We performed a comparison between Cybereason Endpoint Detection & Response and Trellix ESM based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."NGAV and EDR features are outstanding."
"Fortinet is very user-friendly for customers."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The most valuable feature is the analysis, because of the beta structure."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The stability is very good."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."
"For me, the technical support is good."
"The solution is efficient."
"The initial setup was easy and straightforward."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."
"The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller."
"The ease of use is the most valuable feature. Over the years I have always been using this solution and have become comfortable with it."
"It enables us to detect malicious threats, issues, or vulnerabilities in our network."
"The most valuable feature is that if the scanning does find something, it quarantines it. Then you can decide what you are going to do with it."
"We are now able to completely monitor our environment so we can review what is there, which is a big win for us."
"I like the ease of deployment."
"It is a good central viewpoint for issues. These can then be investigated in more detail on the subnet server(s)/endpoints."
"The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available. It's also very easy to use."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The solution is not stable."
"Making the portal mobile friendly would be helpful when I am out of office."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The SIEM could be improved."
"Ad hoc higher-level reporting to senior management can be improved or can be implemented. That's definitely an area of improvement that they need to focus on."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"The product's reporting isn't great."
"Cybereason does not have sandbox functionality."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support. It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better."
"The initial setup is difficult and could improve."
"McAfee ESM is not user-friendly and the log is not accurate. For instance, if I were assigned to generate a log for changes made today, I wouldn't be able to see all the modifications. While Palo Alto allows us to see all changes, McAfee ESM only captures one out of every ten changes. It's crucial to have visibility into all changes made."
"I would like to see improvements to the user interface."
"The solution needs to improve case management. The UI is confusing."
"Customized reports and alerting functionality could be included in the dashboard."
"There are some banking and transactional cases that are local, South America transactions. I would like to see them add features that can be used locally, to make those transactions more reliable."
"It seems McAfee does test its product before releasing. When we - not only us, other companies also - deploy McAfee, we face multiple issues from the customer side, after which, McAfee reacts and fixes the bugs."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 37th in Endpoint Detection and Response (EDR) with 19 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while Trellix ESM is rated 7.4. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace and SentinelOne Singularity Complete, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and SQRRL.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.