We performed a comparison between Cybereason Endpoint Detection & Response and Securonix Next-Gen SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."The product detects and blocks threats and is more proactive than firewalls."
"This is stable and scalable."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Ability to get forensics details and also memory exfiltration."
"I get alerts when scripts are detected in the environment."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"NGAV and EDR features are outstanding."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"The initial setup is not overly complicated."
"The initial setup was easy and straightforward."
"It gives all the information in a clear response."
"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."
"For me, the technical support is good."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"Its console is very easy to use and configure. It is very intuitive for our use cases. App integrations are also pretty nice."
"The big data security analytics platform, structured and unstructured data analytics, and user and entity behavior analytics provided by the product are probably the best in the industry."
"Risk scoring was nice. We could exactly see which user had the highest risk score, and then we could pick it up and work on it."
"We can customize our use cases with the tools provided by Securonix. It is an excellent tool that can ingest data in different ways and is very flexible."
"One of the most valuable features it has is the thread chaining. One of the common issues that we always had was the number of anomalies that we used to get and the number of alerts that we used to get. But with this approach of thread chaining, we've found the false-positive rate has decreased very significantly. That was something that we never could have achieved before."
"The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it."
"The most valuable feature is being able to look at users' behavioral profiles to see what they typically access. One of the key events that we monitor is people's downloading of objects... It's very easy to see people's patterns, what they typically do."
"The scalability is one of the remarkable qualities of this product, which makes it very effective, especially when we are dealing with substantial data volumes in the cloud."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The SIEM could be improved."
"We find the solution to be a bit expensive."
"The solution is not stable."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"It initially took some time to deploy."
"The product's reporting isn't great."
"The network coverage becomes an issue most of the time."
"Ad hoc higher-level reporting to senior management can be improved or can be implemented. That's definitely an area of improvement that they need to focus on."
"I feel that the product lacks reporting features and needs improvement."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"Parsing needs to be improved. Every time we integrate a new, specific data source, we face a lot of problems in parsing, even for the old data source."
"We would like a little more face-to-face training. Securonix has several tutorials on its website, but we want there to be a person in Colombia who does training or workshops to give us a better understanding of the platform."
"Regarding the analysis of security events on the SOC side, Securonix Next-Gen SIEM needs to improve its automation capabilities."
"The analytics-driven approach for finding sophisticated threats and reducing false positives is positive and good, but the platform requires a more dynamic concept. Everything is a bit static."
"The solution could provide more automation."
"It could be improved a little bit more for admin users. There should be more administrative options related to security for admin users. For example, for forensic purposes, the admin should be able to stop a specific user from erasing some information. I would be helpful in certain situations, such as during an internal fraud."
"It takes too long to generate Spotter reports. For example, a 90-day report is around 100 megabytes. That takes a while, but a one-day report can be generated in a few seconds. We would be happy if they sped up the process."
"There is room for improvement in the product's integration with ServiceNow and in the reporting features."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 36th in Endpoint Detection and Response (EDR) with 19 reviews while Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while Securonix Next-Gen SIEM is rated 8.6. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Darktrace, Cortex XDR by Palo Alto Networks and Splunk Enterprise Security, whereas Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, LogRhythm SIEM and Sumo Logic Security.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.