Catch Your Inside Threats!
Updated March 01, 2019
Catch Your Inside Threats!
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with ObserveIT
We were using ObserveIT across IT and in IT-related departments. It was purchased to provide more detailed logs to be used in SIEM and provide evidence by taking screen captures of users' activities when a problem occurs.
- Takes screen captures of user's activities to understand suspicious activities better.
- User friendly management interface makes it better.
- Ease of upgrading all of the related servers and its agent.
- You need to make a better optimization work on its database servers. It may cause problems working itself properly.
- After upgrading its agents, it may give some false positive alerts like "Agent not reporting" while it reporting.
- Archiving technology must be improved. When you restart that appliance, it needs more tuning on it to make it right.
- As I previously mentioned about this, we were able to give more detailed evidence to the Internal/External Audit team. Audit teams were understanding all of the logs better.
- A new feature with the newer version of it, like UEBA, we can find the riskier users by looking user's suspicious activities. This feature gave ObserveIT more credit on our bank.
- Actually, there were no negative impacts on our objectives.
- Forcepoint Insider Threat
Forcepoint Insider Threat is a new product and also it supports DLP(we were using Forcepoint DLP), that's why we did trial of this. As I said before, it's a new product on this area and its support level were low, on the other hand ObserveIT vendors gave support when we had a problem. That was the key point on our decision.
Using ObserveIT
100 - It makes easier to follow all events even with screenshots.
2 - They need to know how to troubleshoot Microsoft based systems. (MSSQL, Windows 7-8-10 etc.)
They must be patient when there's an issue.
They must be patient when there's an issue.
- Event tracking
- Providing evidences for any of the audit
- Nothing.
- Nothing for now.
ObserveIT Support
Pros | Cons |
---|---|
Quick Resolution Good followup Knowledgeable team Problems get solved Kept well informed No escalation required Immediate help available Support understands my problem Support cares about my success Quick Initial Response | None |
No - Our bank were one of the biggest banks in my country. Also, previously we had an issue with this product, that's why the vendor's support came us as free.
We had major upgrade on its application&management servers to the newer version. It was like 6.3.x to the 7.1.x. The engineer of ObserveIT has contacted with us, and with a tele-conference, we did upgrade. While upgrade, I ask lots of questions that I have, and get exact answers without opening a case or escalating it.