Symantec Endpoint Detection and Response Alternatives and Competitors

Get our free report covering Microsoft, Palo Alto Networks, Trend Micro, and other competitors of Symantec Endpoint Detection and Response. Updated: June 2021.
521,189 professionals have used our research since 2012.

Read reviews of Symantec Endpoint Detection and Response alternatives and competitors

Mohammad Ali Khan
Director at Pacific Infotech UK ltd
Real User
Top 10
Automatic remediation and rollback help us minimize the number of technicians needed to support customers

What is our primary use case?

We are a managed services provider. We are not just using it for ourselves, but we are also supporting it and deploying it for a number of our customers. The primary use case is that it's endpoint protection software and we use it to protect our end customers' endpoints, whether they are Apple or computers, laptops or servers. SentinelOne is software as a service, but it has an agent that has to be installed on a computer or a server onsite.

Pros and Cons

  • "It has a one-click button that we can use to reverse all those dodgy changes made by the virus program and bring the system quickly back to what it was. That's one of the most important features."
  • "Another valuable feature is that if a machine is infected, one that may infect other computers within the network, we have the capability of segregating that machine in the network so that it remains connected to the internet but is cut off from the other machines in the network. That helps prevent spreading of the infection. That's a very unique feature, one I have not seen in the last 10 to 15 years from any other antivirus program. That's amazing."
  • "One of the areas which would benefit from being improved is the policies. There are still software programs where we need to manually program in the policies to tell the system, "This program is legitimate." Some level of AI-based automation in creating those policies would go a long way in improving the amount of time it takes to deploy the system."

What other advice do I have?

Go for it. It's an absolutely brilliant product. But understand what it is before starting to deploy. Unless you understand the product, you will not know how to use it to the best of its best capabilities. The solution's Behavioral AI works with and without a network connection, providing the internal protection. But having that network connection is important because it will then be able to report it to the central dashboard. While it will do what it has to do locally, it's helpful when the agent reports back to the central dashboard so that the IT Admin can take action. It is important that…
EA
President at a tech vendor with 1-10 employees
Reseller
Top 5
Great reporting and good training with a pretty straightforward setup

What is our primary use case?

We primarily use the solution for malware protection.

Pros and Cons

  • "The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer."
  • "The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them."

What other advice do I have?

We're Sophos partners and resellers. We always deploy the latest version of the solution. We deploy the Intercept X Advanced with EDR. All the management is done through the cloud. Then there's a client piece you put on, on-premises. We do the management through the cloud and we put the client piece on the premises. I like a lot of the things that Sophos is doing. They didn't have one this year, however, they have an annual conference, and one of the things they had done, this was right before they got bought by this other company, is they had hired a lot of really top talent. These guys, when…
Adam Shusterman
Cyber Security Engineer at a legal firm with 501-1,000 employees
Real User
Top 20
The cloud-based management console is easy to maintain and takes a load off our hands

What is our primary use case?

We are using it primarily for NGAV, but we also use their EDR product and Falcon OverWatch. Most of our internal stuff is still on-prem. We do use SaaS for vendor products, but our internal environment is still mostly on-prem.

Pros and Cons

  • "It has definitely minimized resources. When everything was on-prem, there was a lot more work maintaining it. One of the big value tickets: I don't have lists of hundreds of exceptions for certain applications that I have to maintain, add, delete, and move. The very nature of the product has lessened my workload considerably."
  • "There are some aspects of the UI that could use some improvement, e.g., working in groups. I build a group, then I have to manually assign prevention policies, update policies, etc., but there is no function to copy that group. So, if I wanted to make a subgroup for troubleshooting or divide workstations into groups of laptops and desktops, then I have to manually build a brand new group. I can't just copy a build from one to another. Additionally, in order to do any work within a group, I have to first do the work on the respective prevention policy page or individual policy page, then remove the group if the group is assigned to a different prevention policy, remove the prevention policy, and then add the new one in. So, it can get a little hectic. It would be easier if I could add and remove things from the group page rather than having to go into the policy pages to do it."

What other advice do I have?

Take the time you need in the beginning to fully build out all the groups and prevention policies that you will need. It may take a bit longer during the initial setup, but it is worth it in the long run because it makes maintenance down the line much easier than having to build new groups or prevention policies as they come up. Definitely take the time needed in the beginning. Then, later down the road all you have to do is check some boxes, as opposed to building out brand new groups and prevention policies, which can take awhile. In the beginning, there will be a bunch of false positives as…
David Alfonso
Cybersecurity Analyst & System Engineer at Compucare Systems Inc
Reseller
Top 5Leaderboard
Offers patch management for all critical updates and protection of the system

Pros and Cons

  • "The best feature for our customers is the ransomware feature. It is very fresh and powerful. Bitdefender also has a feature called Ransomware Vaccine. With this feature, when a file from the ransomware is encrypted Bitdefender can revert it back to the original file. It automatically decrypts the file and puts the ransom in quarantine."
  • "Bitfender could improve their modules on the server. For example, Bitdefender doesn't have content filters or firewall modules on the server. It would be great if it had a networking module and a content filter module at the workstations."

What other advice do I have?

We use Bitdefender cloud. So basically everything is cloud-based. All the protection is based on agents installed in servers and workstations. In terms of mobile protection, I see that it has good features. You can install the mobile protection on on-premise servers like VMware or Hyper-V, and it works fine. It's very friendly. I do see the graphics on the mobile endpoint are a little bit old and I think they should improve that. Also, it would be great if in the future they included a feature for anti-theft so they can clean the device and wipe it out if it gets stolen. I think it might have…
SA
Cloud Consultant at Brio Technologies Private Limited
Real User
Top 20
Good with vulnerability assessment and integrates well with Office 365 and Azure

What is our primary use case?

This is an endpoint security product. It helps detect and prevent attacks and is very good when it comes to vulnerability assessment. It automatically detects attacks. It provides support for all the end devices, whether it is a Mac OS, Windows, mobiles, Android and iOS, it has support for all. I mostly deal with smaller and medium sized companies, I don't deal much with enterprises. I'm a customer of Microsoft and I work as a solution architect.

Pros and Cons

  • "Provides good vulnerability assessment."
  • "The GUI is very complex and could be more user friendly."

What other advice do I have?

I would suggest that if you're already using Microsoft products, then I think it makes sense to go with Microsoft Defender over any other product. I would rate this solution an eight out of 10.
Get our free report covering Microsoft, Palo Alto Networks, Trend Micro, and other competitors of Symantec Endpoint Detection and Response. Updated: June 2021.
521,189 professionals have used our research since 2012.