We performed a comparison between Cybereason Endpoint Detection & Response and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two EDR (Endpoint Detection and Response) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"NGAV and EDR features are outstanding."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."
"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."
"The dashboard is very good and you can consider it as an interactive UI."
"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"It has streamlined log aggregation and analysis to meet organizational and regulatory needs."
"There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems."
"This is a USM, so being able to get all the features under one roof makes it a good product with good new features."
"Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs."
"The most valuable feature of this solution is security management for PCI DSS."
"We had used previous products and found AlienVault centralized the logging for our security."
"The new cloud-based panel is excellent both for client review as well as for our SOC to review and respond to threats. It is much easier to configure and use than the previous solution from AlienVault."
"The main menu: You can see everything there, what is happening on the servers, and in the logs, you can view more details of each event."
"I haven't seen the use of AI in the solution."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The SIEM could be improved."
"The solution should address emerging threats like SQL injection."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The network coverage becomes an issue most of the time."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"Ad hoc higher-level reporting to senior management can be improved or can be implemented. That's definitely an area of improvement that they need to focus on."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."
"Cybereason does not have sandbox functionality."
"There can be problems with the EDI."
"I feel that the product lacks reporting features and needs improvement."
"It would be hard for any legitimate MSSP to use it."
"Plugins could be better utilized, as some of them do not recognize all logs."
"AlienVault cannot automatically respond to threats like other SIEM solutions, such as Sentinel and LogRhythm. Most of our clients are far away, so it's often challenging to handle alerts when they come up on our dashboard."
"I've been told that AlienVault doesn't have a full version of NES running in there, but I'm not sure if that's accurate or if my engineer made it that way. I'm not sure he was completely honest either because we had NES in the environment before. Those tools could be improved because AlienVault is a SIEM, and it added all these other features."
"USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it."
"I want to see more compliance management capability. The quality of integrations seems to be a little bit low."
"The reporting is mediocre and is something that needs to be improved."
"The other thing is the agent is OSSEC. They needed to create its own agent to help to find threats on the devices that it happens to be installed."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 38th in EDR (Endpoint Detection and Response) with 19 reviews while USM Anywhere is ranked 25th in EDR (Endpoint Detection and Response) with 113 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while USM Anywhere is rated 8.4. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace and SentinelOne Singularity Complete, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Microsoft Sentinel and Splunk Enterprise Security. See our Cybereason Endpoint Detection & Response vs. USM Anywhere report.
See our list of best EDR (Endpoint Detection and Response) vendors.
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.