Cofense Triage accelerates phishing qualification, investigation, and response by automating standard responses to suspicious emails to make analysts more efficient and driving out actionable intelligence, and providing incident response playbook.
N/A
FireMon
Score 7.9 out of 10
Enterprise companies (1,001+ employees)
FireMon is a real-time security policy management solution built for today’s complex multi-vendor, enterprise environments. Supporting the latest firewall and policy enforcement technologies spanning on-premises networks to the cloud, FireMon delivers visibility and control across the entire IT landscape to automate policy changes, meet compliance standards, to minimize policy-related risk. Since creating their policy management solution in 2004, FireMon states they've helped…
N/A
Pricing
Cofense Triage
FireMon
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cofense Triage
FireMon
Free Trial
Yes
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
Yes
Yes
Entry-level Setup Fee
Optional
Optional
Additional Details
—
—
More Pricing Information
Community Pulse
Cofense Triage
FireMon
Features
Cofense Triage
FireMon
Incident Response Platforms
Comparison of Incident Response Platforms features of Product A and Product B
The tool is very helpful in improving Phishing detection capabilities as it streamlines the process of analyzing user reports a lot. Besides it has a built-in mechanism of rating reporters(end-users) based on their historical performance. Downside - tool requires continuous resource investment to deliver best result. Tool is not helping too much in improving user-education, because automated response process is not immediate and is prone to errors
FireMon is best used in a large environment (for example, I have >100 firewalls in my environment). It's best used when trying to improve security posture and showing changes in firewall security over time. It might not be the best choice for smaller environments or those that aren't concerned about security management.
The shell is locked out and we can't run any general centos commands. The implementation and maintainence of the arch is very complex. Even with the right identifiers on log messages the log collection keeps failing. The warning messages on the device are ambiguous. The log messages on firemon are a bit confusing and don't show the exact issue.
FireMon has been relatively stable overall. However, there have been a handful of times where we had issues with the console. For example, we couldn't update which devices to include in a security assessment. The initial suggestion from support was to just reboot it. It seems like there weren't many other options available such as to restart services before going to the extreme of a complete reboot.
I'm not sure we have the largest implementation of FireMon out there but we do have a few 1000 devices being probed by FireMon. Overall, the system's performance has been rock solid. The console refreshes quickly and reports are generated within an expected timeframe.
FireMon technical support is awesome! They respond quickly to our requests and they are well trained and very knowledgeable about the tool. Some issues have to be referred to the development team, but technical support largely provides solutions for any issues that we may have.
The other product had a lot of fails on the auto-processing and did not integrate well with our current environment. One issue had to do with the way it sends the submissions to its processing engine—our email gateway configuration would have blocked this traffic. I also did not like the user interface.
I has worked with AlgoSec and while they are very similar product, I find the FireMon is easier to understand and get rolling with. While both require some learning, FireMon is by far the easier one. Once you have an understanding of how things are arranged and labeled you can easily import firewalls and begin to work on them to improve them
Firemon Is easily scalable and maintainable with any size team. Although it requires some tech debt, it is well worth the time to invest to ensure compliance is visible and reports are accurate. Although our environment is very large we do not fully utilize the scalability of the Firemon product.
Due to the integration potential, large amounts of time are saved on a daily basis.
Incident response time has dropped due to the increased information available by having access to phishing emails directly.
Staff are able to effectively learn how multiple tools in our environment are used by mastering Triage. This has decreased training time greatly and increased the effectiveness of each associate.
