We performed a comparison between Cybereason Endpoint Detection & Response and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is stable and scalable."
"This is stable and scalable."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The most valuable feature is the analysis, because of the beta structure."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The product detects and blocks threats and is more proactive than firewalls."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"It gives all the information in a clear response."
"For me, the technical support is good."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"The initial setup was easy and straightforward."
"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"SIEM log collection is great, and all of the rules that support updates with maintenance."
"AlienVault's reporting is good. I like that vulnerability assessment is part of the solution, and the UI is intuitive. Also, the overhead is low, which is to say we don't need a dedicated SOC team to manage and analyze things constantly. We're a small company that doesn't have those resources."
"The main menu: You can see everything there, what is happening on the servers, and in the logs, you can view more details of each event."
"The solution has all the features that we need, however they do not work correctly."
"The most valuable feature is threat intelligence."
"What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on and does it quite well. There are no whistles and bells, it's reliable and simple to use."
"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."
"The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The SIEM could be improved."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"We find the solution to be a bit expensive."
"I haven't seen the use of AI in the solution."
"The only minor concern is occasional interference with desired programs."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"The network coverage becomes an issue most of the time."
"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"The product's reporting isn't great."
"Cybereason does not have sandbox functionality."
"There can be problems with the EDI."
"Pay attention to false-positive event automatic correlations."
"The reporting is mediocre and is something that needs to be improved."
"As this software is in the cloud, you do not have control on updates and general changes which are happening."
"More complimentary training needs to be done for use with this tool. If you get into a bind, then it will cost you."
"The solution is a bit complicated. It could be simplified quite a bit."
"Different functions to customize reports should be added."
"The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."
"I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 37th in Endpoint Detection and Response (EDR) with 19 reviews while USM Anywhere is ranked 24th in Endpoint Detection and Response (EDR) with 113 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while USM Anywhere is rated 8.4. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace and SentinelOne Singularity Complete, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Microsoft Sentinel. See our Cybereason Endpoint Detection & Response vs. USM Anywhere report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.