We performed a comparison between Cybereason Endpoint Detection & Response and Microsoft Defender for Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is stable and scalable."
"The product detects and blocks threats and is more proactive than firewalls."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Fortinet is very user-friendly for customers."
"The most valuable feature is the analysis, because of the beta structure."
"For me, the technical support is good."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."
"The initial setup process is straightforward."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"The interface is user-friendly."
"It gives all the information in a clear response."
"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"It's stable."
"The detection features are valuable, as is the fact that it is easier to port these logs into Sentinel. That is also useful for us. It is more comprehensive."
"It depends on the licensing. Most of the customers have got at least a 365 E3 license, and they can use most of the features of Windows 10 Defender. So, anyone who has got an enterprise license can start using those features. Some of the customers have got E5 licenses, and they can use all advanced features. Customers with E5 licenses use the advanced site protection (ATP) features and web content filtering without going via a proxy, which gives the benefit of replacing the proxy. They can get the benefit of MCAS and integration with Intune and the endpoint manager. It is a kind of single platform for all 365 technologies. It helps customers in managing everything through a unified portal."
"It is quite stable. We have not had any cases, i.e., viruses, that would require a reboot, etc. We have never had a situation where we needed to reinstall the tools as a result of the Defender application or a feature being corrupt."
"The threat hunting service is very useful for a security professional."
"Provides good security features and you can view it in the central console."
"It is a very advanced system based on AI. It has a very large database of places or sites on the internet where you should not go. It is continuously online."
"The solution's threat protection is mostly AI and machine-learning based. That is the most important feature of the product. It also offers centralized management so I can remotely manage devices."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"FortiEDR can be improved by providing more detailed reporting."
"Making the portal mobile friendly would be helpful when I am out of office."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The SIEM could be improved."
"We'd like to see more one-to-one product presentations for the distribution channels."
"It takes about two business days for initial support, which is too slow in urgent situations."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"It initially took some time to deploy."
"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"The product's reporting isn't great."
"I feel that the product lacks reporting features and needs improvement."
"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
"It's not quite a mature solution just yet. It needs more time to grow and develop."
"It is not very scalable from the eyes of an MSP because there is no dashboard that you can use to see all of your devices that have Windows Defender unless you have your own dashboard or an RMM tool to actually look at it. So, you might not get to know that a particular computer of a client is doing something, and it might have got a virus. That person might know that, but unless you set it up to actually send you the information, you won't get to know that. That's one of the things that is hard with Microsoft Defender. It is not made for the MSP world where you have one pane of glass to see all of your clients with Microsoft Defender on it unless your RMM tool already has that built-in and it can see the telemetry from Microsoft Defender."
"Microsoft Defender for Endpoint could improve by adding more security features."
"Other vendors provide a lot of customization when it comes to integration, which every big organization requires. No big organization depends on one particular tool. Defender lacks that at this point."
"Microsoft Defender for Endpoint could provide us with a more holistic approach, such as collaboration. They can provide us with an environment from where we can manage all the endpoints from one central location, such as overall management."
"Cortex... has good investigation capabilities, out-of-the-box, in case there is an event that you'd like to investigate. It's quite convenient. Microsoft has those capabilities as well, but you need a bit more training on the product to get the basic information that you can get out-of-the-box with Cortex."
"It makes your Surface devices hot. It is resource-intensive. It strains your CPU, not more than other file scanners around, but it also does a lot more. When you are transmitting files or data, it is continuously scanning the traffic and analyzing it bit by bit to see what's going on, and that, of course, is costly in terms of CPU. It is CPU intensive, and if you are on battery, it drains your battery fast. That's the only drawback that it has."
"I would like to have a dashboard that shows an overview of the results for the enterprise."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 44th in Endpoint Protection Platform (EPP) with 19 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Cortex XDR by Palo Alto Networks, Darktrace, SentinelOne Singularity Complete and Kaspersky Endpoint Security for Business, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune. See our Cybereason Endpoint Detection & Response vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.