Try our new research platform with insights from 80,000+ expert users

Cybereason Endpoint Detection & Response vs Symantec Endpoint Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cybereason Endpoint Detecti...
Ranking in Endpoint Protection Platform (EPP)
35th
Average Rating
8.0
Reviews Sentiment
7.9
Number of Reviews
21
Ranking in other categories
Endpoint Detection and Response (EDR) (26th)
Symantec Endpoint Security
Ranking in Endpoint Protection Platform (EPP)
12th
Average Rating
7.6
Reviews Sentiment
7.5
Number of Reviews
142
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of March 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cybereason Endpoint Detection & Response is 0.9%, down from 1.1% compared to the previous year. The mindshare of Symantec Endpoint Security is 4.0%, down from 4.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Chad Kliewer - PeerSpot reviewer
We can make more informed decisions on whether an action is malicious
The ease of use and dashboards are improving. We came in at a time when they were developing a new dashboard screen. Therefore, we have had some confusing times between the old and new dashboards. Knowing how the new one works, I have seen vast improvements with it. While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper. They are improving on this because I have seen some improvements in the user interface that helps with this. Part of it was moving two different screens into one, merging the two together. It is very good, but it is very technically detailed and would be harder for an entry-level person to decipher. However, improvements are being made. It leverages indicators of behavior to help us remediate faster against attacks. Sometimes, I wish there was more detail on why they consider it malicious.
Hakeem_Abdulkareem - PeerSpot reviewer
The solution has given us visibility into compliance within our whole system and helped us ensure everything is updated
Symantec's application security module needs some improvement. You need to create a lot of fingerprints for application security. For instance, let's say I have different brands of ATMs in my environment, like Wincor and NCR. I use GRG to deploy an application control to whitelist some applications. I have to get the exact image of the different models of ATMs. When I tested in the past, some machines would not connect to the server without that. Only the approved software on the ATM should run. Anything outside that should not even come up at all. We did this so that an outside person doesn't introduce malicious software to the ATM. That's the essence of locking down with application control. Using Symantec for application control has been hectic, so I use Carbon Black to do the lockdown. Checking that data security will work fine with Carbon Black. Carbon Black worked fine. Setting up approval in Carbon Black works differently than Symantec. In Symantec, we first need the fingerprints of the applications running underneath. Before setting up Carbon Black, you first install the agent, allowing it to learn the environment. It will analyze all the software's behavior and provide recommendations for what should be allowed. It's more straightforward, whereas configuring application control in Symantec is a bit cumbersome.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The initial setup was straightforward."
"The dashboard is very good and you can consider it as an interactive UI."
"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"The initial setup process is straightforward."
"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."
"The initial setup was easy and straightforward."
"The interface is user-friendly."
"Scalability."
"The solution offers very good security features and is comparable to Sophos."
"We never expect downtime. There is also great ease of use for my admins."
"It seems to be user-friendly. Our users seem to like it for the most part."
"Symantec End-user Endpoint Security is a very powerful solution."
"It is a scalable product and is average stability-wise."
"I find it is the most reliable solution on the market."
"The application and device control are valuable features, and the live update is another one. We have a schedule to check every four hours for the live update."
 

Cons

"I feel it is a shame that I cannot create groups of groups with inheritance."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"The product's reporting isn't great."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"The network coverage becomes an issue most of the time."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
"I would like to see improvements on the operational side, specifically in grouping."
"The enterprise edition does not report attacks on external devices."
","
"My personal opinion is that Symantec has too many WS.Reputation.1 detections, which could cause important computers to malfunction."
"Maybe Symantec Endpoint Security could amend their pricing structure, but they always offer a good product."
"I think the CPU dependence should be enhanced."
"Any external device which is inserted into a computer should be subject to an auto-scan policy, to automatically scan it before accepting the device... They need to make it more user-friendly, so that when anyone puts in a USB stick it will be scanned, popping up any problems before it is used."
"It needs to die. In my opinion, Symantec was a really great security company, 10, 15 years ago. They went out, they bought all the great tools and then they never did anything with them. So they've just fallen behind and there's nothing that's going to work now to bring them back up the date that's going to regain user confidence."
"It's not cheap."
 

Pricing and Cost Advice

"I do not have experience with the licensing of the product."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."
"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"This product is somewhat expensive and should be cheaper."
"In terms of pricing, it's a good solution."
"In terms of cost, this is a good choice for our needs."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
"There are subscription costs, we typically purchase the annual subscription. There can be other expenses too, for example, we use CrowdStrike also as part of our policy."
"We pay on a yearly basis..."
"We receive a discounted price for this solution because we are a non-profit organization."
"Compared to other products and brands here in Mexico, the price is okay, somewhere in the middle. Our solution is unique in that it can adapt to a variety of pricing and licensing constraints considering we have the corporate, government, and academic mandates. The"
"When comparing this solution to others in the current market it is expensive."
"The pricing was one of the factors that led us to choose this product."
"It's not cheap."
"What we have paid for this product is good value for the work and the services that they are providing to us."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
842,388 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
11%
Manufacturing Company
8%
Government
6%
Computer Software Company
15%
Financial Services Firm
12%
Manufacturing Company
10%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?
Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...
What is your primary use case for Cybereason Endpoint Detection & Response?
We use it to improve detection in the whole industrial sector. We are a big energy company. Across multiple endpoints, we deploy the EDR to secure all, improve detection, and also attempt to automa...
Which is better - Cortex XDR or Symantec End-User Endpoint Security?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was ...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
What do you like most about Symantec End-User Endpoint Security?
Symantec have everything – documentation, videos, data sheets.
 

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond
Symantec EPP, Symantec Endpoint Protection (SEP)
 

Overview

 

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Audio Visual Dynamics, Red Deer Advocate, Asia Pacific Telecom Co. Ltd., Kibbutz Ein Gedi, and AMETEK, Inc.
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. Symantec Endpoint Security and other solutions. Updated: March 2025.
842,388 professionals have used our research since 2012.