Try our new research platform with insights from 80,000+ expert users

Cybereason Endpoint Detection & Response vs Sentinel comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Cybereason Endpoint Detecti...
Average Rating
8.0
Number of Reviews
20
Ranking in other categories
Endpoint Protection Platform (EPP) (45th), Endpoint Detection and Response (EDR) (34th)
Sentinel
Average Rating
7.6
Number of Reviews
16
Ranking in other categories
Security Information and Event Management (SIEM) (15th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Cybereason Endpoint Detection & Response is designed for Endpoint Detection and Response (EDR) and holds a mindshare of 1.3%, down 1.5% compared to last year.
Sentinel, on the other hand, focuses on Security Information and Event Management (SIEM), holds 2.8% mindshare, up 0.9% since last year.
Endpoint Detection and Response (EDR)
Security Information and Event Management (SIEM)
 

Featured Reviews

AtulChaurasia - PeerSpot reviewer
Aug 28, 2023
Scalable platform with intuitive features for detecting malicious files
We use Cybereason Endpoint Detection & Response to scan and detect unusual processes and malicious files on the endpoint The product's threat-hunting feature is very intuitive and easy to use as it is GUI-based. We need to know the specific fields we want to scan. It gives the entire report of…
JaideepSingh - PeerSpot reviewer
Jul 26, 2023
An automated solution that helped me detect threats in less than half the time it used to take
Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network. We also got multiple kinds of logs. By running some queries from the logs, we could find and fix the anomalies in the environment. Sentinel's threat visibility was great at telling us if we had something going on in our environment. We had to set up alerts in our environment based on the logs. If we had the right alerts set up, we got notified about threats and where security was lacking, so we could also take care of that. Sentinel's threat intelligence helped us prepare and take proactive steps for potential threats before they hit. Having preparation before a threat has helped our security operations. When I was using it, I used to keep going into my dashboards and looking for any threats on a weekly basis, or maybe two or three times a week. Based on that, we would recommend certain changes to the server and infrastructure teams to block or allow some ports. Sentinel's threat intelligence helped plan security against risks.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The dashboard is very good and you can consider it as an interactive UI."
"The initial setup was easy and straightforward."
"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."
"It gives all the information in a clear response."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."
"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."
"The solution lets us get all the logs properly and regularly monitor customer infrastructure."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
"The native integration with out-of-the box format is hassle free and allows data to be used advantageously."
"We can do advanced hunting queries and modify SQL queries to get desired results based on the rules triggering over the console."
"The stability is phenomenal and we never had any issues with downtime or even had to restart."
"One of the most valuable features is the business intelligence engine. It's very important because it keeps track of everything that's happening and alerts us if something is different than expected. The first time I used it, I was shocked at how well it performed. Another valuable feature that I think makes this product worth the price you pay for it is that it connects to basically every system that provides some form of logging, and it's very easy to set up what triggers this."
"The most valuable feature is the flexible log for identifying security threats inside an application. Sentinel is very good at this."
 

Cons

"It should be more stable, and the sensor needs improvement in terms of connectivity."
"I feel that the product lacks reporting features and needs improvement."
"The reporting feature needs improvement."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"They need to improve their technical support services."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"It initially took some time to deploy."
"There is room for improvement in the product features related to device control, particularly USB management."
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
"I would like to see a better reporting work structure on the dashboard."
"Creating a drag-and-drop dashboard or workbook in Sentinel is a little more complex compared to other tools like LogRhythm and IBM QRadar."
"This product's connection to certain types of cloud systems could be improved. We can do Microsoft, Google, and Amazon, but there are a lot of other things happening in the cloud that we do not connect well enough to. This product could be improved with better connection to cloud-based solutions."
"There are still a few vendor-specific devices for which Sentinel needs to work on integration, such as Netskope devices."
"The solution does not allow outsourced authorizations."
"It is an ancient product."
"I rate Sentinel a six out of ten for scalability."
 

Pricing and Cost Advice

"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."
"In terms of cost, this is a good choice for our needs."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
"In terms of pricing, it's a good solution."
"I do not have experience with the licensing of the product."
"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"The pricing is manageable."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
"We inquired about getting support from the vendor, Micro Focus, but the cost was very high."
"We receive a pricing discount because of our ongoing partnership with Micro Focus."
"The solution’s pricing is aligned with its competitors."
"Sentinel is moderately priced."
"Sentinel is a subscription-based solution."
"Sentinel's slightly on the expensive side."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Financial Services Firm
8%
Manufacturing Company
8%
Government
6%
Computer Software Company
17%
Financial Services Firm
10%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?
Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...
What is your primary use case for Cybereason Endpoint Detection & Response?
We use the product for enhancing security postures by leveraging behavioral analytics and security engines effectively minimizing false positives and detecting threats.
What do you like most about NetIQ Sentinel?
The solution lets us get all the logs properly and regularly monitor customer infrastructure.
What needs improvement with NetIQ Sentinel?
There are still a few vendor-specific devices for which Sentinel needs to work on integration, such as Netskope devices. Also, we often face region-wise outages during operation due to product team...
 

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond
NetIQ Sentinel, Novell SIEM
 

Learn More

Video not available
 

Overview

 

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Faysal Bank, GaVI, Handelsbanken, ISC Mªnster, Lambeth Council, Swisscard, The Municipality of Siena, Tukes, University of Dayton, University of the Sunshine Coast
Find out what your peers are saying about CrowdStrike, Microsoft, SentinelOne and others in Endpoint Detection and Response (EDR). Updated: November 2024.
814,649 professionals have used our research since 2012.