We performed a comparison between Cybereason Endpoint Detection & Response and Darktrace based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The stability is very good."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The product detects and blocks threats and is more proactive than firewalls."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"The dashboard is very good and you can consider it as an interactive UI."
"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."
"The initial setup is not overly complicated."
"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"The platform has many modules, and each module examines a different situation in the behavior."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"What I like about Darktrace, is that you can quickly identify threats."
"The initial setup is simple."
"I am impressed with the product's ability to give insights into network traffic."
"It is autonomous. So, it learns. It uses algorithms and AI to learn the common behavioral patterns on the network, and it is able to identify threats based on abnormal patterns."
"The solution can scale."
"One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself."
"The only minor concern is occasional interference with desired programs."
"Making the portal mobile friendly would be helpful when I am out of office."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"We'd like to see more one-to-one product presentations for the distribution channels."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."
"I feel that the product lacks reporting features and needs improvement."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"Ad hoc higher-level reporting to senior management can be improved or can be implemented. That's definitely an area of improvement that they need to focus on."
"The product's reporting isn't great."
"The network coverage becomes an issue most of the time."
"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"In the next version, I'd like to see penetration testing."
"The initial setup is more complex and time-consuming than some solutions."
"Upper management wasn't sold on the value proposition."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
"The module can improve so that every time it's more intelligent."
"Its documentation is not up to the mark. At times, I have a lot of trouble finding a solution. Even when I posted questions on the community chats, it took a lot of time for me to get answers. That's something that can be improved. Darktrace can focus on creating a more interactive community. If there are more people from Darktrace to focus on community chats, it would be better."
"In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from."
"The user interface and the configuration are a bit complex and should be improved or simplified."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 36th in Endpoint Detection and Response (EDR) with 19 reviews while Darktrace is ranked 12th in Email Security with 66 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while Darktrace is rated 8.2. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, SentinelOne Singularity Complete and Splunk Enterprise Security, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Dragos.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.