Try our new research platform with insights from 80,000+ expert users

Cybereason Endpoint Detection & Response vs ThreatLocker Zero Trust Endpoint Protection Platform comparison

Cybereason and ThreatLocker are both solutions in the Endpoint Protection Platform (EPP) category. Cybereason is ranked #35 with an average rating of 8.2, while ThreatLocker is ranked #6 with an average rating of 9.1. Cybereason holds a 0.9% mindshare in EPP, compared to ThreatLocker’s 0.7% mindshare. Additionally, 89% of Cybereason users are willing to recommend the solution, compared to 97% of ThreatLocker users who would recommend it.
Cybereason Endpoint Detecti...
Read 21 Cybereason Endpoint Detection & Response reviews
  • 3,671 Views
  • 2,049 Comparison Views
89% willing to recommend
ThreatLocker Zero Trust End...
Read 39 ThreatLocker Zero Trust Endpoint Protection Platform reviews
  • 2,313 Views
  • 1,543 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Mar 23, 2025

Cybereason Endpoint Detection & Response and ThreatLocker Zero Trust Endpoint Protection compete in the endpoint security market. While both offer comprehensive features, Cybereason has an advantage in threat hunting and multi-OS support, making it more appealing for diverse IT environments.

Features: Cybereason offers advanced threat hunting, real-time visibility across endpoints, and multi-OS compatibility. It ensures seamless integration across various operating systems and provides excellent threat investigation tools. ThreatLocker focuses on allowlisting, ring-fencing, and application control. Its zero-trust security model is highly efficient, offering robust protection and ease of management across multiple environments.

Room for Improvement: Cybereason requires better reporting capabilities and a more intuitive dashboard for entry-level users. Improvement in technical support for smaller organizations and sensor deployment is also needed. ThreatLocker could enhance its UI, implement staggered policy updates to manage bandwidth efficiently, and improve training offerings and ticketing system transparency.

Ease of Deployment and Customer Service: Both solutions offer flexible deployment options, including cloud, on-premises, and hybrid environments. However, users have noted occasional support delays. Cybereason’s support is generally praised for its responsiveness and effective issue resolution. In contrast, ThreatLocker provides comprehensive support but needs faster response times and availability outside typical working hours.

Pricing and ROI: Cybereason is seen as valuable but potentially costly, targeting larger businesses with its pricing model based on endpoints. ThreatLocker offers fair and flexible pricing with reasonable setup costs, making it scalable for growing companies. Both solutions provide good ROI by enhancing visibility and reducing threat response times, though ThreatLocker achieves better cost-effective integration.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform Report (Updated: April 2025).
Buyer's Guide
Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform
April 2025
Download the complete report
Helped 847,646 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cybereason Endpoint Detecti...
Ranking in Endpoint Protection Platform (EPP)
35th
Average Rating
8.0
Reviews Sentiment
7.9
Number of Reviews
21
Ranking in other categories
Endpoint Detection and Response (EDR) (25th)
ThreatLocker Zero Trust End...
Ranking in Endpoint Protection Platform (EPP)
6th
Average Rating
9.2
Reviews Sentiment
7.6
Number of Reviews
39
Ranking in other categories
Network Access Control (NAC) (5th), Advanced Threat Protection (ATP) (6th), Application Control (2nd), ZTNA (3rd), Ransomware Protection (3rd)
 

Mindshare comparison

As of April 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cybereason Endpoint Detection & Response is 0.9%, down from 1.2% compared to the previous year. The mindshare of ThreatLocker Zero Trust Endpoint Protection Platform is 0.7%, down from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Chad Kliewer - PeerSpot reviewer
We can make more informed decisions on whether an action is malicious
The ease of use and dashboards are improving. We came in at a time when they were developing a new dashboard screen. Therefore, we have had some confusing times between the old and new dashboards. Knowing how the new one works, I have seen vast improvements with it. While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper. They are improving on this because I have seen some improvements in the user interface that helps with this. Part of it was moving two different screens into one, merging the two together. It is very good, but it is very technically detailed and would be harder for an entry-level person to decipher. However, improvements are being made. It leverages indicators of behavior to help us remediate faster against attacks. Sometimes, I wish there was more detail on why they consider it malicious.
Read full review
Johnathan Bodily - PeerSpot reviewer
Ensures ransomware protection and reduces phishing chaos
The application control has been great so far, and while I am still exploring the network access controls, I unfortunately don't have access to one module I would love to have due to licensing restrictions. It's easy to use in regard to reducing attack surfaces. For me, it's a piece of cake. We can have something approved within 30 seconds, thanks to the mobile app. We haven't eliminated security solutions. We just add to it, and ThreatLocker has been a great addition. We also have Kaseya and ThreatLocker as a supplement to that. It's useful. They have overlap, and we look at the overlap as a good thing. It's helped your organization save on operational costs or expenses by ensuring that many fewer hours are spent dealing with ransomware nonsense. I cannot count the amount of hours that I personally have not had to put in to recovering an environment from a ransomware event. The last big one took us about three weeks to completely recover from. Since we've grouped ThreatLocker in, the management of that whole setup has gone down to just daily help desk tasks and general server maintenance instead of having the whole system on fire. There are probably thousands of hours of saved time between our teams. It's been great so far. ThreatLocker Zero Trust Endpoint Protection Platform's ability to block access to unauthorized applications is great. It's my biggest protection, the blocked applications. In a lot of cases, you go to install something yourself that you need for management, and it comes in and says, nope. And then I have to log into the portal and approve it. I get our other guys saying, hey, why are you trying to approve something? Any of the tools that I'm using on a day-to-day basis that haven't been in the environment during the whole learning mode initially, I could go through and set extensions and all that. So, while it's a headache on that end, the amount of saved time I can't even count. It is a little frustrating on my end since I like to go as quickly as I possibly can, and it slows me down. However, that's a really good thing. Depending on the site, it can save a lot of time and cut down headaches. It's likely saved a week's worth of time. It's cut down the amount of sever help desk tickets. Those have become minimal.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"It gives all the information in a clear response."
"The dashboard is very good and you can consider it as an interactive UI."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"The initial setup process is straightforward."
"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."
"What I find most valuable is the clarity of the platform."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
More Cybereason Endpoint Detection & Response pros
"The biggest improvement has been knowing that something unauthorized isn't going to get installed on anyone’s machines."
"ThreatLocker stands out because they understand application whitelisting and elevation controls deeply, addressing real issues effectively."
"The Zero Trust factor is valuable because it blocks everything. That helps us to stay ahead of bad actors. We do not have to be in recovery mode."
"Ringfencing is a valuable feature."
"We are seeing a return on investment, especially with our managers and customers."
"Using ThreatLocker is effortless because I can access it from an app on my phone, so I can help clients after hours. My client had an issue while I was at dinner, and I didn't have a tech on the problem, but I could deal with it from my phone. I can see what the client is doing and approve or deny it. It helps me deliver better service to my clients when they need it."
"ThreatLocker Protect has improved my organization greatly."
"A few years back, we had an attack on one of our biggest clients."
More ThreatLocker Zero Trust Endpoint Protection Platform pros
 

Cons

"Ad hoc higher-level reporting to senior management can be improved or can be implemented. That's definitely an area of improvement that they need to focus on."
"It initially took some time to deploy."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"I would like to see improvements on the operational side, specifically in grouping."
"I feel it is a shame that I cannot create groups of groups with inheritance."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
More Cybereason Endpoint Detection & Response cons
"I'm not sure if I'm using it wrong; however, I find that I have to babysit it too much."
"I cannot suggest anything that they are not already doing. They should keep adding features as they have been."
"Some reporting areas need improvement."
"ThreatLocker Allowlisting needs to improve its user interface and overall workflow."
"The portal can be a little overwhelming at times from an administration point of view. It displays a lot of information, and it's all useful. However, sometimes there is too much on the screen to sift through, especially if you're trying to diagnose a client's problem with a piece of software. Maybe something has stopped working since they updated it, and we need to see if ThreatLocker is blocking a component of that software."
"It is not easy to use. I am still learning."
"The Cyber Hero certification exam could use a bit of love, but overall, I have been very satisfied with the platform."
"A valuable addition to ThreatLocker would be a column in the audit page displaying a VirusTotal score for each file."
More ThreatLocker Zero Trust Endpoint Protection Platform cons
 

Pricing and Cost Advice

"In terms of pricing, it's a good solution."
"In terms of cost, this is a good choice for our needs."
"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
"I do not have experience with the licensing of the product."
"The pricing is manageable."
"This product is somewhat expensive and should be cheaper."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
More Cybereason Endpoint Detection & Response pricing and cost advice
"The pricing is fair and there is no hard sell."
"The pricing is reasonable and normal. I do not have any problems with the cost."
"I do not deal with pricing, but I assume it is cost-effective for us. We choose a solution based on functionality and affordability."
"The price of ThreatLocker Allowlisting is reasonable in the market, but it is not fantastic."
"The pricing works fine for me. It's very reasonably priced."
"We have not had any real issues with the pricing. As they have added more features, due to the way our contracts are structured with our customers, we have had to hold off on adopting the new features because they do add costs."
"The pricing is pretty fair, considering other solutions. Licensing-wise, it did not take long."
"Its price is fair. They have added some additional things to it beyond allowlisting. They are up-charging for them, but in terms of the value we get and the way it impacts us, we get a bang for our buck with ThreatLocker than a lot of our other security tools."
More ThreatLocker Zero Trust Endpoint Protection Platform pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
847,646 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
11%
Manufacturing Company
8%
Government
7%
Computer Software Company
37%
Retailer
8%
Manufacturing Company
5%
Financial Services Firm
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?
Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...
See all answers
What is your primary use case for Cybereason Endpoint Detection & Response?
We use it to improve detection in the whole industrial sector. We are a big energy company. Across multiple endpoints, we deploy the EDR to secure all, improve detection, and also attempt to automa...
See all answers
What do you like most about Cybereason Endpoint Detection & Response?
The interface is user-friendly.
See all answers
What do you like most about ThreatLocker Allowlisting?
The interface is clean and well-organized, making it simple to navigate and find what we need.
See all answers
What is your experience regarding pricing and costs for ThreatLocker Allowlisting?
We have encountered a few challenges regarding pricing, contract renewals, and additions. As we explored adding features like Cyber Hero, it proved to be an increased expense for our clients. This ...
See all answers
What needs improvement with ThreatLocker Allowlisting?
I find that the learning mode is too accessible. Technicians sometimes default to it instead of manually building policy controls. I would prefer the learning mode to be harder to access, ideally h...
See all answers
 

Comparisons

Darktrace vs Cybereason Endpoint Detection & Response Logo
Darktrace vs Cybereason Endpoint Detection & Response
Compared 28% of the time
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response Logo
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response
Compared 18% of the time
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response Logo
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response
Compared 10% of the time
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response Logo
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response
Compared 9% of the time
Fortinet FortiEDR vs Cybereason Endpoint Detection & Response Logo
Fortinet FortiEDR vs Cybereason Endpoint Detection & Response
Compared 5% of the time
More Cybereason Endpoint Detection & Response Competitors
SentinelOne Singularity Complete vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
SentinelOne Singularity Complete vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 26% of the time
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 19% of the time
CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 19% of the time
Ivanti Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Ivanti Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 6% of the time
VMware Carbon Black Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
VMware Carbon Black Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 6% of the time
More ThreatLocker Zero Trust Endpoint Protection Platform Competitors
 

Product Reports

Buyer's Guide
Cybereason Endpoint Detection & Response
April 2025
Cybereason Endpoint Detection & Response reportDownload Cybereason Endpoint Detection & Response product report
Buyer's Guide
ThreatLocker Zero Trust Endpoint Protection Platform
March 2025
ThreatLocker Zero Trust Endpoint Protection Platform reportDownload ThreatLocker Zero Trust Endpoint Protection Platform product report
 

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond
Protect, Allowlisting, Network Control, Ringfencing
 

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

ThreatLocker Zero Trust Endpoint Protection Platform offers robust endpoint security through application control and allowlisting, safeguarding servers and workstations from unauthorized software execution.

ThreatLocker Zero Trust Endpoint Protection Platform provides extensive application control with features like ring-fencing and selective elevation, ensuring meticulous execution management. Offering learning mode and extensive support, it integrates threat detection and activity monitoring to enhance compliance, reduce costs, and bolster cybersecurity through alerts and approvals. Despite its strengths, there are areas for improvement in training flexibility, policy updates, and interface enhancements, along with challenges in handling non-digitally signed software. Deployed across environments, it works well with existing cybersecurity instruments for real-time threat prevention.

What are the top features of ThreatLocker?
  • Intuitive Interface: User-friendly design simplifies endpoint protection management.
  • Application Blocking: Prevents unauthorized applications from running.
  • Selective Elevation: Grants control over application permissions.
  • Ring-Fencing: Isolates applications to limit interactions.
  • Allowlisting: Ensures only trusted software can execute.
  • Learning Mode: Facilitates configuration by observing user behavior.
  • Real-Time Support: Access to assistance and training resources.
What benefits should reviewers seek?
  • Compliance: Meets regulatory standards.
  • Operational Cost Reduction: Consolidated alerts and approvals.
  • Enhanced Cybersecurity: Prevention of unauthorized applications.
  • Regulatory Alignment: Helps ensure adherence to legal requirements.

ThreatLocker Zero Trust Endpoint Protection Platform is widely implemented to safeguard IT infrastructures against unauthorized access and application use. In sectors where data security is paramount, this platform enables users to prevent unauthorized software installations and control device applications, ensuring real-time threat prevention and compliance with industry regulations.

ThreatLocker
 

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Information Not Available
Buyer's Guide
Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform
April 2025
Free Report: Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform and other solutions. Updated: April 2025.
DOWNLOAD NOW
847,646 professionals have used our research since 2012.
See our Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform report.
See our list of best Endpoint Protection Platform (EPP) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.