Symantec Endpoint Detection and Response Room for Improvement
HH
Hamid Harroud
IT Director at Al Akhawayn University
The solution needs to provide better integration. We may receive things from email, network, or the machine itself. So we need a centralized system to get alerts or messages which are not available in the product. The solution must provide features to centralize the alerts received. It should provide integration with other Symantec products.
View full review »Honestly, the product needs to continue the way it is, and I feel that everything will be fine. I haven't had any reasons to complain about the product.
The product doesn’t offer MDM functionality under its current licensing model. In the future, I want the product to offer MDM. It can allow me to manage my mobile device more efficiently and effectively. Currently, there is a need for a separate license to be added to Symantec Endpoint Detection and Response to be able to use the MDM part. If both are bundled up under the same license, the administration part can be made easier.
The GUI could be better. It has reports for every part of the product, but it doesn't have reports for better usage.
Buyer's Guide
Symantec Endpoint Detection and Response
March 2024
Learn what your peers think about Symantec Endpoint Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
768,740 professionals have used our research since 2012.
The solution’s scalability and stability could be improved. The solution's investigation feature can be further improved.
View full review »RS
RanjitsinhSalunkhe
CIO at Meera Diagnostics
I'm not sure if there are any features that need to be added.
We'd like them to continuously improve their security posture to ensure they can protect customers from future threats. While they are quite dynamic, they need to ensure they are detecting threats faster in the future to keep people safer.
View full review »HT
Harold Tsatsi
Threat Analyst at SA RVE Bank
One potential area for improvement in Symantec EDR is the reporting engine. It is not exactly a weakness, but rather a feature that might need enhancement in the future. The current reporting capabilities are somewhat limited, lacking extensive filtering options. Currently, our experience with Symantec EDR is generally positive. Performance and user-friendliness are satisfactory. In our regular assessments, the main area for improvement that has emerged is the reporting engine, which is somewhat limited. Enhancing this reporting functionality to reduce the need for manual data manipulation and export to tools like Power BI would be a valuable improvement for the application. In the future, it would be beneficial to have AI-driven analytics and automated workflow capabilities integrated into Symantec EDR. This would enable more efficient detection, response, and mitigation of security incidents. Specifically, having workflows that can automate incident analysis, qualification for closure, and escalation when needed within the application would be a valuable addition. This would reduce the manual effort of security analysts and streamline incident management.
The solution can always be more stable and more secure.
View full review »JM
Jabu Mtsweni
Head: Cyber and Information Research Centre at Council for Scientific and Industrial Research
In the future, it would be nice to have playbooks in the tool, to allow for some of the common activities to be automated. For example, some of the scannings of the malware can be too manual for a specific device. Additionally, a vulnerability manager would be beneficial.
View full review »AS
reviewer1400886
Consultant Cybersecurity & SD WAN at a computer software company with 201-500 employees
They need to improve their cloud presence. They need to keep developing prevention. Many OEMs are focusing on the detection part only. They need to address the challenge of gathering false positives.
We do not need any extra features.
HP
Hamsa PP
Function Head Corporate Desktop Services at a tech services company with 5,001-10,000 employees
Their customer support has deteriorated significantly since Symantec was purchased by Broadcom. We have issues interfacing with Broadcom. eg: There is no TAM / sales team in Broadcom for Symantec products. We have faced up to 3 months delays in getting a quote to renew the license through their partners.
View full review »Symantec is a dead product. The product does not have any add-on features. The interface has many issues. There is no proper KB article to fix the error.
View full review »MS
Manjit Singh
Senior Information Security Engineer at Herbalife
I don't see much room for improvement. I am not an analyst for this product. I just manage this product for an analyst. I like the dashboard, it has lots of information like threats and we can see activity on the dashboard. It shows new and unknown threats in the environment. This feature is very good for EDR monitoring and management.
MD
Maria De Jesus
IT Manager at Piisa
It should be easier to deploy Symantec's client for end-users.
RT
Ray Tang
Creative Director at Yamato Logistics (HK) Ltd.
The solution's price could be better. Presently, it is expensive for basic functionality. Also, they should make its UI more user-friendly. It takes time to find the policies and analyze their effects. They should add a customization option for policies. In addition, they should add more scanning features to it.
View full review »MF
Mohammad Fatt
Technical Support Administrator at a newspaper with 51-200 employees
We are in Iran, so for some Symantec services, we face sanctions.
The interface is very complicated. It needs to be simplified in future releases.
It needs to offer better documentation around configurations during setup.
Scalability is limited. It needs more expansion capabilities and should offer more efficiency.
View full review »NH
Naveen Hariharan Vijaya
Security Consultant at IBM Thailand
Symantec Endpoint Detection and Response could improve the reporting. It is very difficult to create reports from the user interface.
View full review »HT
Harold Tsatsi
Threat Analyst at SA RVE Bank
I have not picked up anything that is lacking in terms of features while using this tool.
They do need to minimize the number of agents installed on a server.
The response time for technical support takes too long.
View full review »I think we have experienced some technical issues because the company focuses mainly on bigger clients. They should treat every client equally instead of only targeting high-profile or high-revenue-generation clients. The focus should be client-centric, not only revenue-centric.
Also, sometimes the solution fails to detect zero-day attacks, so that feature needs some enhancement because it is lacking compared to other solutions.
I would like to see better scanning capabilities.
View full review »KK
Kishan Kendre
Project Manager at a consultancy with 501-1,000 employees
Reporting is a major issue, as it is not user friendly. It's the biggest challenge we are facing. I have raised this issue multiple times.
With virus detection, if one OEM vendor is detecting the virus at 1:10 am, within 24 hours all others will detect it. For example, Symantec will detect the virus, then McAfee will detect it then Trend Micro, all within 24 hours, everyone will have it covered.
In the next release, I would like to see the option to customize the report as per our needs, and better reporting in general.
View full review »I think the network forensics feature could be improved. It's not part of SEP, but it's part of the package and I think that could be improved because we need the decryptor. Without that you can't actually decrypt the SSL traffic going in the network. If the solution could be completely software-based, it would be a formidable product.
Symantec could include that as an additional feature, it's something that other solutions provide. Secondly, instead of just making it endpoint deception, they could make it network deception as well and that would make it a complete endpoint protection solution.
View full review »CJ
reviewer1778676
Vice President, Head of Infrastructure, Information Systems Group at a financial services firm with 10,001+ employees
The unpredictability of the pricing is a cause of concern.
It would be good if it can anticipate zero-day attacks. I don't know how it can be done and if it is even a feature of this product.
View full review »MA
Muhammad Atif Shafique
Senior Security Architect at a tech services company with 11-50 employees
The solution should offer more features, such as ones which are forensic and timeline.
The tech support was very bad in the immediate aftermath of the merger, although it is now slightly better. The problem came down to the ownership of the case. Support was horrible when the Broadcom entered the picture, but they have done much work in this area and things are mostly better.
It would be nice to see more granular timeline analysis.
View full review »NV
Nikhilesh Verma
IT Security Specialist at TT Systems LLC
Some fine-tuning is required because we often see false positives.
View full review »RS
RanjitsinhSalunkhe
CIO at Meera Diagnostics
The Symantec portfolio is not big enough to cover the organization in all 360 degrees.
View full review »It would be beneficial to have more integration and compatibility with other platforms.
View full review »Buyer's Guide
Symantec Endpoint Detection and Response
March 2024
Learn what your peers think about Symantec Endpoint Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
768,740 professionals have used our research since 2012.