I rate Cybereason Endpoint Detection & Response a nine out of ten. If you are looking for infrastructure security, I recommend the product. It provides a snapshot of machine activities.
Technical Specialist Manager at a tech services company with 201-500 employees
Real User
Top 20
2023-07-18T09:55:31Z
Jul 18, 2023
For some organizations that are aware of cybersecurity ways that indicate the need to focus on the endpoint area, I recommend they find some solution to help them to protect their employees. Cybereason is a good platform in the area they function. Overall, I rate the solution a nine out of ten.
My company has around five hundred to six hundred users of Cybereason Endpoint Detection & Response. Four technicians handle the solution, in terms of deployment and maintenance. I can recommend the solution to others who may want to start using it, particularly if I have references. My company recommended it to two or three companies that now use Cybereason Endpoint Detection & Response. I would rate Cybereason Endpoint Detection & Response eight out of ten.
At the blocking level, we have used some automated migration and isolation processes. However, we are still very cautious. With everything that we do, we start out in monitor-only mode so it warns us first. We see what our baseline is and track those things down, then we turn on the automatic mitigations. So, we have it in some areas, but not in all areas. We are using just about all the pieces that we currently have of this solution. For the pieces that we are not using, those are some of the new XDR features that came out which have some plugins from a Google SIEM and some of the Azure plugins. We don't have those yet and may look at those in the future. For some of those areas, I have coverage in another product so I am not in a hurry to do that. Overall, I would rate Cybereason as seven out of 10.
Learn what your peers think about Cybereason Endpoint Detection & Response. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Information Security Analyst at a comms service provider with 51-200 employees
Real User
2022-01-15T17:20:00Z
Jan 15, 2022
If you are a very small security team or have no security team, then I would choose Cybereason for the level of expertise from their SOC and security support team. Also, the product is very easy to manage. Overall, the number of false positives that a system administrator has to deal with is lower, which is better, because you don't have to spend time on it. Instead, you can spend time doing other things, like setting up new infrastructure. I haven't really had many experiences with other vendors, but I would rate them as 9 out of 10. It goes back to those first issues that we had at the beginning. However, they have stepped up and really have proved that they are a great product.
Senior Security Engineer at a financial services firm with 1,001-5,000 employees
Real User
2021-09-23T08:17:00Z
Sep 23, 2021
My advice would be to make sure that your company's goals align. If you're a detect-focused organization you'll probably be very happy with it. If you're a prevent-based organization, I don't think it's going to fill that niche. If you have a smaller team, look at what it takes to manage the policies, because depending on your workflows, how you need to patch, or how you need to group things, it may not work for your workflows. I would rate Cybereason a six out of ten.
This is a product that I recommend for endpoint protection in general, and for the server. However, if they need mailbox security then I would recommend another product. I would rate this solution a seven out of ten.
Senior Project Manager at a transportation company with 10,001+ employees
Real User
2020-08-23T08:17:00Z
Aug 23, 2020
We're just customers. We don't have a business relationship with the client. I'm not a security expert. That said, I'm closely in touch with the company for training, etc. and I keep an eye on how it works for our company. The thing is with an EDR solution, it's kind of a new world for me. I've read up on Cybereason a lot, as well as other options. I was trying to understand the differences between the products. My understanding is that they are kind of a new generation of EDR, which are represented by Cybereason and by CrowdStrike. They are doing active monitoring which differentiates them from other solutions if I understood properly. They are monitoring our environment effectively. We are monitoring it by ourselves as well, however, their SOC team is monitoring and pre-alerting us all the time, every day. From a user experience perspective, I'd rate the solution nine out of ten.
Global IT Project Manager at a manufacturing company with 10,001+ employees
Real User
2019-12-23T07:05:00Z
Dec 23, 2019
We are evaluating the possibility of enabling Microsoft Defender ATP, which will cover most or all of the suites and the features that we have on Cybereason as well. My advice is to evaluate carefully Microsoft Defender ATP and see if they are running fully with Microsoft. If they are evaluating anything at the endpoint level and they plan to use Mac, Windows, and Linux, they should pay attention to Microsoft solutions. Microsoft is becoming a leader in this area. The cost of Microsoft is quite high, it is something that has to be discussed with Microsoft on a case by case. I would rate this solution a seven out of ten.
Technical Consultant at Revel Tech Security Sdn Bhd
Real User
2019-06-19T02:42:00Z
Jun 19, 2019
I highly recommend this solution for any organization that is solely depending on normal AV. Cyber attacks are rising exponentially, where tools are more advanced in penetrating the wall of security within the organization. A single hole could lead to devastating effects on the business. The latest updates are quite user-friendly. This makes it easy to conduct an investigation, which leads to a reduction in time for determining the root cause of the event.
Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.
I rate Cybereason Endpoint Detection & Response a nine out of ten.
Ensure you have a good support contract. Overall, I would rate it is out of ten.
I rate Cybereason Endpoint Detection & Response a nine out of ten. If you are looking for infrastructure security, I recommend the product. It provides a snapshot of machine activities.
For some organizations that are aware of cybersecurity ways that indicate the need to focus on the endpoint area, I recommend they find some solution to help them to protect their employees. Cybereason is a good platform in the area they function. Overall, I rate the solution a nine out of ten.
My company has around five hundred to six hundred users of Cybereason Endpoint Detection & Response. Four technicians handle the solution, in terms of deployment and maintenance. I can recommend the solution to others who may want to start using it, particularly if I have references. My company recommended it to two or three companies that now use Cybereason Endpoint Detection & Response. I would rate Cybereason Endpoint Detection & Response eight out of ten.
At the blocking level, we have used some automated migration and isolation processes. However, we are still very cautious. With everything that we do, we start out in monitor-only mode so it warns us first. We see what our baseline is and track those things down, then we turn on the automatic mitigations. So, we have it in some areas, but not in all areas. We are using just about all the pieces that we currently have of this solution. For the pieces that we are not using, those are some of the new XDR features that came out which have some plugins from a Google SIEM and some of the Azure plugins. We don't have those yet and may look at those in the future. For some of those areas, I have coverage in another product so I am not in a hurry to do that. Overall, I would rate Cybereason as seven out of 10.
If you are a very small security team or have no security team, then I would choose Cybereason for the level of expertise from their SOC and security support team. Also, the product is very easy to manage. Overall, the number of false positives that a system administrator has to deal with is lower, which is better, because you don't have to spend time on it. Instead, you can spend time doing other things, like setting up new infrastructure. I haven't really had many experiences with other vendors, but I would rate them as 9 out of 10. It goes back to those first issues that we had at the beginning. However, they have stepped up and really have proved that they are a great product.
I rate Cybereason EDR 10 out of 10. I recommend it because it's much better than anything else out there.
I would advise trying to cut down on false positives as these can create a lot of issues between teams. I would rate this product as 7.5 out of 10.
My advice would be to make sure that your company's goals align. If you're a detect-focused organization you'll probably be very happy with it. If you're a prevent-based organization, I don't think it's going to fill that niche. If you have a smaller team, look at what it takes to manage the policies, because depending on your workflows, how you need to patch, or how you need to group things, it may not work for your workflows. I would rate Cybereason a six out of ten.
This is a product that I recommend for endpoint protection in general, and for the server. However, if they need mailbox security then I would recommend another product. I would rate this solution a seven out of ten.
We're just customers. We don't have a business relationship with the client. I'm not a security expert. That said, I'm closely in touch with the company for training, etc. and I keep an eye on how it works for our company. The thing is with an EDR solution, it's kind of a new world for me. I've read up on Cybereason a lot, as well as other options. I was trying to understand the differences between the products. My understanding is that they are kind of a new generation of EDR, which are represented by Cybereason and by CrowdStrike. They are doing active monitoring which differentiates them from other solutions if I understood properly. They are monitoring our environment effectively. We are monitoring it by ourselves as well, however, their SOC team is monitoring and pre-alerting us all the time, every day. From a user experience perspective, I'd rate the solution nine out of ten.
We are evaluating the possibility of enabling Microsoft Defender ATP, which will cover most or all of the suites and the features that we have on Cybereason as well. My advice is to evaluate carefully Microsoft Defender ATP and see if they are running fully with Microsoft. If they are evaluating anything at the endpoint level and they plan to use Mac, Windows, and Linux, they should pay attention to Microsoft solutions. Microsoft is becoming a leader in this area. The cost of Microsoft is quite high, it is something that has to be discussed with Microsoft on a case by case. I would rate this solution a seven out of ten.
I highly recommend this solution for any organization that is solely depending on normal AV. Cyber attacks are rising exponentially, where tools are more advanced in penetrating the wall of security within the organization. A single hole could lead to devastating effects on the business. The latest updates are quite user-friendly. This makes it easy to conduct an investigation, which leads to a reduction in time for determining the root cause of the event.