We performed a comparison between Cybereason Endpoint Detection & Response and NetWitness Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The solution was relatively easy to deploy."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"The solution is efficient."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."
"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."
"The dashboard is very good and you can consider it as an interactive UI."
"The initial setup was easy and straightforward."
"The newer 11.5 version that my team is using has found it to have good mapping."
"Incident management is its most valuable feature."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"The product's initial setup phase was not at all difficult."
"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The solution should address emerging threats like SQL injection."
"The dashboard isn't easy to access and manage."
"The only minor concern is occasional interference with desired programs."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The solution is not stable."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"Cannot be used on mobile devices with a secure connection."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"There can be problems with the EDI."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"The product's reporting isn't great."
"An area for improvement would be better automation and more inbuilt use cases."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly."
"Security needs improvement."
"The log system is a bit complex and has room for improvement."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 36th in Endpoint Detection and Response (EDR) with 19 reviews while NetWitness Platform is ranked 19th in Log Management with 36 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while NetWitness Platform is rated 7.4. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks and Darktrace, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.