, many companies prefer to obtain security from the cloud; however, not all of them prefer it, which is why having a local implementation would allow these companies to also use said software as their ally for their security.
Working with this software can be simple, that is, any threat can be visualized with greater precision, but when it comes to managing its orchestration, it is a bit complex.
Its integration with other software can be simple but with others it is not, that is why it would be ideal if all of them could be carried out in the same way.
Integrating with a larger number of third party software would be of great help, to further enhance the analysis and detection of threats.
It's really easy to use and powerful. But at a few times, the UI may feel sluggish, which is a bit expected, since it's displaying live stream of heavy data.
It is very very good. They are responsive and very helpful. They also take the time to walk you through the issues you are having. But honestly, it is so straightforward that you rarely need to get support from their team. They are very helpful when you do need their support though.
A lot of the look and feel of both products is quite similar. There's several best practices on visualization that are followed in both and integration of common telemetry is comfortable and quick. But while Microsoft ATP offers deep insights into mostly the Microsoft environment and a limited view into other common sources, SecureX shines in all the non-client areas Microsoft's product seems lackluster in.
LogDNA was already setup when I started and it is offered through Heroku so that's why it was chosen. It's also cheaper I believe. Compared to Logentries, it does the same thing.
