We performed a comparison between Cybereason Endpoint Detection & Response and Symantec Endpoint Security based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is stable and scalable."
"The solution was relatively easy to deploy."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The product detects and blocks threats and is more proactive than firewalls."
"The setup is pretty simple."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Ability to get forensics details and also memory exfiltration."
"The stability is very good."
"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."
"The initial setup was easy and straightforward."
"The solution is efficient."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"The initial setup is not overly complicated."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"The initial setup process is straightforward."
"It gives all the information in a clear response."
"Threat protection has always worked well."
"The tool has predefined rules, like which actions to block or allow. This makes it easy because I don't have to figure out what policies to deploy."
"What I like most about Symantec is the intrusion detection module. If you are scanning the environment, it will flag a possible intruder and tell you the IP and where the attack is coming from. Traditional antivirus solutions will never flag that. If you have a traditional SIEM, you might be able to pick that up. Symantec is a holistic endpoint security solution, so when you scan an endpoint, Symantec will let you know that something is happening to it."
"If there is exposure, we need to investigate the source of the attack, e.g., whether it came from the network or externally. We view the firewall logs, and if there has been exposure, then we use the Application Isolation feature. When there is an attack with on-prem, that system will go into isolation mode, removing connectivity to other internal systems. We also restrict the WLAN part to avoid that system broadcasting to other networks."
"Protection from viruses, malware, Trojans, and malicious files is most valuable. It is also good in terms of application control. I can control the type of external media that can be connected with endpoint devices and protect them from malicious files and devices such as USB."
"ATP is really impressive, and with EDR, it is the best solution I have ever known."
"The product blocks computer viruses."
"We are using it on 1,600 computers. All the systems and servers are protected with the Symantec solution. Our environment has an uptime of 99.9% because we never had any attack or issue related to viruses. There is zero downtime."
"Detections could be improved."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The solution should address emerging threats like SQL injection."
"The solution is not stable."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"Ad hoc higher-level reporting to senior management can be improved or can be implemented. That's definitely an area of improvement that they need to focus on."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"The product's reporting isn't great."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."
"Cybereason does not have sandbox functionality."
"There can be problems with the EDI."
"We are not satisfied with this solution. It needs a lot of improvements. It doesn't detect the most recent malware and unknown threats. With most of the users working from home these days, there is also a need for some extra security layer. That's why we are thinking of going for a better solution that will take care of all of our endpoints and work from home situation. Symantec also has to work on EDI technology. Vendors like Palo Alto and Cisco are coming with their own intelligence and cloud infrastructure in which unknown threats are regularly watched and monitored, and they are reported to the admin."
"The solution is very difficult to uninstall. There isn't really a way to uninstall the product at all, which is quite a headache."
"Managements' number one item on the "Wish List" would have to do with the real-time scan of external media inserted into any client."
"The tool switches off automatically, and I have to restart it. Also, we had to manually fix some issues that cropped up while using the tool."
"SONAR could be improved. The false/positive rate is a little high."
"In a few cases, when we enable the IPS/IDS feature, there are performance-related issues on the end devices. If we run quite a few features of Symantec, especially the IPS/IDF, it consumes a lot of processing and memory capacity."
"We had an issue with the Broadcom migration. We had some problems with product support, and the deployment is tricky because it's an on-premises technology. Deploying any on-premises security solution is hard because you have to distribute the software."
"There is no local support for Symantec products in Hong Kong."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 42nd in Endpoint Protection Platform (EPP) with 19 reviews while Symantec Endpoint Security is ranked 5th in Endpoint Protection Platform (EPP) with 139 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while Symantec Endpoint Security is rated 7.6. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of Symantec Endpoint Security writes "The solution has given us visibility into compliance within our whole system and helped us ensure everything is updated". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace and Kaspersky Endpoint Security for Business, whereas Symantec Endpoint Security is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Cybereason Endpoint Detection & Response vs. Symantec Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.