Innovative Solution that exceeds our expectations
December 23, 2021

Innovative Solution that exceeds our expectations

IHSAN CAKMAKLI | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Modules Used

  • Threat Library
  • Mitigation Library
  • Threat Emulation
  • Detection Analytics

Overall Satisfaction with Picus Security

Picus is being used a security validation and breach attack simulation/detection system in our enterprise network. Picus
is the main scoring system in out enterprise networks. It’s being used not after the products implementation even we use picus before acquiring of any security software solution. Any software or hardware solution which does not pass the scoring automatically eliminated. Scoring is based on zones and products/services where the picus vectors are implemented. Integration with the sim/siem enhances the analytics and detection/prevention. Specific rules are
implemented through the siem and picus outputs. Picus is one of the key elements in cyber resilience. Regulations and compliance enforces KPI in cyber-security, Picus scores are direct input for these KPIs. Therefore our companies have passed the audits throughout the usage of picus without any problem. New threats and attacks are mapped within the Picus database and attack vectors, we can simulate this attacks securely without exposing any potential risk to our
  • It has thousands of signatures and up-to-date attack vectors (It's the largest set in the market)
  • Attack vectors are mapped with existing vendors like Checkpoint and Mcafee, where you don't spend time finding out which cve mapped to which protection
  • Ability to focus/highlght solely new threats, it's superb for 0days and up-to-date protections. As there are always timing issue between updates and apply the updates on the products.
  • Blocked vs not blocked ratios on the dashboard with drill down menu specifiying the set of protections or signatures on the defensive measures
  • Already mapped mitre att&ck framework on the dasboard. SOC and analyst team using the Mitre framework.
  • Detection analytics enhance the analytics capabilities with pinpoint accuracy where to focus and how to prevent
  • Timeline and scheduled reports from the dashboard in flexible format
  • Visualization of network and the products
  • Complex/Scenario based attacks
  • Phishing tests
  • DNS and Data exfiltration attacks
  • Automatic action through the apis for the products on the path
  • Strategical and tactical reports for Cisos
  • Automatic SOAR entegration with already builtin playbooks
  • Security validation and scoring
  • Number of attacks and CVEs supported on the product
  • Attack simulation
  • Detection analytics with integration Siem products
  • With Picus we have the tangible KPIs for the security
  • Detetcion and Prevention rates for the latest attacks are significantly increased
  • We work with many security vendors. We use picus scores and share specific outputs with the company in case of decreasing score rates where the development and product team analyzes their updates or product engines to increase the rates.
  • It helps our strategic plans where to focus and invest for the following years and planning/prioritizing the security budgets to specific highlighted areas
We use other vendors Verodin, AttackIQ, SafeBreach, Cymulate etc. All of them have their advantages and disadvantages. Please take a look at TrustRadius reviews of each product. I don’t want to go head to head for each product in this
review. I select Picus because it's local startup company in our region. I like their support and engineering team. Support is marvelous. Product is giving what we expected from the product. Price is adequate. Reporting and dashboard is superb.

Do you think Picus Security delivers good value for the price?


Are you happy with Picus Security's feature set?


Did Picus Security live up to sales and marketing promises?


Did implementation of Picus Security go as expected?


Would you buy Picus Security again?


If you want to analyze the full path focusing on the signatures it’s the best product in the market. If you want to test phishing, data exfiltration/DLP, DNS I don’t recommend Picus. Scenario based attacks also lacking. However Picus support is awesome and I like the development team. When we open a case, they’ll always return with the right answer