What do you like best about Coro Cybersecurity?
What is great about Coro is the 'Report Phishing' button add-on for email, which is very easy to role out. Since the 'Report Phishing' add-on has been enabled, there has been an increase in users reporting phishing. This has helped us identify email threats much quicker and effeciently. On top of this, when an email is flagged automatically by Coro, or by the user manually, it is easy to remove the email for everyone else in the organization. Coro also makes it very easy to block, or allow emails, either 1 time or add the particular email address to the allow/block list.
It is also great that Coro quarantines files marked as malicious, this way you can respond accordingly and not have to jump the gun each time. The quarantine allows us to trust that the malware is contained, and that we can conduct investigation when we have time without much worry.
The other part of Coro that works well, is detecting PII, PCI and other sensitive information within emails sent, and on device endpoints. This allows us to to see who is sending sensitive information, and storing it. Which thus allows us to respond with policy accoringly.
The last part I like about Coro is the ease of use of creating policies and applying them. Our firm uses the 'Block mass storage devices' and 'Block portable devices' option, which allows us to block USB access and restric phone access to only charging allowed. This helps keep our physical security posture better, as we can scan USB's on dumby machines before entry into our firm devices. Review collected by and hosted on G2.com.
What do you dislike about Coro Cybersecurity?
As mentioned in the title, Coro has great features but the support needs to approve. On top of this, there are some features that are supposed to exist, that either don't or don't work the way there are supposed to.
For instance, for any ticket that comes in, whether it's access policy violation, phishing email, malicious software, infected process, the comment on the ticket is 9.5/10 times very generic and doesn't provide any insight into the issue at hand. While we appreciate the quick process of Coro for detecting suspicious activity, we sometimes need more than just a generic response. You can always reach out, but the support is still minimal. Something that would improve this experience is a quick note on why something was detected. and the recommended steps in solving the issue.
Also, one feature that has not worked for us is the detection of PII and other information within images. Support had mentioned that the images need to be of certain quality for detection, but this has never worked for us (we send many images containing PII) and our images are not low qualitity. This is an instance of a feature that should work, but doesn't work properly and the support again was very minimal.
Aside from a few aspects of Coro that needs a lot improvement, a couple of features would make Coro even better.
1. Being able to scan USB's from the console before allowing access to them.
2. When malicious software is quarantined, there should be a secure way for Coro admins to open the file or have access to transfer the quarantined file to a dumby machine/isolated computer to check the file out as there is often false positives. The quarantine is great, but it does make it hard to double check what was detected. Review collected by and hosted on G2.com.
