Home

Does anyone have an opinion or review on Dome9 vs. Evident.IO for visibility and security in AWS?

I was considering evident, but now am hesitant given the acquisition.  Echoing what a few others have commented, I think the best approach is to wait this out for a while to see what happens.

25988 views
18 comments
3 upvotes
Related Tags
Anonymous Author
I was considering evident, but now am hesitant given the acquisition.  Echoing what a few others have commented, I think the best approach is to wait this out for a while to see what happens.
3 upvotes
Anonymous Author
Demo 9 is more expensive but easier to implement with API based integration. However if the workload requirement is simple, secure devOps then default cloud security monitoring provided by AWS/Azure is good enough. For more stringent PCI or other compliance it is perhaps better to leverage automated compliance solutions like demo 9 or evident. 
2 upvotes
Anonymous Author
Evident.io was acquired by Palo Alto Networks and from what I understand, was "iced" (PA also purchased Redlock). I've met with the Dome9 CEO before and like their approach, so perhaps worth at least an initial discussion.
1 upvotes
Anonymous Author
Only experience with evident.io was pre-acquisition, so I would not rely on it now that Palo Alto owns it. Cannot comment directly on Dome9.
1 upvotes
Anonymous Author
I have no knowledge to add here 
1 upvotes
Anonymous Author
We evaluated both for our cloud infrastructure, in my opinion dome9 provided us better integration and flexibility. Evident is also good with respect to visibility on your aws infrastructure how ever few challenges we witnessed with pci audit and integration.
1 upvotes
Anonymous Author
I poked around with a resident security expert and they only had exposure to Dome9. They really liked the visualization and clarity into the network overview to quickly point out areas which are insecure or need attention. Didn’t seem overly thrilled, but wasn’t negative- sort of indifferent. They did point out that AWS has similar capabilities/features but Dome9 did a better job at presenting them.
1 upvotes
Anonymous Author
see what happens after being bought.
1 upvotes
Anonymous Author
I would say overall Dome9 is a bit better of a solution than Evident.  DOome9 is a little higher price wise, but overall the solution is cleaner with better presentation, though integration into other security products is weaker.  Without knowing what specific things you are looking for visibility wise, it's hard to say which is better, though they are close.  With both being bought, if you can wait, it might be better to come back and see what improvements are made (if any) say 3-6 or 9 months from now as I would expect both to be improved.  Hope this helps.
1 upvotes
Anonymous Author
We evaluated both and preferred Dome9. Unclear what Dome9's future is given PA owns both Dome9 and Redlock. Redlock is a cool product.
1 upvotes
Anonymous Author
Check out Fugue.io as an alternative ask they catch drift in your configs, and if need be, can automate restoration to baseline among other things
1 upvotes
Anonymous Author
Thanks. I forgot about the PA acquisition.
0 upvotes
Anonymous Author
(Would not rely on my feedback, not the product, I should clarify.)
0 upvotes
Anonymous Author
Both software offers good security identification and protection against vulnerabilities in the cloud space, as you can see Palo Alto  bought Evident I.O. and Checkpoint bought Dome9. The major difference is the risk management functionalities in Evident I.O. 
0 upvotes
Anonymous Author
Dome9 is the better of the 2.  It could improve its integration with other security tools and increased AI capabilities.
0 upvotes
Anonymous Author
Have you looked at either Netskope or Skyhigh for the same functionality?  Not to complicate your candidate field... :)
0 upvotes
Anonymous Author
Im very hesitant post acquisition for either of these and have to wait it out before evaluating further. 
0 upvotes
Anonymous Author
Not specific to these applications, but anytime a company is acquired, they are off my short list for at least 1-2 years.  Too often the talent that made the product attractive either leaves or is sidelined.  Once I see the new feature set after 1-2 years post integration, the company can get back on the potential vendor list.
0 upvotes