We performed a comparison between Cybereason Endpoint Detection & Response and NetWitness Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."We have FortiEDR installed on all our systems. This protects them from any threats."
"The stability is very good."
"The price is low and quite competitive with others."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."
"The dashboard is very good and you can consider it as an interactive UI."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."
"For me, the technical support is good."
"It gives all the information in a clear response."
"The initial setup was easy and straightforward."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"The most valuable feature is the hunting ability to work in a CERT."
"The most valuable features are the packet inspection and the automated incident response."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"It's quite economical compared to other solutions in the market."
"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"Their technical support responds quickly and are knowledgable."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The support needs improvement."
"Cannot be used on mobile devices with a secure connection."
"Making the portal mobile friendly would be helpful when I am out of office."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."
"The network coverage becomes an issue most of the time."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
"It initially took some time to deploy."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"The product's reporting isn't great."
"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"The initial setup is very complex and should be simplified."
"The log system is a bit complex and has room for improvement."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"We have encountered issues with unresolved crashes."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"The implementation needs assistance."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 37th in Endpoint Detection and Response (EDR) with 19 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while NetWitness Platform is rated 7.4. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace and SentinelOne Singularity Complete, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
