| A | B | C | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | Exaforce | Subcategory | Vendor answer | ||||||||||||||||||||||
2 | Demonstrated efficiency improvements | Reduction in MTTR and MTTD. MTTR down from 1-2 hours to 10 minutes for most alerts. MTTD under 1 min. MTTD for 3rd parties depends on 3rd party solution responsiveness. | |||||||||||||||||||||||
3 | Alert escalation rate, True/False positive accuracy and verification method | Escalation rate 4.5%, accuracy verified by clients analysts' verdicts (i.e. agreeing or disagreeing with verdicts) | |||||||||||||||||||||||
4 | Investigation speed, Scalability and performance during peak load | 6-7 minutes per alert, scalability approached by spawning multiple agents | |||||||||||||||||||||||
5 | Context enrichment and artifact analysis | Context gathering using threat intelligence services like VT and reversing labs. Currently no sandboxing supported, reliance on EDR sandboxes for dynamic analysis of suspicious files. Additional context pulled via API calls to clients' datasources | |||||||||||||||||||||||
6 | Detection of novel/unknown threats/AI evastion handling | Novel threats detected by establishing a baseline and searching for anomalies. AI evasion not handled as part of the platform. | |||||||||||||||||||||||
7 | Explainability, Human feedback integration and learning speed | Explainability well presented, human feedback integrated into verdicts presented by the platform, those verficts are then added to a historical record and included in future investiations. | |||||||||||||||||||||||
8 | Time to full operation | Immediate value on day 0, full operational readiness on day 2. | |||||||||||||||||||||||
9 | Integrations (out of the box, headless, custom) | ~50 solid out of the box integrations | |||||||||||||||||||||||
10 | Multi-tenancy, data retention, export, governance, delection control | Multi tenancy and data governance fully supported. | |||||||||||||||||||||||
11 | Additional capabilities beyond detection and response | Threat hunting using natural language, on-prem deployment, log management | |||||||||||||||||||||||
12 | Compliance with security standards | GDPR, HIPAA, ISO 27001, AICPA SOC 2 | |||||||||||||||||||||||
13 | Licensing model, Total cost of ownership and hidden costs | Licensing per volume of investigations. Additional costs apply if log storage exceeds 90 days. | |||||||||||||||||||||||
14 | Roadmap visibility and feature requestability | Roadmap is communicated and features can be requested. | |||||||||||||||||||||||
15 | Support availability and SLAs | Support via Slack / Teams, ticketing. MDR team reachable 24/7 even with no MDR service purchased. | |||||||||||||||||||||||
16 | |||||||||||||||||||||||||
17 |