We performed a comparison between Cybereason Endpoint Detection & Response and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."NGAV and EDR features are outstanding."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"It is stable and scalable."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The price is low and quite competitive with others."
"The initial setup is not overly complicated."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"The dashboard is very good and you can consider it as an interactive UI."
"The initial setup process is straightforward."
"The solution is efficient."
"For me, the technical support is good."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"It is my "security person" looking at irregularities and letting me know when something has occurred."
"It has powerful threat detection, incident response, and compliance management."
"Having everything in a central place has been helpful."
"The most valuable feature is threat intelligence."
"Any unusual behaviour, we can monitor. We have alerts set up to be sent when we receive signs of any unusual behaviour."
"The USM is a work horse, no matter what devices or the number of logs we throw at it, the system processes them in real time, correlates the events, and alerts on only events that need human review."
"What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on and does it quite well. There are no whistles and bells, it's reliable and simple to use."
"Asset discovery seems to be good."
"Making the portal mobile friendly would be helpful when I am out of office."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The dashboard isn't easy to access and manage."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The only minor concern is occasional interference with desired programs."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"Detections could be improved."
"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"The product's reporting isn't great."
"I feel that the product lacks reporting features and needs improvement."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins."
"I'd like to see a dashboard that's a little more descriptive."
"The other thing is the agent is OSSEC. They needed to create its own agent to help to find threats on the devices that it happens to be installed."
"Sometimes the log is unclear, and the report is a bit ambiguous."
"We develop additional rules and scripts to make it more usable."
"It would be nice to see some machine learning and monitoring of the configuration in network devices."
"I feel that some areas of improvement would be vulnerability scanning. We use a separate product that seems to do a much better job."
"The reporting is mediocre and is something that needs to be improved."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 37th in Endpoint Detection and Response (EDR) with 19 reviews while USM Anywhere is ranked 24th in Endpoint Detection and Response (EDR) with 113 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while USM Anywhere is rated 8.4. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace and SentinelOne Singularity Complete, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Microsoft Sentinel. See our Cybereason Endpoint Detection & Response vs. USM Anywhere report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.