Catch Your Inside Threats!
Anonymous | TrustRadius Reviewer
Updated March 01, 2019

Catch Your Inside Threats!

Score 8 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with ObserveIT

We were using ObserveIT across IT and in IT-related departments. It was purchased to provide more detailed logs to be used in SIEM and provide evidence by taking screen captures of users' activities when a problem occurs.
  • Takes screen captures of user's activities to understand suspicious activities better.
  • User friendly management interface makes it better.
  • Ease of upgrading all of the related servers and its agent.
  • You need to make a better optimization work on its database servers. It may cause problems working itself properly.
  • After upgrading its agents, it may give some false positive alerts like "Agent not reporting" while it reporting.
  • Archiving technology must be improved. When you restart that appliance, it needs more tuning on it to make it right.
  • As I previously mentioned about this, we were able to give more detailed evidence to the Internal/External Audit team. Audit teams were understanding all of the logs better.
  • A new feature with the newer version of it, like UEBA, we can find the riskier users by looking user's suspicious activities. This feature gave ObserveIT more credit on our bank.
  • Actually, there were no negative impacts on our objectives.
Forcepoint Insider Threat is a new product and also it supports DLP(we were using Forcepoint DLP), that's why we did trial of this. As I said before, it's a new product on this area and its support level were low, on the other hand ObserveIT vendors gave support when we had a problem. That was the key point on our decision.
  • Especially if you are working in the banking area, IT workers must use ObserveIT to provide more detailed evidence to audits.
  • You don't need to give a firewall permission to a client, you can easily do it by giving permissions to the ObserveIT server. By doing this, you will be able to understand why he/she needs this permission without asking.

Using ObserveIT

100 - It makes easier to follow all events even with screenshots.
2 - They need to know how to troubleshoot Microsoft based systems. (MSSQL, Windows 7-8-10 etc.)
They must be patient when there's an issue.
  • Event tracking
  • Providing evidences for any of the audit
  • Nothing for now.
It depends on the our needs actually. Audit has big space on our environment, so we need to put anything infront of them clearly. ObserveIT makes it perfectly.

ObserveIT Support

Easy to access them, immediate response and huge knowledge make them nearly perfect. Also their supports have great sense of humour :)
Quick Resolution
Good followup
Knowledgeable team
Problems get solved
Kept well informed
No escalation required
Immediate help available
Support understands my problem
Support cares about my success
Quick Initial Response
No - Our bank were one of the biggest banks in my country. Also, previously we had an issue with this product, that's why the vendor's support came us as free.
We had major upgrade on its application&management servers to the newer version. It was like 6.3.x to the 7.1.x. The engineer of ObserveIT has contacted with us, and with a tele-conference, we did upgrade. While upgrade, I ask lots of questions that I have, and get exact answers without opening a case or escalating it.