Cybereason Endpoint Detection & Response Reviews

The use cases vary. A lot of it depends on customer requirements and the customer environment. It’s tricky to pin down universal use cases.

We like that it is a hybrid. It’s flexible. You can really do whatever you need to do.

The initial setup is not overly complicated.

The solution can scale.

It is stable and reliable.

They need to improve their technical support services.

I’ve been using the solution for about one year.

The solution has been very stable. There are no bugs or glitches, and it doesn’t crash or freeze. It’s reliable. The performance has been good overall.

It is possible to scale the solution. If your company needs to expand, it can do so. It’s not an issue.

Technical support could be better. We’d like to see them be more helpful and responsive in the future.

It’s easier to set up that Cybereason Connect. It’s pretty straightforward. It didn’t take too long to deploy.

I don’t have any insights into the pricing of the product. I don’t handle the licensing aspect of the solution.

I would recommend the solution to other users and organizations. For the most part, we have been pleased with its capabilities.

In general, I would rate the solution eight out of ten.

Our company, as a distributor of the solution, looks into a few criteria that highlight the value of the solution. An important example is the deep hunting threat mechanisms that Cybereason has to offer.

One of the distinctions between Cybereason and many other vendors is that you are able to search easily through various parameters, such as machine ID, user ID, and malicious files.

Cybereason "communicates" with other endpoints to gather anonymous activities that run within the organization that normal AV fails to detect. It accumulates and compacts this into a single event case, where it is easy for the SOC team to do an investigation. This drastically reduces the time required to find the root cause of the event. This is one of the features that most of the other vendors lack, but allows the SOC team to receive an alert with the relevant details of the incident within a short period of time.

The sensors run within the endpoints, where it is lightweight and runs seamlessly in the background. It does not disrupt the work or activities of the end users, yet is able to detect almost any malicious activity running on the spot.

Adding to that, features like the canary files work like bait to any lateral movement case, where the threat actor is lured to "touch" those files. This, in turn, triggers the Malop engine, and immediately sends the alert to the SOC team to take action.

The technical support will need to be improved.

I have the utmost respect for the stability of this solution, as it will be ninety-nine percent solid in keeping the endpoints protected from advanced cyber attacks.

Since using the solution, post-installation I have not come to a point where I needed to contact their customer service or technical support. I have had no issues with the solution.

We have used normal branded AV, which does not seem to be effective nowadays. Adding products to make up for what is lacking can be costly and it will also affect the performance of the endpoint, adding more resources and also time to do an investigation manually. Ultimately, this will affect productivity.

As Cybereason, it is built as NGAV plus EDR, meaning that it is a multi-functional solution that addresses the effectiveness of countermeasures for any cyber attacks. It is an ever-evolving process.

The initial setup is pretty much straightforward. Simply follow the onboarding process as instructed by the vendor. The vendor is available to guide and assist with the onboarding process, and training for using the solution is also provided.

As a distributor of the product, I have seen both vendor and in-house implementations. In the case of in-house deployments, there are clear instructions from the vendor. If issues should arise then they respond quickly to address the issue.

Pricing is based on endpoints to be covered together with licensing. Be sure to make a request for flexibility in pricing.

We have evaluated Seqrite Endpoint Security, F-Secure Endpoint Detection and Response, Kaspersky Endpoint Security, Avast Endpoint, and Avira Endpoint Security.

I highly recommend this solution for any organization that is solely depending on normal AV. Cyber attacks are rising exponentially, where tools are more advanced in penetrating the wall of security within the organization. A single hole could lead to devastating effects on the business.

The latest updates are quite user-friendly. This makes it easy to conduct an investigation, which leads to a reduction in time for determining the root cause of the event.

We use the product for enhancing security postures by leveraging behavioral analytics and security engines effectively minimizing false positives and detecting threats.

The product's most valuable features are its effectiveness in threat detection and the small number of false positives it generates. Its nine security engines and contextual descriptions of detected threats are beneficial for our clients' security teams.

There is room for improvement in the product features related to device control, particularly USB management.

I have been using Cybereason Endpoint Detection & Response for about one and a half years.

The product has excellent stability. 

The solution scales well, as evidenced by our implementations for large organizations with thousands of users and servers.

The technical support services are good. 

We have experience working with FireEye and Trellix EDR solutions, as well as Palo Alto. After analyzing functionality and effectiveness, we found Cybereason to be superior.

The initial setup was straightforward. Although we encountered a few issues initially, they were quickly resolved, leading to a smooth overall implementation process.

We implemented the solution as a partner of Cybereason, and our in-house team handled the deployment.

We evaluated other options, including Symantec, CrowdStrike, and SentinelOne.

I rate Cybereason Endpoint Detection & Response a nine out of ten. 

Malop analysis and the detection part are the most valuable features.

Technical support needs to improve.

I have used this solution for around six months.

The technical support team is overall good and co-operative.

The setup is straightforward, provided you have the required infrastructure support as prerequisites.

It’s a good product, so you can go for it.

Please go for it as this is an efficient product in the cyber security space.

The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running.

One area for improvement is that this solution isn't so easy for the end-user, especially at level 1. Sometimes the information from the product can be confusing for users at both levels 1 and 2. In addition, the product's reporting isn't great, which should be improved.

I have been using this solution for about seven months.

Technical support varies on a case-by-case basis, but sometimes it takes a lot of time for them to come back to us with a solution. I would like to see better support in the future.

I previously used Trend Micro's antivirus solution.

The initial setup was easy.

I used an in-house EDR team to implement this product.

I would advise trying to cut down on false positives as these can create a lot of issues between teams. I would rate this product as 7.5 out of 10.