Carbon Black App Control is an application control product, used to lock down servers and critical systems, prevent unwanted changes and ensure continuous compliance with regulatory mandates.
N/A
Rencore Code (SPCAF)
Score 8.8 out of 10
Enterprise companies (1,001+ employees)
Many organizations that use Office 365 are exposed to security risks that they are unaware of. As they extend SharePoint to meet their business needs, they build applications using technologies that range from end-user Microsoft Flow to developer-focused SharePoint Framework. Unfortunately, all of these custom applications are capable of circumventing the security measures organizations have in place exposing the organization and its data to security…
It is more suited to lock down critical systems and servers to prevent unwanted changes, although you can use it on daily basis on laptops and desktops, it needs constant attention and events analysis. For some scenarios i.e. financial institutions it is a must-have solution, as App Control now is a requirement 5 of PCI DSS.
For Microsoft shops that are doing custom development on the Microsoft cloud platform in Office 365 and Azure, the Rencore toolset is an absolute must, especially if you are involved in converting farm solutions to cloud, or just moving into cloud development for the first time.
Device Control - you can view and allow/disallow the ability for certain devices to be used in your environment. Specifically we used this with USB drives. If you have one you want to use - whitelist the serial number. The rest can't be used. Simple and easy.
Software blocking. If you have an extremely dynamic software base (I doubt this is likely) this could get a bit annoying, but for most organizations like ours where we have specific applications that are required, and then the rest are a bit of an afterthought, it's easy to whitelist the correct applications that you want to be able to run in your environment. The rest can't run (in high enforcement). Users are able to easily request new applications, and you can set certain groups to be able to approve it on their own.
Solid platform - with few exceptions setting up new software was very easy (Dragon Medical was a bit tricky, but worked through it with support). Once you have your rules set up and the initial setup done, you tend not to have to do much of anything except to update on occasion and deal with a few requests for applications to be unblocked, or publishes approved.
Support - It is very quick relative to other vendors in this space and also very thorough.
Product Features - It appears to be the only product in the market that has ALL the pieces for a baseline SPFx project versus no tools or manual activities.
Rencore's product line is of course still a bit of a niche: SharePoint code quality is not something every organization on the planet is concerned with - although Rencore does much more than that.
We feel Rencore's marketing efforts are mainly targeted at technologists. There's a lot of other potential, especially for their platform governance product.
The big difference between Protect and Barkly/AMP is how exactly it goes about what it's doing. Protect is application whitelisting and program reputation. So the way it's protecting you is using a proprietary reputation service, and hash values to identify applications, and then hitting a list of whitelisted programs to decide if you are able to run that or not, based on the policy you are in. There is a LOT of value in that. We actually are working on transitioning to Cisco Advanced Malware Protection (AMP). The main reason is cost (about the same cost as Cb Protect, but with (most of) the featureset of all 3 Carbon Black products for less than 1/3 of the total spend. AMP works differently, looking at a reputation service powered by Cisco's Talos cloud. You don't really have application whitelisting, but that also reduces how many "requests" you get for applications. So I'll have to find a different way to do whitelisting and USB blocking and the like, but I'm getting more visibility across my network and also built in antivirus (TETRA engine - ClamAV with some work). Barkly is an add that we are looking to put in as it looks at behavior of programs. So specifically it watches for privilege elevation and the like. Thus far all the big name problem children (WannaCry, other ransomware problems) have been caught natively in Barkly day 0.
I don't know of any products that compete in the space and if there were any, they would not stand a chance against Rencore. Behind any good product is a team of highly skilled individuals, who all have the same goal, who are passionate what they do and lastly, are in it for the betterment of where they started; As Developers themselves. You can't buy that
Valuable insights into large existing SharePoint customizations that would otherwise would have taken weeks to analyze and assess on quality.
Without Rencore's tooling, it would be impossible to track changes to client-side code. For example, we can tell exactly who changed which JavaScript in which webpart in the environment.
Transformation tools helped developers migrate their existing code bases to the cloud, while already providing an automatically translated code base to start from.
