What is our primary use case?
We are a solution provider and we deal with three different vendors to supply security products for our customers. One of the products that we implement for them is Cybereason Endpoint Detection & Response.
It is used for endpoint protection, in general, and monitoring the endpoint. Those asking for EDR usually have a security operations center (SOC). They just want to see the dashboard, the incidents, and whether something has happened on the endpoint.
How has it helped my organization?
This product is somewhat new for us, so we haven't been able to secure deals with our customers for it yet. We have proposed it to one customer because it was requested.
Also, I think that Cybereason only has perhaps 500 employees, and there are not many technical people in the Middle East. There is only one regional manager and he is based in the U.A.E., and within the past four or five months, they hired a new service engineer (SE).
What is most valuable?
The dashboard is very good and you can consider it as an interactive UI.
What needs improvement?
There are not many resources in this region for Cybereason, although I have seen some webinars and technical sessions for it.
Cybereason is not flexible in terms of needing a lot of servers, or assets. My understanding is that it requires a lot of components to keep it alive. This is unlike BitDefender, which only needs one virtual machine that you upload and run. Some customers don't have the resources available for this.
They do not have anything related to mailbox security.
Cybereason does not have sandbox functionality.
For how long have I used the solution?
We signed the contract with Cybereason to sell the Endpoint Detection & Response solution a year ago, although we have not had much experience with it yet. Most of our customers already have endpoint protection from Kaspersky and are asking for license renewals and support. It is similar for our customers that have BitDefender.
How are customer service and technical support?
I have not been in contact with technical support.
Which solution did I use previously and why did I switch?
We also deal with BitDefender and Kaspersky.
I have some hands-on work with BitDefender and have completed some implementations.
Both Trend Micro and BitDefender have support for mailbox security. For example, they have specific functionality for securing Microsoft Exchange, or mailboxes in general. Cybereason doesn't have this option. The same is true for sandboxing capabilities.
How was the initial setup?
This is a product that requires a lot of resources when it is set up.
Some of our customers ask that Cybereason be installed with an air gap.
What about the implementation team?
We do not yet have much hands-on experience with this product.
What's my experience with pricing, setup cost, and licensing?
This product is somewhat expensive and should be cheaper. Having better pricing, in general, would be an improvement.
What other advice do I have?
This is a product that I recommend for endpoint protection in general, and for the server. However, if they need mailbox security then I would recommend another product.
I would rate this solution a seven out of ten.
Which deployment model are you using for this solution?