Cybereason Endpoint Detection & Response vs USM Anywhere comparison

Comparison Buyer's Guide

Executive Summary

We performed a comparison between Cybereason Endpoint Detection & Response and USM Anywhere based on real PeerSpot user reviews.

Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Cybereason Endpoint Detection & Response vs. USM Anywhere Report (Updated: May 2024).

Buyer's Guide

Cybereason Endpoint Detection & Response vs. USM Anywhere

May 2024

Download the complete report

Helped 787,383 peers since 2012

Categories and Ranking

Fortinet FortiEDR

Market share comparison

As of June 2024, in the Endpoint Detection and Response (EDR) category, the market share of Fortinet FortiEDR is 7.4% and it increased by 61.8% compared to the previous year. The market share of Cybereason Endpoint Detection & Response is 1.5% and it decreased by 0.1% compared to the previous year. The market share of USM Anywhere is 0.2% and it increased by 101.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR)

Unique Categories:

No other categories found

Endpoint Protection Platform (EPP)

1.1%

Log Management

0.8%

Security Information and Event Management (SIEM)

1.3%

Featured Reviews

RafaelTorres

Founder at Torres & Torres Tech

Feb 20, 2024

Valuable for remote work security and enhances endpoint protection effectively

At my last job, we used FortiEDR to secure endpoints for 8,000 employees across MacBooks and Linux machines, ensuring the protection of backups and VPN connections. In 2020, we faced a significant challenge with remote work in Brazil, where BitLocker was utilized. FortiEDR proved invaluable as it…

Read full review

Johnson Bresnick

Director of Learning and Development at ACA - Ateliers de conversation anglaise

Dec 21, 2021

It has helped us become more knowledgeable about our environment and aware of threats

Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment. I would give the dashboards a perfect 10 out of ten for ease of use. The interface is intuitive, with excellent menus. You can view the data in different ways and customize it fairly easily. There is always a learning curve with any IT solution, but this one is pretty user-friendly, and you can learn it quickly. Cybereason gives us real-time visibility of an entire malicious operation from the root cause to all affected endpoints. It's an excellent way to visualize the timeline, see what's involved, find out what's happening, and learn what kind of connections or processes are running. I think that's if I'm ever shopping for another solution, that would be a must-have.

Read full review

Jomel Varghese

Network and Security Infrastructure Manager at a wholesaler/distributor with 201-500 employees

Aug 1, 2022

Useful highlighted known vulnerabilities, full network viability, and beneficial reports

I have used AT&T AlienVault USM for Log collection and management, priority, and incident analysis AT&T AlienVault USM has helped our organization by highlighting known vulnerabilities in our network and full visibility of our network to figure out if there is anything that we are not aware of.…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It is stable and scalable."

"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."

"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."

"I get alerts when scripts are detected in the environment."

"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."

"NGAV and EDR features are outstanding."

"The most valuable feature is the analysis, because of the beta structure."

"Additionally, when it comes to EDR, there are more tools available to assist with client work."

More Fortinet FortiEDR pros

"For me, the technical support is good."

"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."

"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."

"The solution is efficient."

"The dashboard is very good and you can consider it as an interactive UI."

"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."

"The initial setup is not overly complicated."

"Immediately we can pick up the computers in the network if any malicious operation that is triggered."

More Cybereason Endpoint Detection & Response pros

"AlienVault's reporting is good. I like that vulnerability assessment is part of the solution, and the UI is intuitive. Also, the overhead is low, which is to say we don't need a dedicated SOC team to manage and analyze things constantly. We're a small company that doesn't have those resources."

"The AlienVault solution has enabled us to create a SOC on a budget with smaller than usual staff requirements, offering a wider range of solutions for our customers."

"The most valuable feature is threat intelligence."

"The other big selling feature for us was its integration capabilities with all the other security-based products."

"Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs."

"The asset management of nodes has been a large help in terms of being able to track applications with more detail and have changes made being monitored into one source."

"It allows you to define what alerts you want to see, or not to see, as well as if you want them grouped, or ungrouped."

"Reports are customized, so you can present them to executives or engineers."

More USM Anywhere pros

Cons

"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."

"Intelligence aspects need improvement"

"The SIEM could be improved."

"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."

"We find the solution to be a bit expensive."

"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."

"The only minor concern is occasional interference with desired programs."

"The solution is not stable."

More Fortinet FortiEDR cons

"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."

"It should be more stable, and the sensor needs improvement in terms of connectivity."

"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."

"There can be problems with the EDI."

"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."

"The network coverage becomes an issue most of the time."

"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."

"The reporting feature needs improvement."

More Cybereason Endpoint Detection & Response cons

"The reporting is mediocre and is something that needs to be improved."

"In the future, I would like to see all these features of the solution working properly."

"Source material on the forums to be more up-to-date with the changes happening within the product. Forums being out-of-date with information due to the changes makes troubleshooting a little more difficult - specific to the HIDS agents."

"The reporting module could be a little easier to handle, as it requires quite some trial and error until you get the reports you want. Also, it would be great to have a graphical interface for the Network Intrusion Detection System's rule management."

"Adding a parsing interface for the customers would make AT&T AlienVault USM better."

"I want to see more compliance management capability. The quality of integrations seems to be a little bit low."

"Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on the thing. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies."

"More complimentary training needs to be done for use with this tool. If you get into a bind, then it will cost you."

More USM Anywhere cons

Pricing and Cost Advice

"There are no issues with the pricing."

"It is expensive and I would rate it 8 on the scale."

"The price is comprable to other endpoint security solutions."

"The pricing is good."

"Fortinet FortiEDR is available at a very competitive price compared to the other products in the market."

"Offered at a high price"

"I'm not familiar with pricing, but it looks a bit costly compared to other vendors I think."

"The pricing is typical for enterprises and fairly priced."

More Fortinet FortiEDR pricing and cost advice

"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."

"I had to go through a third-party to purchase it, which I wasn't really pleased about."

"This product is somewhat expensive and should be cheaper."

"In terms of pricing, it's a good solution."

"I do not have experience with the licensing of the product."

"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."

"The pricing is manageable."

"In terms of cost, this is a good choice for our needs."

More Cybereason Endpoint Detection & Response pricing and cost advice

"They are a little more expensive than Microsoft."

"AT&T AlienVault USM is an expensive solution and we pay for the license and the support separately. We paid for the license and support for three years."

"We pay around $12,000 a year including storage."

"We checked out several competitors. For what it can do and the cost, it was the best option!"

"The price of this solution is reasonable, which is one of the reasons why we selected it over other solutions."

"The price for this solution is very good, but since the features do not work the price is expensive."

"It allows you to do a lot with a small price tag... The pricing is the best on the market."

"I don't know exactly, but I know it is based on the number of logs and the retention duration, such as 30 days or something like that. So, the smallest package is about 500 a month for 30 days of logs. There is a virtual machine. You need resources for it. It is a log collecting VM. They provide the software, and you just have to load a virtual machine. So, you're going to incur some CPU RAM and storage for wherever this log collecting appliance is running, which typically is in our cloud and on our platform for the customer."

More USM Anywhere pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

787,383 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

16%

Government

Manufacturing Company

Financial Services Firm

Computer Software Company

17%

Financial Services Firm

10%

Manufacturing Company

Comms Service Provider

Computer Software Company

17%

Government

Educational Organization

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What's the difference between Fortinet's FortiEDR and FortiClient?

I suggest Fortinet’s FortiEDR over FortiClient for several reasons. For starters, FortiEDR guarantees solid protectio...

See all answers

What do you like most about Fortinet FortiEDR?

We have FortiEDR installed on all our systems. This protects them from any threats.

See all answers

What is your experience regarding pricing and costs for Fortinet FortiEDR?

The pricing of the solution is on the high end compared to its offerings and capabilities.

See all answers

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?

Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as ...

See all answers

What is your primary use case for Cybereason Endpoint Detection & Response?

We use Cybereason Endpoint Detection & Response to scan and detect unusual processes and malicious files on the e...

See all answers

What do you like most about Cybereason Endpoint Detection & Response?

The interface is user-friendly.

See all answers

What do you like most about AT&T AlienVault USM?

The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that ...

See all answers

What is your experience regarding pricing and costs for AT&T AlienVault USM?

It is a product that is priced in a medium range, making it neither a cheap nor a costly product.

See all answers

What needs improvement with AT&T AlienVault USM?

The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improv...

See all answers

Comparisons

Fortinet FortiClient vs Fortinet FortiEDR

Compared 19% of the time

CrowdStrike Falcon vs Fortinet FortiEDR

Compared 15% of the time

Microsoft Defender for Endpoint vs Fortinet FortiEDR

Compared 11% of the time

SentinelOne Singularity Complete vs Fortinet FortiEDR

Compared 5% of the time

Cortex XDR by Palo Alto Networks vs Fortinet FortiEDR

Compared 5% of the time

More Fortinet FortiEDR Competitors

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response

Compared 26% of the time

Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response

Compared 13% of the time

Darktrace vs Cybereason Endpoint Detection & Response

Compared 11% of the time

Cortex XDR by Palo Alto Networks vs Cybereason Endpoint Detection & Response

Compared 11% of the time

Splunk Enterprise Security vs Cybereason Endpoint Detection & Response

Compared 1% of the time

More Cybereason Endpoint Detection & Response Competitors

Wazuh vs USM Anywhere

Compared 23% of the time

AlienVault OSSIM vs USM Anywhere

Compared 12% of the time

IBM Security QRadar vs USM Anywhere

Compared 9% of the time

Splunk Enterprise Security vs USM Anywhere

Compared 9% of the time

Microsoft Sentinel vs USM Anywhere

Compared 8% of the time

More USM Anywhere Competitors

Product Reports

Buyer's Guide

Fortinet FortiEDR

June 2024

Download Fortinet FortiEDR product report

Buyer's Guide

Cybereason Endpoint Detection & Response

June 2024

Cybereason Endpoint Detection & Response report

Download Cybereason Endpoint Detection & Response product report

Buyer's Guide

USM Anywhere

May 2024

Download USM Anywhere product report

Also Known As

enSilo, FortiEDR

Cybereason EDR, Cybereason Deep Detect & Respond

AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity

Learn More

Fortinet

Video not available

Cybereason

AT&T

Overview

Fortinet FortiEDR is a real-time endpoint protection, detection, and automated response solution. Its primary purpose is to detect advanced threats to stop breaches and ransomware damage. It is designed to do so in real time, even on an already compromised device, allowing you to respond and remediate incidents automatically so your data can remain protected.

Fortinet FortiEDR Features

Fortinet FortiEDR has many valuable key features, including:

Easily customizable
Real-time proactive risk mitigation & IoT security
Pre-infection protection
Post-infection protection
Track applications and ratings
Reduce the attack surface with risk-based proactive policies
Achieve analysis of entire log history
Optional managed detection and response (MDR) service

Fortinet FortiEDR Benefits

Some of the key benefits of using Fortinet FortiEDR include:

Protection: Fortinet FortiEDR provides proactive, real-time, automated endpoint protection with the orchestrated incident response across platforms. It stops the breach with real-time postinfection blocking to protect data from exfiltration and ransomware encryption.
Single unified console: Fortinet FortiEDR has a single unified console with an intuitive interface, which makes management easier. The solution automates mundane endpoint security tasks so your employees don’t need to do it.
Cost savings: With Fortinet FortiEDR you can eliminate post-breach operational expenses and breach damage costs.
Flexibility: Fortinet FortiEDR can be deployed on premises or on a secure cloud instance. With Fortinet FortiEDR, endpoints are protected both on- and off-line.
Scalability: Because Fortinet can be deployed quickly and has a small footprint, it is easy to scale up to protect hundreds of thousand endpoints.

Reviews from Real Users

Below are some reviews and helpful feedback written by Fortinet FortiEDR users.

An Owner at a security firm says, "The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers. The customer has literally about 800 cash registers. That was the use case for Fortinet FortiEDR - to get that down into a tiny space. The only way to do that was to use this product because it had that ability to unbundle services that were a surplus.”

Chandan M., Chief Technical Officer at Provision Technologies LLP, mentions, “The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration.” He also adds, “The security is also very good and the firewall response is good.”

Harpreet S., Information Technology Support Specialist at Chemtrade Logistics, explains, "It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."

DeAndre V., Senior Network Administrator at a financial services firm, states, “The dashboard is easy to follow and use. The deployment and uninstalling were easy. I like the detailed information about the path of a file that might be suspicious. Being able to check that out was easy to follow. Exceptions are easy to create and the interface is easy to follow with a nice appearance.

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

Discover

Network asset discovery
Software & services discovery
AWS asset discovery
Azure asset discovery
Google Cloud Platform asset discovery

Analyze

SIEM event correlation, auto-prioritized alarms
User activity monitoring
Up to 90-days of online, searchable events

Detect

Cloud intrusion detection (AWS, Azure, GCP)
Network intrusion detection (NIDS)
Host intrusion detection (HIDS)
Endpoint Detection and Response (EDR)

Respond

Forensics querying
Automate & orchestrate response
Notifications and ticketing

Assess

Vulnerability scanning
Cloud infrastructure assessment
User & asset configuration
Dark web monitoring

Report

Pre-built compliance reporting templates
Pre-built event reporting templates
Customizable views and dashboards
Log storage

Sample Customers

Financial, Healthcare, Legal, Technology, Enterprise, Manufacturing ...

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital

Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom

Buyer's Guide

Cybereason Endpoint Detection & Response vs. USM Anywhere

May 2024

Free Report: Cybereason Endpoint Detection & Response vs. USM Anywhere

Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. USM Anywhere and other solutions. Updated: May 2024.

DOWNLOAD NOW

787,383 professionals have used our research since 2012.

See our Cybereason Endpoint Detection & Response vs. USM Anywhere report.

See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.