There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through." "We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something." "In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. "In terms of the user experience, if the UX design could be much simpler. It allows for research into a threat, and you can chart your progress on how you're resolving it." Once a threat was detected, being able to do the threat lookups and the live tracking was really useful." "The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices." "The most valuable feature is signature-based malware detection." "It is extensive in terms of providing visibility and insights into threats.
We had Umbrella in place and we were using Anåonnect as well as Firepower. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP." "The integration with other Cisco products seemed to be really effective. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us." "Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure.
I can track everything that happens on our server from my PC or device.
We're able to dig in and really understand how things came to be and where to focus our efforts." "appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. "The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected." "Device Trajectory is one of the most valuable features.