Try our new research platform with insights from 80,000+ expert users

Cybereason Endpoint Detection & Response vs USM Anywhere comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cybereason Endpoint Detecti...
Ranking in Endpoint Detection and Response (EDR)
25th
Average Rating
8.0
Reviews Sentiment
7.9
Number of Reviews
21
Ranking in other categories
Endpoint Protection Platform (EPP) (35th)
USM Anywhere
Ranking in Endpoint Detection and Response (EDR)
53rd
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
115
Ranking in other categories
Log Management (42nd), Security Information and Event Management (SIEM) (31st), Compliance Management (12th)
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Cybereason Endpoint Detection & Response is 1.0%, down from 1.3% compared to the previous year. The mindshare of USM Anywhere is 0.3%, down from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Chad Kliewer - PeerSpot reviewer
We can make more informed decisions on whether an action is malicious
The ease of use and dashboards are improving. We came in at a time when they were developing a new dashboard screen. Therefore, we have had some confusing times between the old and new dashboards. Knowing how the new one works, I have seen vast improvements with it. While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper. They are improving on this because I have seen some improvements in the user interface that helps with this. Part of it was moving two different screens into one, merging the two together. It is very good, but it is very technically detailed and would be harder for an entry-level person to decipher. However, improvements are being made. It leverages indicators of behavior to help us remediate faster against attacks. Sometimes, I wish there was more detail on why they consider it malicious.
Kris Nawani - PeerSpot reviewer
Offers complete coverage without the need to install additional software
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools The solution offers complete coverage without the need to install additional software, as it is maintained by the vendor. It helps in saving…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"What I find most valuable is the clarity of the platform. It is very straightforward."
"The solution is efficient."
"The initial setup is not overly complicated."
"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."
"The initial setup process is straightforward."
"The dashboard is very good and you can consider it as an interactive UI."
"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."
"The interface is user-friendly."
"It provides a single pane of glass view, coupled with a whole security ecosystem. The ability to manage everything from a central point, including vulnerability assessments, asset management - including the services provided by the various hosts, NIDS, HIDS, etc. - provides a very efficient way of dealing with things."
"Every activity on the firewall is recorded, and notifications are sent with this solution."
"The solution has all the features that we need, however they do not work correctly."
"SIEM log collection is great, and all of the rules that support updates with maintenance."
"Log-monitoring and alerting enable us to know when things happen that we need to know about."
"Asset discovery seems to be good."
"The other big selling feature for us was its integration capabilities with all the other security-based products."
"AlienVault provides a checklist answer when using SIEM."
 

Cons

"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"It initially took some time to deploy."
"Ad hoc higher-level reporting to senior management can be improved or can be implemented. That's definitely an area of improvement that they need to focus on."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"More complimentary training needs to be done for use with this tool. If you get into a bind, then it will cost you."
"In the future, I would like to see all these features of the solution working properly."
"I've been told that AlienVault doesn't have a full version of NES running in there, but I'm not sure if that's accurate or if my engineer made it that way. I'm not sure he was completely honest either because we had NES in the environment before. Those tools could be improved because AlienVault is a SIEM, and it added all these other features."
"The reporting and dashboards have room for improvement."
"The reporting aspect could be improved. While there are a lot of different options available, there are still pieces which are missing."
"they seem to have bugs from time to time that go unfixed for a while and that is frustrating. I'm not saying the product needs to be bug-free, but they need to be responsive to bugs."
"The reporting tools are a bit lacking for building reports to give directly to customers, but support has been helpful in giving our requests for new features to the development team and following up with us."
"For creating new rules, you have to be familiar with regular expressions. I feel there could be something built-in to make sure that process is easier."
 

Pricing and Cost Advice

"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
"I do not have experience with the licensing of the product."
"In terms of pricing, it's a good solution."
"The pricing is manageable."
"This product is somewhat expensive and should be cheaper."
"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."
"In terms of cost, this is a good choice for our needs."
"Do the one month trial and try to work out the kinks during it, as it has free support and service hours."
"Negotiate the best package for your environment."
"It's saved security costs."
"The price of this solution is reasonable, which is one of the reasons why we selected it over other solutions."
"It is a product that is priced in a medium range, making it neither a cheap nor a costly product."
"QRadar, ArcSight and Splunk are some of the most expensive SIEM products out there in the market and not everyone has the budget to buy them. In such cases, AV USM is a very cost effective alternative."
"Its price is much lower than McAfee ESM."
"It's affordable for most customers."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
848,396 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
11%
Manufacturing Company
8%
Government
7%
Computer Software Company
20%
Financial Services Firm
9%
Comms Service Provider
7%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?
Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...
What is your primary use case for Cybereason Endpoint Detection & Response?
We use it to improve detection in the whole industrial sector. We are a big energy company. Across multiple endpoints, we deploy the EDR to secure all, improve detection, and also attempt to automa...
What do you like most about AT&T AlienVault USM?
The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
What needs improvement with AT&T AlienVault USM?
There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.
 

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond
AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
 

Overview

 

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. USM Anywhere and other solutions. Updated: April 2025.
848,396 professionals have used our research since 2012.