Attivo BOTsink-Detect network security threats in real time
October 29, 2022

Attivo BOTsink-Detect network security threats in real time

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Modules Used

  • BOTsink
  • ThreatDirect
  • ThreatOps

Overall Satisfaction with Attivo BOTsink

We use Attivo BOTsink to detect network security events and to identify unusual behavior. Some behaviors which Attivo BOTsink has detected are MITM attacks, directory enumeration, TCP scans, and other network scanning procedures.
  • Identifies devices
  • Provides threat details in real time
  • Provides network topology with potential threat paths
  • Dashboard is difficult to navigate
  • Configuring alerts is time consuming
  • Many false positives
  • Live decoys machines to detect threats
  • ThreatPath
  • ThreatStrike - decoy user accounts
  • Advanced reporting has saved from hiring additional personnel to monitor security threats
  • Real time identification of threats saves response time from actual breach
  • Third-party needed to be leveraged to help configure Attivo BOTsink

Do you think Attivo BOTsink delivers good value for the price?


Are you happy with Attivo BOTsink's feature set?


Did Attivo BOTsink live up to sales and marketing promises?


Did implementation of Attivo BOTsink go as expected?


Would you buy Attivo BOTsink again?


Attivo BOTsink is a great network security tool for organizations that may not have a dedicated security team, but need to have threats reported in real time. It seems well suited for medium to large sized organizations that may have several subnets, VLANs, and remote locations.