Great product to help MSPs scale their security business
From the moment we have started working with Perch, they have been at the top of our list of vendors.
Ease of sales with account managers
Ease of set up and configuration
Continual development of API
No - nothing that can come to mind, they have been very easy to work with
A great product that has helped us immensly in providing cyberdefense to our customers
A really great team, easy to get a hold of and really a big part of helping us stop the bad guys in our customers. We have multiple success stories from this product where a significant crisis was stopped before it became a crisis. Also, it is very reasonably priced. This has made it easier for us to approach even our smaller customer. Lastly, we use the product to help us protect and detect our own network.
The product is comprehensive. It touches the network, the individual hosts and cloud based resources. It all aggregates into a very flexible and feature rich SIEM or SIEM like tool that helps us really figure out what is going on.
When we first engaged with Perch they had not yet completed some key integrations. Those have been completed now. I can't really think of a current limitation that we wish were better. We are very happy with the product.
Perch Review from Managed Service Provider
Support team is with us every step of the way. Very happy with the overall product and the value it delivers.
We like that we have the ability to view security events and escalation across all clients. The deployment is straight forward and this easily integrates with our existing tools.
New features are usually buggy. They get worked out over time. We are struggling with a version that will run in the Microsoft Cloud.
Perch Security - SOC-backed Threat Hunting and SIEM that is not complicated
The people at Perch from the top to the bottom are great. If you run into issues, have questions, or just need some advice, they are there for you. Also, their SOC is based in Houston on USA soil which is important to many when you have someone watching your back from a cyber perspective.
The Perch solution has a very community-esque feel. Users of Perch love it and are not afraid to support one another, share tips, tricks, customizations, etc. This collaboration and feedback is also present within Perch and the improvements that are made to the product it reflect the users' requests and needs.
This is a product where the more one puts into it, the one gets out of it. It is no magic system out of the box per se. This is not really Perch's fault, but to the layperson, one could thing that.
An enterprise vs MSP view.
I have used and sold Splunk before and Splunk is very intuitive to use from the end user perspective. Perch requires more knowledge of query languages to dig some of the information out that I want to see. On the administrative side of things Perch is far easier to implement than Splunk and does not require a dedicated engineering staff to maintain.
Easy of implementation and the setup of the appliances at each location is great. The web portal reduces our overhead and maintenance cost.
Query of information via Perchbana needs to be segmented by client sites.
Have your onboarding process ironed out and fully vetted before starting!
Great benefits with insight into information we would not have had otherwise. Great team and the desire to provide excellent customer service. Not thrilled with the onboarding process and the lack of linear progression through each task to ensure each tenant is fully operational before moving on to the next team. Not for lack of intent on the Perch team, mind you, they are a really terrific group of folks.
Single pane of glass, all the integrations with most commonly used industry applications. The knowledge and experience of the team driving the solution.
The complexity of use, huge learning curve to manage, learn and understand the application.
100% positive. No issues with price, no issues with their service, and the clients we deploy it on appreciate the additional insight to their security.
Honestly the entire SOC team in Houston is the best part of about working with Perch. Any questions are quickly answered, any events found are quickly visible / communicated, and the integrations with our systems were seemless.
I dont know if its a really a con, but the small learning curve would be it. However Perch was helpful through all the onboarding and calls to ensure it was the best it could be.
Easy to consume SIEM
A breath of fresh air
The customizability and freedom in generating reports. It will also accept log data from almost any data source and the support team is awesome in assisting with the ingests and walking through every request, no matter how crazy it might be.
The sensors can be a little tricky to set up.
A true partner for improving cybersecurity
Perch has built a product that enables us to provide detection across our client base. Their SOC makes our lives easier by going through the majority of the information collected, and alerts us when there is something we need to be aware of. They are rapidly adding new features and integrations, allowing us to stay on top of new threats.
Perch integrates with most of our technology stack, allowing us to collect log and event information, and create actionable alerts when anything suspicious happens.
The user interface needs some re-organization since so many new integrations have been added since it was designed.
great product and worth the cost
excellent. we have never had any issues and everyone we have worked with has always been willing to go above and beyond to assist. I really feel like they put their customers needs as priority #1.
customer support/noc interactions are fantastic. everyone is super knowledgeable and always willing to help. it does not matter what it is you need help with. it could be designing a query or dashboard to help finding a specific record.
Also the constant improvement to the platform is great.
honestly at this time I can only think of a single item. and a change request has been submitted for it so I'm sure it will happen in the future. currently you can only connect to a single instance of Salesforce to collect logs. so if you have multiple instances you cannot collect all the logs.
Perch for MSSPs
I have spent 100's of hours navigating, administrating, and configuring both the NDR and SIEM functions of this solution and overall I would say that it is exceptional in the NDR aspects but a little lacking in the SIEM aspects.
The community aspect. All SIEM resources, threat intel, suppression notes, alert comments, can be shared globally or restricted to your desired level. Additionally, this solution seamlessly combines NDR and SIEM into one slick easy to use and navigate solution portal. This makes life as a security professional monitoring and administrating this solution much easier than alternatively having to navigate and correlate information from two separate solutions.
The lack of developer support. This solution has what feels like infinite potential. However, that infinite potential feels squandered due to the lack of developer support and action. Feature requests often go unnoticed. Core functionality bugs are landmines for new users that do not know how to navigate them effectively.
MSP friendly threat detection
MSP friendly threat detection. This space is filled with solutions designed for large enterprises, which is out of reach for a lot of typical MSP customer sizes and budgets.
Perch is able to take a lot of the same technologies used in those enterprise solutions, make them affordable and easy for MSPs to use.
Alerting when things stop working. When things flatline, there's nothing configured out of the box that will notify you.
Best SIEM for us busy administrators
They have been overall amazing. The staff are all super helpful, the software works as intended, and the analysts are responsive. Lots of KB articles already written up make my life easy. The monthly calls are really nice as well since they actually listen to the users.
The ease of general use - everything is just simple to do without any extra steps, crazy setup, etc...
Speed of the platform overall - some days, it drags hard.
Perch SEIM/SOC is invaluable
The team at Perch is very helpful and SUPER easy to work with! Support is a pleasure to work with and will always find a solution quickly.
Setting up the product is quite simple and straight forward. The information provided and the human element of the Perch SOC team make this a one-stop-shop when it comes to SEIM /SOC solutions!
The Connectwise and many other integrations make ticketing simple and clean.
If you are not fluent with Linux, there will be a bit of a learning curve. Filtering data in the Perch console requires an understanding of KQL (Kibana Query Language).
Great SIEM Solution and Company
We have three monthly calls with them, so stay up to date as much as possible. They definitely work hard to make a good product, are very open in terms of roadmap, new features, issues, etc. I honestly wish all of our vendors were like Perch
It works well, has great integration support, easy to deploy and manage, and the company is great to work with and provides awesome support.
Nothing really comes to mind. If I had to say one thing, the web interface can occasionally get slow, but that is generally only on larger queries and has improved.
Review of Perch by security focused MSP
Seem to hire very competent people
Worked very hard on ux
MSP focused company. Good UX. Monitor multiple sources. Per user pricing.
Not clear what the best practices are...
Support via Slack - it works but it is a pain.
Pricing structure always seems to be changing
It has gotten A LOT more expensive over the last 18 months
Worried about support being owned by Connectwise :(
Good sales resources (marketing info)
Secure your house, then your customers!
MSP using Perch for customer networks
Our team has always been impressed with the team from Perch and their knowledge of the product and their willingness to help has always been Top Notch!
From day 1, we always were drawn to the flexibility and functionality of the software solution.
Frankly, for our customers, the price is the biggest hurdle. While this solution does so much, our customers don't always see the value.
Simplified logging and monitoring
Set up is very easy. Perch also continuously releases support for 3rd party API integration so you can centralize logs from several sources. Their network sensors take in data from various feeds (like FS-ISAC) to look out for trending indicators of compromise in your business sector. Web interface is very intuitive and clean.
Couple times I've had to power cycle network sensors because they go offline. They come right back up after that.
We have used Perch to help address our need to have an efficient SEIM backed by a capable SOC.
The Perch team is easy to work with and available at all times. The SEIM and SOC services deliver what you expect and was extremely easy to implement.
As we use more and more Azure services, the current ability to access Azure logs is limited. We expect this to be improved over time, but currently this area is not as feature rich as we would like.
Perch gives you confidence and peace of mind
We needed to implement a solution that can fill the Detect slice of the NIST pie for our clients.
Integrating with current platforms was important to us and so is Perch's active monitoring. It takes a load off of my team and gives me confidence that multiple eyes and alerts are watching our feeds and client feeds.
The effectiveness of the monitoring is only as good as the number of incoming log feeds and the number and configuration of alert templates. We don't know what we don't know, so there is a learning curve to simply decide what is baseline monitoring for an environment and what is optimal monitoring.
Perch is great!
An excellent choice
The integration features are very well done, we're really happy with Perch allowing us to have full access to our data as well as our clients data while still providing a SOC service.
I wish there was a way to reach someone immediately by phone in the event of an emergency, but we have not needed this so far.