Secdo

(26)
4.7 out of 5 stars

SECDO’s next generation incident response platform enables security operations teams to automatically validate, investigate and respond to every single alert from any SIEM or security system in minutes, using detailed endpoint activity history and causality analysis.

Work for Secdo?

Learning about Secdo?

We can help you find the solution that fits you best.

Secdo Reviews

Ask Secdo a Question
Write a Review
Filter Reviews
Filter Reviews
  • Ratings
  • Company Size
  • User Role
  • For Category
  • Industry
Ratings
Company Size
User Role
For Category
Industry
Showing 26 Secdo reviews
LinkedIn Connections
Secdo review by Administrator in Computer & Network Security
Administrator in Computer & Network Security
Validated Reviewer
Verified Current User
Review Source

"Excellent threat hunting capabilities "

What do you like best?

that with secdo our security team is really able to be proactive and not just handle alerts in a reactive way. Because we handle alerts faster, we have time to threat hunt – based on leads, IOCs or even behavioral IOCs we created in secdo.

And because they record all endpoint activity and store it for months – we can really hunt. We can find advanced, fileless, and in-memory attacks, and go deep into suspicious activity to identify anomalies that could lead to silent threats.

What do you dislike?

I am waiting for them to add some features we asked for, but other than that - none.

What business problems are you solving with the product? What benefits have you realized?

the biggest problem we had is the lack of time and tools to effectively hunt for threats that our detection/protection systems didn’t catch. So with Secdo our tier1 analysts handle most alert WORK, and the Tier 2/3 can actually have time to hunt. and the hunting is really granular and depth – because they store endpoint activity and let you search everything. We actually found hidden threats in our network already a week after we start using Secdo. It’s a really useful tool for sec teams

Sign in to G2 Crowd to see what your connections have to say about Secdo
Secdo review by Administrator in Consumer Goods
Administrator in Consumer Goods
Validated Reviewer
Verified Current User
Review Source

"EDR with focus on SOC problems, very good "

What do you like best?

Most EDR vendors focus on the detection and prevention part. But our security team focuses on the part of collecting endpoint information, investigating alerts, responding to threats and hunt for new ones. Secdo is one of the only vendors who focuses on solving the real problems that SOC teams are facing. We have enough alerts coming in from all of our detection and prevention systems – the problem we have is dealing with them - and SECDO is very good at that. I really recommend

What do you dislike?

It’s not that I dislike, but Secdo is meant to be used by matured SOC teams. If you are a “one man show” doing security operations – Secdo is probably not for you.

What business problems are you solving with the product? What benefits have you realized?

Reducing risk. We don’t miss any alerts so we don’t miss threats, and this reduces the chances of having a breach (which we all know we can’t 100% avoid) become a data breach. That’s the key benefit for us, so even if an attack has succeeded, we will catch it and respond to it fast enough to make sure it doesn’t have time to actually do any harm in our network.

What Incident Response solution do you use?

Thanks for letting us know!
Secdo review by Chen R.
Chen R.
Validated Reviewer
Review Source

"A better handle on breach damage than anything else we have tried"

What do you like best?

We are in a situation now where we have to justify every expenditure, even for cyber security. We have to quantify, quantify, quantify! Fortunately, there are a lot of published metrics regarding the costs of data breaches, even down to the single data record. Our cyber security products can no longer justify themselves by “providing security”. When we acquire a new product, it has to show us that it brings real, quantifiable value. Secdo’s ability to fully assess damage from any breach gives us a vital metric to report. To me, that’s far more useful than just the incident response part. It gives us the cost and value of the way we do incident response.

What do you dislike?

Nothing at all.

couldnt find anything to dislike

What business problems are you solving with the product? What benefits have you realized?

Secdo gives us a better handle on breach damage than anything else we have tried. To date, we are able to quantify data leaks so some degree. We are on the road toward establishing metrics for our incident response and Secdo is helping us.

Secdo review by Iurii G.
Iurii G.
Validated Reviewer
Review Source

"ELEKS bolsters its security services by partnering with Secdo"

What do you like best?

I’m pleased to introduce the ELEKS new security service portfolio powered by Secdo. Secdo’s preemptive incident response platform allows slashing the incident response time from months to minutes. We are happy to use this solution in-house as well as to recommend it to our customers. This partnership brings a strong security support to our business and allows us to offer improved security services to our clients.

What do you dislike?

Often we need some additional functionality (flexible reporting for instance), more visibility into agents and their hardening from the solution itself. Anyway, Secdo team is amazingly professional and we have it within days or already in the product roadmap.

What business problems are you solving with the product? What benefits have you realized?

- ELEKS quickly and cost-effectively introduced new services – prompt incident response, threat-hunting.

- We are able to perform remote response without impacting business productivity, remote remediation while end-users continue to work.

Secdo review by User in Consumer Goods
User in Consumer Goods
Validated Reviewer
Verified Current User
Review Source

"Great combination of EDR with security automation"

What do you like best?

We're aware of some of the top EDRs - None of them gives an automation layer that would allow insight to investigate incidents and alerts automatically.

That’s a game changer for us – instead of drilling into each alert and trying to match it with the relevant endpoint data – Secdo does that automatically for us (they call the algorithm that does that ‘causality analysis engine’).

What do you dislike?

Orchestration would be a great add on for such a product

Recommendations to others considering the product

Definitely get involved with this product - it's ease of use, ability to drill down and coverage at volume would make your life easier !

What business problems are you solving with the product? What benefits have you realized?

we don't have the capacity to investigates all of our daily alerts.

Secdo allows us to get better coverage, about 30 times the coverage which is unbelievable !

Secdo review by Administrator in Information Technology and Services
Administrator in Information Technology and Services
Validated Reviewer
Review Source

"SecDo Host visibility – for IT and Security"

What do you like best?

Their endpoint visibility capabilities. From what I’ve seen in other EDR tools, they

have 3 advantages:

 Thread level visibility (all others do process level visibility)

 They keep all endpoint data that they collect for a minimum of 30 days (all

the other vendors keep it up to 30 days)

 They collect way more endpoint activity types then other EDRs, so they also

cover uses cases as insider threats, business risk, user activity, policy

violations, System/File attribute violations, etc.)

What do you dislike?

That they don’t also have an EPP solution.

What business problems are you solving with the product? What benefits have you realized?

Before Secdo, both the IT team and the security team were lacking information

about what’s going on our endpoints. We needed it for IT inventory, compliance, and

risk assessment, and for insider threats. So we searched for EDR tools that have the

most granular endpoint visibility. We tested 5 and decided about Secdo. With Secdo

we can query the endpoint population to identify areas of risk and possible

vulnerabilities (we see into USB activity, installed software, autoruns, downloaded

files, running drivers, and even captures of users’ screens)

Secdo review by Industry Analyst / Tech Writer in Information Technology and Services
Industry Analyst / Tech Writer in Information Technology and Services
Validated Reviewer
Review Source

"Best Incident Response platform I've worked with..."

What do you like best?

The excellent incident response capabilities. I’ve never seen anything like it – the ability to investigate and remediate threats in literally minutes.

What do you dislike?

Nothing I can think of – it’s really fantastic.

Recommendations to others considering the product

If you deal with a lot of security alerts and don’t have the manpower to investigate all of them – Secdo is the tool for you. It also has amazing remediation capabilities – all from one place without the need to install additional tools on the endpoint.

What business problems are you solving with the product? What benefits have you realized?

Our customers are large Enterprises that have SOC teams or incident response teams that need to deal with overwhelming amounts of alerts generated from prevention and detection systems they have. They use Secdo to validate and investigate the alerts automatically, and once a real threat has been found – they use Secdo to remediate the alerts surgically. With Secdo they are able to deal with all alerts and reduce time for investigation from days to minutes.

Secdo review by Industry Analyst / Tech Writer in Banking
Industry Analyst / Tech Writer in Banking
Validated Reviewer
Review Source

"Well done product, it's give us eyes where we ware blinds."

What do you like best?

the search is quick, i can't say that we are blinds anymore. the customer service is extraordinary. definitely great value for the product. ha

What do you dislike?

Heart beat is not exists in the product, so we are bare for technical issue.

Recommendations to others considering the product

I think that if you really want to understand Secdo, you have to go to one of their conventions, it's clarify many things about the product, and bring visual view of how it's operate.

I didn't experienced with Carbon Black and know how good the product only by rumors , so I think that there is a head to head fight between those to leaders and in my opinion Secdo are definitely on the right path to become the main leader in Incident Respond market.

What business problems are you solving with the product? What benefits have you realized?

I can hardly say that we has business issues, it really looks like that SecDo make lots of effort to make the customers satisfy.

Secdo review by Administrator in Broadcast Media
Administrator in Broadcast Media
Validated Reviewer
Review Source

"solving a huge IT hassle"

What do you like best?

In the IT department, we like being able to remediate endpoints from our own office. We don’t like to have to walk all over the campus to collect computers, bring them back and wipe them. It’s a pain. Secdo gives us very cool remote remediation tools so that we can pinpoint bad processes and quarantine them. We don’t have to disturb the user to do all this. Less hassle for everybody.

What do you dislike?

Frankly, this Secdo business is new and not all the IT people are on board. There are still some “old-timers” who cannot get off their insistence that all infected endpoints have to be wiped and re-imaged. Over time, we will convince them that our method with Secdo is way more efficient.

What business problems are you solving with the product? What benefits have you realized?

At the end of the day, Secdo cuts remediation time and bother. That’s what will win the budget battle. As we log more remediation time with Secdo, more people are coming to see that we can reduce our budget and remediate much quicker than before.

Secdo review by Vilaas B.
Vilaas B.
Validated Reviewer
Review Source

"Excellent to manage 'false positives' alerts emanating from a SIEM"

What do you like best?

Three things

1. The speed with which the root cause to an alert can be identified

2. The activity of the suspected host

3. Remediation/ freeze from the console.

It seems to provide the ability to compress the investigation / visibility / response capabilities timeframes.

Another highlight is the ability to fight ransomware attacks.

What do you dislike?

Trying to figure that out. currently, seem to like what I am seeing.

Recommendations to others considering the product

A good product/ solution fit if you are considering Behavioral/ threat analytics. The analytics and remediation is pretty intuitive and considering the technology space is not too old, SECDO is doing a good job with cyber security requirements.

What business problems are you solving with the product? What benefits have you realized?

Defense for ransomware attacks

Reduce timeframes and hence manage the huge false positives emanating from the SIEM infrastructure

Secdo review by User in Information Technology and Services
User in Information Technology and Services
Validated Reviewer
Review Source

"Great Visibility!"

What do you like best?

I like the visibility we get with Secdo. We can look for anything across our entire farm

of servers and endpoints and find what’s running where. We can see who uses which

application and how frequently. When someone complains that their endpoint is

slow, we can look into any time period in the past and find out what the

performance of the machine was including the processes. Then, we know what was

going on and why the user is complaining.

What do you dislike?

Nothing

What business problems are you solving with the product? What benefits have you realized?

We get clobbered with performance complaints and we have to react quickly

sometimes. Users have no patience when they can’t get their work done. Being able to

see and quantify the problem and then being able to remediate it sure make us more

efficient and keeps our users a lot happier.

Secdo review by Administrator in Information Technology and Services
Administrator in Information Technology and Services
Validated Reviewer
Review Source

"It’s a game changer"

What do you like best?

A lot of people who are not necessarily involved in hard-core cyber security think that the goal is to automate everything. There are still a lot of incidents that you can’t and you don’t even want automated – you need human ingenuity to understand. I like that, with Secdo, I can get all the information I need to make the best decisions especially on highly complex cases.

What do you dislike?

Nothing really. The product performs better than I expected

What business problems are you solving with the product? What benefits have you realized?

I guess you would say that we are concerned with keeping our data safe. With so many endpoints and as the target of some very serious attacks, we have to respond rapidly. Secdo has made the whole team way smarter when it comes to dealing with the real hard stuff.

Secdo review by Vitalii S.
Vitalii S.
Validated Reviewer
Review Source

"EDR system Secdo for analyst"

What do you like best?

From my side I would like to mentioned that Secdo is very good solution for analyst,because:

- solution automatically generates incident process three for analyst.

- allow to immediately add behavior indicators of compromise of malware.

- upload file samples to the VirusTotal.

- allow immediate incident response.

What do you dislike?

There is not any options in Secdo which I dislike,but I hope that in future company will have automatic IOC integration process .

What business problems are you solving with the product? What benefits have you realized?

Immediate incident response of incident.

Secdo review by Shay K.
Shay K.
Validated Reviewer
Review Source

"Best way to forensics/investigate workstations "

What do you like best?

easy to use, give eyes on incidents and processes which are relevant.

integration with arcsight siem is easy and gives another way of incidents response

What do you dislike?

no linux agent waiting for linux agent it's on working plan

What business problems are you solving with the product? What benefits have you realized?

Reducing false positives and automating how we deal with incidents while not increasing resources, also the thread level endpoint visibility is defiantly useful

Secdo review by Wendy B.
Wendy B.
Validated Reviewer
Review Source

"Reliable software"

What do you like best?

Secdo has a quick response time once problems are identified.

What do you dislike?

There's not much that I don't like about this.

What business problems are you solving with the product? What benefits have you realized?

Website security is of great importance to us. We will get notified of customer information breaches

Secdo review by Shailendra S.
Shailendra S.
Validated Reviewer
Review Source

"SECDO Feedback"

What do you like best?

Its one of the most focused vendor on IR. Where as all other vendors are EDR focusing less on IR, most important thing for any organisation.

What do you dislike?

Less marketing investment. No linux capabilities

What business problems are you solving with the product? What benefits have you realized?

Endpoint Monitoring for investigation and quick analysis.

Secdo review by Internal Consultant in Marketing and Advertising
Internal Consultant in Marketing and Advertising
Validated Reviewer
Review Source

"Incident response automation is not a myth "

What do you like best?

The cyber kill chain tracking, Secdo shows us the attack to a thread level.

Very easy to use even for new analysists

IOC/BIOC rules allow turning incidents into rules to provide future threats

Integrates easily with all our security tools

What do you dislike?

Nothing yet will keep you updated if we have any issues

What business problems are you solving with the product? What benefits have you realized?

Reducing false positives and automating how we deal with incidents while not icreasing resources, also the thread level endpoint visibility is defiantly useful

Secdo review by Bhavik P.
Bhavik P.
Validated Reviewer
Review Source

"Good threat detection and response tool"

What do you like best?

Give complete information of threat from source to destination communication, can be integrated with SIEM and very good graphical representation of threat flow

What do you dislike?

As of now we did not found any thing.....

What business problems are you solving with the product? What benefits have you realized?

End to end Analytic for threat

Secdo review by Felix K.
Felix K.
Validated Reviewer
Review Source

"The Best Incident Response and Forensics platform these days!"

What do you like best?

Simplicity Investigation and getting value from data

What do you dislike?

the product demands very high resources, due to its complexity and capabilities,

What business problems are you solving with the product? What benefits have you realized?

Investigate incidents on workstations, Integration with SIEM

Secdo review by Consultant in Computer Software
Consultant in Computer Software
Validated Reviewer
Review Source

"SECDO to the rescue "

What do you like best?

Blocking Ransomware for real!

Enables investigation on hosts over time without the need of expensive forensics products nor system experts.

What do you dislike?

we needed response tools (isolating host and run commands remotely) but SECDO solution now included them.

Recommendations to others considering the product

Make sure you have strong bi-directional communication with your SIEM (most important for handling alerts and automation of alerts on workstations.

What business problems are you solving with the product? What benefits have you realized?

Ransomware blocking

We now can search for same evidences cross company in minutes.

Secdo review by Guy L.
Guy L.
Validated Reviewer
Review Source

"Hunting & Investigating by SECDO gives the ability to disassemble any attack to its parts"

What do you like best?

visibility

effectiveness

low fingerprint

easy to use

false positive reduction

root cause analysis

What do you dislike?

Endpoint Agent is Required

What business problems are you solving with the product? What benefits have you realized?

Security Products false positives

Endpoint Visibility

Remote Control over endpoints

Historical Investigation

Secdo review by User in Higher Education
User in Higher Education
Validated Reviewer
Review Source

"Sedco"

What do you like best?

Sedco help us to secure our systems according to our environment.enables security operations of slash the incident response

What do you dislike?

There is nothing cons according to me so nothing.

What business problems are you solving with the product? What benefits have you realized?

Help us to reduce our work. These security operations make our work get finished in minutes which save our team time

Secdo review by Administrator in Medical Devices
Administrator in Medical Devices
Validated Reviewer
Review Source

"Quick response "

What do you like best?

It's easy to see what's happening at our endpoints across the board and see who uses what service/application.

What do you dislike?

nothing in particular that I can point to.

What business problems are you solving with the product? What benefits have you realized?

We get to solve problems for users more quickly, so that people are not frustrated for having to stop working when an incident occurs.

Secdo review by User in Computer Networking
User in Computer Networking
Validated Reviewer
Review Source

"Automated Alert Investigation"

What do you like best?

UNMATCHED, ZERO-GAP VISIBILITY OF ALL HOST ACTIVITY

What do you dislike?

FOUND IT HARD TO USE AS ITS NOT SEEMS TO BE USERFRIENDLY

What business problems are you solving with the product? What benefits have you realized?

With sedco we are able to bring the volume of suspicious alerts from 500 to 20 a day.

Secdo review by Administrator in Financial Services
Administrator in Financial Services
Validated Reviewer
Review Source

"Secdo"

What do you like best?

It is easy and intuitive and does the job

What do you dislike?

It is rather expensive and too many options

What business problems are you solving with the product? What benefits have you realized?

Secdo's automated incident response platform hunts threats in real time and delivers an endpoint detection and response solution.

Secdo review by Internal Consultant in Telecommunications
Internal Consultant in Telecommunications
Validated Reviewer
Review Source

"QUality"

What do you like best?

Ease of use and quality . User friendly interface

What do you dislike?

Nothing I can think of at this point of time

What business problems are you solving with the product? What benefits have you realized?

Customer experience

Kate from G2 Crowd

Learning about Secdo?

I can help.
* We monitor all Secdo reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.