I can simulate an attack into a live environment and test whether my controls are working properly. It checks if the controls can stop and mitigate the attacks.
The Picus Security Validation Platform
Picus SecurityReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
218 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Simulate attacks to test and validate security controls effectively
What is our primary use case?
What is most valuable?
One valuable feature of Picus Security is security control validation. It provides good reports and offers signature-based solutions. I can simulate an attack into a live environment, testing whether my controls are operational and able to stop or mitigate attacks.
What needs improvement?
There is room for improvement in the response rate provided by customer support. Picus Security could improve the response time.
For how long have I used the solution?
I have been working with Picus Security for one year.
What do I think about the stability of the solution?
Picus Security is very stable.
What do I think about the scalability of the solution?
It is a scalable product with no limitations.
How are customer service and support?
Customer support is good, but the response rate can be improved. I would rate it with eight points out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Previously, we worked with Sophos, but there was no traction with it this year.
How was the initial setup?
The initial setup of Picus Security was straightforward and easy. One person was sufficient for the installation.
What about the implementation team?
The vendor provides support, so additional implementation team details are not required.
What was our ROI?
Picus Security has shown a good return on investment, approximately 30% to 40%.
What's my experience with pricing, setup cost, and licensing?
The pricing of Picus Security is average, and it offers a good value for money.
What other advice do I have?
On a scale of one to ten, I would rate the solution ten out of ten. However, the only area that would need improvement is the response time from customer support.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Offers excellent threat intelligence and good value for money
What is our primary use case?
Picus Security is used for BAS, helping companies test their network security layers by simulating attacks from the cloud. It installs an agent behind the firewall to assess security configurations and policies, enabling both blue teaming and red teaming scenarios. Additionally, it provides prevention measures like URL bypass blocking to enhance firewall security.
What is most valuable?
The most valuable feature of Picus Security is its threat intelligence, providing suggestions to block and prevent attacks by identifying malicious files and providing threat IDs. This helps organizations prevent the latest ransomware and modern attacks from exploiting vulnerabilities in their systems.
What needs improvement?
To improve, Picus Security could consider establishing a data center in India to address trust issues and increase interest from Indian customers, potentially boosting revenue.
For how long have I used the solution?
I have been using Picus Security for almost a year.
What do I think about the stability of the solution?
Picus Security is stable without any major bugs or breakdowns. It is considered a next-generation solution, suitable for customers who prioritize security and want to assess their security solutions effectively.
How are customer service and support?
It can be challenging to reach Picus Security's support team due to time differences, as support mainly comes from the US and UK, even though deployment support is provided locally in India. Improving the support team presence could enhance customer satisfaction and impressions.
How was the initial setup?
Installing and deploying Picus Security is relatively straightforward, with a simple process outlined in the documentation. It involves adding process names to run the agent and allowing domain features on the firewall to stimulate attacks, but overall, there are no significant challenges.
What's my experience with pricing, setup cost, and licensing?
Picus Security offers good value for money.
What other advice do I have?
Picus Security's continuous validation feature offers predefined attack templates and over ten thousand simulations. Users can see how well their security solutions prevent attacks on endpoints and receive suggestions for improvement. This helps enhance overall security measures.
Integrating Picus Security with existing security tools and workflows isn't straightforward as it requires manual installation of the agent, rather than seamless integration with other products.
For new users, my advice is to leverage Picus Security for simulation and prevention purposes, as it is considered one of the best options in both European and Asian countries.
Overall, I would rate Picus Security as a nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
A tool with great integration capabilities and a good support team
What is our primary use case?
I have used Picus Security to see what it can do. I use Picus Security for continuous security validation and control effectiveness.
What is most valuable?
The most valuable feature of the solution is its integration capabilities with the other security tools.
What needs improvement?
The amount of integrations that the product can handle is an area of concern, making it one of the aspects where improvements are required.
For how long have I used the solution?
I have been using Picus Security for six months to a year. I sell the product. I work as an SI in my company. My company has a partnership with Picus Security.
What do I think about the stability of the solution?
Stability-wise, I rate the solution a nine out of ten.
With Picus Security, I had no issues with bugs or breaking down.
What do I think about the scalability of the solution?
Scalability-wise, I rate the solution a nine out of ten.
Less than ten people in my company use the product.
How are customer service and support?
I had to contact the technical support team of the product once, but the problem was in our company's environment. The response from the support team was nice.
I rate the technical support a ten out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Previously, I wasn't using some other solution.
How was the initial setup?
The product's initial setup phase was easy.
The solution is deployed on the cloud.
The solution can be deployed in a day.
What other advice do I have?
Picus Security has been implemented in our organization to enhance threat detection by allowing us to test some of the other security tools in our company.
I recommend the product to others who plan to use it.
The tool has not had an impact on our company's overall security posture since the time of implementation since we just used it for some testing purposes, during which it did show some interesting results.
I rate the overall tool a nine out of ten.
Good detection capability, specifically the ability to detect alarms
What is our primary use case?
In general terms, our clients use Picus Security to verify the security controls in their environments.
What is most valuable?
One of the most valuable features would be the detection capability, specifically the ability to detect alarms and logs collected from SIEM tools.
What needs improvement?
The reporting and data analysis could be improved. Specifically, the analysis of the results.
Along with the data analytics, Picus Security should improve its attack path validation feature.
In future releases, I would like to see an adaptive analysis of the company's perimeter. The attack surface analysis feature would be a good point to introduce in the platform.
Moreover, there is room for improvement in terms of scalability. Automating some processes could make it even better.
For how long have I used the solution?
I have been using Picus Security for two years. Currently, I am working with the next-generation platform.
What do I think about the stability of the solution?
Since it's a relatively new platform, we might encounter some bugs that the APIs are addressing. However, overall, it's quite stable.
What do I think about the scalability of the solution?
I would rate the scalability a nine out of ten. The platform allows you to install different agents for various use cases, but currently, some agents still need manual configuration to fully utilize their capabilities. Automating this process could make it even better.
We have clients in both the enterprise and SMB markets. So, we serve all three categories.
How are customer service and support?
The support team is highly available and responsive, always ready to join a call if needed.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is very simple. I would rate my experience with the initial setup a nine out of ten, with one being difficult and ten being easy.
With the next generation platform, the setup was quite straightforward.
What about the implementation team?
The deployment takes only one working day. The process has multiple steps. First, the customer needs to configure some prerequisites in their environment, like opening certain ports to allow communication and exclusions to enable Picus agent to function correctly. Then, the second step is to install the Picus agent, and that's it. After that, we can start the testing.
What's my experience with pricing, setup cost, and licensing?
Pricing can be subjective, as it depends on the value the software provides to each customer. However, the pricing is in line with competitors in the market, so maybe around seven out of ten, where one is cheap, and ten is expensive.
The price is reasonable for this type of solution.
What other advice do I have?
I recommend starting with a few risk factors and gradually expanding the platform's usage. Begin with evaluating risks from different perspectives, like from the firewall to data loss prevention. Starting small allows for better management of data and a smoother experience.
Considering what I know about other platforms in the market, I'd give Picus Security an eight.
Which deployment model are you using for this solution?
On-premises
short experience
What do you like best about the product?
Attack database is very advanced , and you can simulate waf or firewalls or endpoints with picus attack simulator. Also it provide visibility in your security score
What do you dislike about the product?
Integration with Trellix SIEM is not working clearly.
What problems is the product solving and how is that benefiting you?
Picus can provide security score on customers ecosystem. Its also provide efficency of invests on IT systems.
Picus is a nicely established BAS
What do you like best about the product?
Very nice gui
Granularity
Continuous assessment
Prevention signatures
detection rules
Granularity
Continuous assessment
Prevention signatures
detection rules
What do you dislike about the product?
Assessment done on a different machine might differ in response when it comes to internal characteristics of a server or configuration
What problems is the product solving and how is that benefiting you?
Continuous Assessment
Rationalisation of security expenditure
Breach assessment of new attacks
Rationalisation of security expenditure
Breach assessment of new attacks
Picus is the answer
What do you like best about the product?
It answers the question are we vulnerable to these attacks
Ease of integration
Ease of simulating attacks on network email and more
It gives recommendations on how to detect and how to prevent rules and signatures if available
Ease of integration
Ease of simulating attacks on network email and more
It gives recommendations on how to detect and how to prevent rules and signatures if available
What do you dislike about the product?
It doesn't attack the asset itself, instead it attacks a machine in the same subnet, which is good and slightly bad at the same time
More integrations and vendors detection and prevention rules
More integrations and vendors detection and prevention rules
What problems is the product solving and how is that benefiting you?
Leverage siem and firewalls in the best possible way
Higher accuracy for detection
Help prevent providing related signatures
Saved the time trying to simulate manually
Higher accuracy for detection
Help prevent providing related signatures
Saved the time trying to simulate manually
important to maintain strength
What do you like best about the product?
In the security sector, we used to be able to provide a solution by putting a firewall. Now the risk factors have increased a lot, so we have become multi-layered and more than 10 devices are used. It is quite difficult to follow them. Picus routinely scans the devices for me. He makes some very logical conclusions. With these detections, I can do my maintenance on the devices.
What do you dislike about the product?
It may be because it is a new technology, the prices seem a little high to me.
What problems is the product solving and how is that benefiting you?
It detects attacks that may occur if I cannot follow my devices, which are too many.
showing 211 - 218