We performed a comparison between Cybereason XDR and Cynet based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"Microsoft 365 Defender is a good solution and easy to use."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"The solution has an investigation feature, which is useful for building storylines."
"Cybereason XDR's most useful feature is the investigation."
"Its ability to revert back from a previous state is quite notable. This feature is particularly valuable because, for maintaining integrity, it can inspect the socket for any firewall modifications. In practice, it allows us to return to a previous configuration when everything was functioning correctly."
"It's transparent, so it's not something where every user has to press a button to download or do the thing. It is centralized, in fact. Personally, I use Malwarebytes and other tools, which are fine for home use. Cynet is also relatively silent in terms of operation, except when it's required to act."
"It is a very stable solution...It is a very scalable solution...The initial setup of Cynet was easy."
"The most valuable feature of this solution is the network part of it because most of the endpoint products in XDS products we find Cynet has networking user behavior analysis and network analysis, for the whole team."
"We are protecting all our workstations."
"I like that it is possible to use the solution to check more information about the users' devices."
"The feature that I have found most valuable is that the configuration and the usage of the product are not so complicated. For people responsible for using this infrastructure for the first line of workstation monitoring, it's quite easy to use."
"A reliable security system that automatically quarantines anything suspicious."
"Sometimes, configurations take much longer than expected."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The tool gives inconsistent answers and crashes a lot."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"Cybereason's customer support could be better."
"The one thing we sometimes have issues with is its integration with other security applications like antiviruses."
"I would like to see support for mobile protection and some additional reports included."
"I'd like to see more data loss prevention within the product."
"The reporting is a little weak and could be improved. The other downside is that Cynet does not use the local time zone. It's based off of Greenwich Mean Time."
"It is an endpoint agent, but they don't have a probe for checking the network traffic. They could improve from this point of view."
"Most of their times are in Greenwich Mean Time. I would like to see more local time zones."
"There is room for improvement in terms of support. The support should be faster to respond."
"Compliance reports need to improve."
"They have automated response capability, and they're moving more and more into SOAR capability. They have built-in deception technology with host-file users, phantoms, etc. We used to call them honeypots. So, they're on target. They're doing a really good job, and they should continue to improve with SOAR."
Cybereason XDR is ranked 18th in Extended Detection and Response (XDR) with 2 reviews while Cynet is ranked 9th in Extended Detection and Response (XDR) with 35 reviews. Cybereason XDR is rated 8.6, while Cynet is rated 8.8. The top reviewer of Cybereason XDR writes "Provides effective incident response and investigation features". On the other hand, the top reviewer of Cynet writes "Provides memory protection, device control, and vulnerability management". Cybereason XDR is most compared with Cortex XDR by Palo Alto Networks, Wazuh, TEHTRIS XDR and Trend Vision One, whereas Cynet is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, ESET Endpoint Protection Platform, Microsoft Defender for Endpoint and Cortex XDR by Palo Alto Networks. See our Cybereason XDR vs. Cynet report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.