Cybereason Endpoint Detection & Response vs ServiceNow Security Operations comparison

The compared Cybereason and ServiceNow solutions aren't in the same category. Cybereason is ranked #34 in EDR , with an average rating of 7.3, and holds a 1.1% mindshare in the category. ServiceNow is ranked #1 in IRP , with an average rating of 8.1, and holds a 13.2% mindshare. Additionally, 85% of Cybereason users are willing to recommend the solution, compared to 95% of ServiceNow users who would recommend it.

Cybereason Endpoint Detecti...

Read 22 Cybereason Endpoint Detection & Response reviews

3,883 Views
2,563 Comparison Views

85% willing to recommend

ServiceNow Security Operations

Read 22 ServiceNow Security Operations reviews

2,198 Views
308 Comparison Views

95% willing to recommend

Cybereason Endpoint Detecti...

ServiceNow Security Operations

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cybereason Endpoint Detection & Response and ServiceNow Security Operations based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR).

To learn more, read our detailed Endpoint Detection and Response (EDR) Report (Updated: January 2025).

Buyer's Guide

Endpoint Detection and Response (EDR)

January 2025

Download the complete report

Helped 869,883 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cybereason Endpoint Detecti...

Average Rating

7.8

Reviews Sentiment

5.6

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (41st), Endpoint Detection and Response (EDR) (34th)

ServiceNow Security Operations

Average Rating

8.0

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

Security Incident Response (1st), Security Orchestration Automation and Response (SOAR) (6th), Risk-Based Vulnerability Management (9th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Cybereason Endpoint Detection & Response is designed for Endpoint Detection and Response (EDR) and holds a mindshare of 1.1%, down 1.1% compared to last year.
ServiceNow Security Operations, on the other hand, focuses on Security Incident Response, holds 13.2% mindshare, down 19.0% since last year.

Endpoint Detection and Response (EDR) Market Share Distribution
Product	Market Share (%)
Cybereason Endpoint Detection & Response	1.1%
CrowdStrike Falcon	10.3%
Microsoft Defender for Endpoint	9.8%
Other	78.8%

Endpoint Detection and Response (EDR)

Security Incident Response Market Share Distribution
Product	Market Share (%)
ServiceNow Security Operations	13.2%
Proofpoint Threat Response	14.5%
IBM Resilient	8.7%
Other	63.6%

Security Incident Response

Featured Reviews

Ivan Burke

Head of Research Development and Innovation at CSIR

Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments

I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.

Read full review

Abhinay Sharma

ServiceNow Developer at Bangmetric services pvt ltd

Experience seamless integration and effective incident response with a little room for improvement in setup time

Integration is crucial in ServiceNow Security Operations because everything must be integrated to obtain data. Without integration, the solution is not as beneficial as expected. In SecOps, real-time data is essential to avoid discrepancies between real-time events and ServiceNow data. Multiple tools integrate with ServiceNow Security Operations, with Qualys being one of them. ServiceNow Security Operations collects data from various sources and presents it in a single, respectable format for assessment and action. The main benefit is not having to access separate tools for different data. It provides a unified user experience where all work and fixes can be managed from one location.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The initial setup was straightforward."

"The solution is efficient."

"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."

"The initial setup process is straightforward."

"Immediately we can pick up the computers in the network if any malicious operation that is triggered."

"For me, the technical support is good."

"The dashboard is very good and you can consider it as an interactive UI."

"What I find most valuable is the clarity of the platform. It is very straightforward."

More Cybereason Endpoint Detection & Response pros

"I will recommend it to others as it is an enterprise application used by large companies for ticketing purposes."

"Multiple projects use the ServiceNow tool because it is a low-cost and open-source tool."

"The product has a very simple UI."

"My favorite feature is the application vulnerability scanner."

"The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product."

"ServiceNow Security Operations collects data from various sources and presents it in a single, respectable format for assessment and action, providing a unified user experience where all work and fixes can be managed from one location."

"Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence."

"Reduces time to closure and closure metrics for vulnerabilities."

More ServiceNow Security Operations pros

Cons

"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."

"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."

"The product's reporting isn't great."

"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."

"I would like to see improvements on the operational side, specifically in grouping."

"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."

"Cybereason does not have sandbox functionality."

"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."

More Cybereason Endpoint Detection & Response cons

"The solution needs to make customization easier. You cannot do much customization immediately. It requires an extensive workload. If the customization process was user-friendly, it would be much better."

"Process framework and best practices for ease of integration between IT and security teams via incident, problem, and change."

"Visibility and transitions between teams present significant challenges in the SecOps space, indicating that substantial training and hand-holding are required to improve usability, which is one observation I have had."

"The initial setup is difficult."

"An area for improvement I observed in ServiceNow Security Operations is the need to maintain correct CMDB data because if you're unable to do this, you can't perfectly maintain the vulnerability data. CMDB data in ServiceNow Security Operations needs to be accurate. As I've been working on ServiceNow Security Operations for only seven months, I still need more time to try all its modules before I can give recommendations regarding additional features I'd like to see in the solution."

"One area for improvement for the product is the need to tailor and alter some codes for customization, which can cause issues during upgrades. It does not support customized operations."

"The product is called SecOps, but it is not security operations in terms of SIEM solutions."

"Report generation within ServiceNow can take some time."

More ServiceNow Security Operations cons

Pricing and Cost Advice

"This product is somewhat expensive and should be cheaper."

"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."

"The pricing is manageable."

"I had to go through a third-party to purchase it, which I wasn't really pleased about."

"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."

"In terms of pricing, it's a good solution."

"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."

"I do not have experience with the licensing of the product."

More Cybereason Endpoint Detection & Response pricing and cost advice

"This product is a good value for the money."

"It is an expensive product."

"Compared to competitor tools, ServiceNow Security Operations is more affordable"

"If you're going to implement it on your own, there would be internal costs. If you're going to implement it through a contractor or consultant, you have to pay for that."

"The product is more expensive than other solutions."

"The solution is more expensive than BMC Remedy, the other ITSM tool available in the market."

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

869,883 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

12%

Manufacturing Company

Comms Service Provider

Financial Services Firm

19%

Manufacturing Company

13%

Computer Software Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	4
Large Enterprise	13

By reviewers
Company Size	Count
Small Business	6
Midsize Enterprise	2
Large Enterprise	15

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?

Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...

See all answers

What is your primary use case for Cybereason Endpoint Detection & Response?

My main use case for Cybereason Endpoint Detection & Response is mostly for incident response.

See all answers

What do you like most about Cybereason Endpoint Detection & Response?

The interface is user-friendly.

See all answers

What do you like most about ServiceNow Security Operations?

The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product.

See all answers

What is your experience regarding pricing and costs for ServiceNow Security Operations?

It is relatively expensive but manageable.

See all answers

What needs improvement with ServiceNow Security Operations?

ServiceNow Security Operations is not specifically a vulnerability management or incident tool, but rather a data aggregator. It would be beneficial if, similar to the Discovery module which assess...

See all answers

Comparisons

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response

Compared 14% of the time

SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response

Compared 12% of the time

Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response

Compared 8% of the time

ESET Inspect vs Cybereason Endpoint Detection & Response

Compared 8% of the time

Fortinet FortiEDR vs Cybereason Endpoint Detection & Response

Compared 6% of the time

More Cybereason Endpoint Detection & Response Competitors

Splunk SOAR vs ServiceNow Security Operations

Compared 22% of the time

Palo Alto Networks Cortex XSOAR vs ServiceNow Security Operations

Compared 19% of the time

Microsoft Sentinel vs ServiceNow Security Operations

Compared 12% of the time

Tines vs ServiceNow Security Operations

Compared 8% of the time

Swimlane vs ServiceNow Security Operations

Compared 5% of the time

More ServiceNow Security Operations Competitors

Product Reports

Buyer's Guide

Cybereason Endpoint Detection & Response

October 2025

Cybereason Endpoint Detection & Response report

Download Cybereason Endpoint Detection & Response product report

Buyer's Guide

ServiceNow Security Operations

September 2025

Download ServiceNow Security Operations product report

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond

No data available

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

ServiceNow Security Operations is a cutting-edge security solution designed to elevate organizations' security incident response (SIR) processes through automation and orchestration. Going beyond traditional SOAR, this comprehensive Security Operations Suite integrates seamlessly with other ServiceNow products and offers a wide array of features. Its components include Security Incident Response (SIR), which automates incident workflows and offers pre-built playbooks; Security Configuration Compliance (SCC), continuously scanning and automating compliance tasks; Vulnerability Response (VR), prioritizing and remediating vulnerabilities; Threat Intelligence (TI), aggregating threat data for proactive threat hunting; and additional features like IT Service Management integration, Machine Learning and AI, reporting, and a mobile app. The benefits span improved incident response speed, reduced mean time to resolution, increased security posture, enhanced compliance, collaborative synergy between security and IT teams, and operational cost reductions.

ServiceNow

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital

DXC Technology, Freedom Security Alliance, Prime Therapeutics, Seton Hall University, York Risk Services

Buyer's Guide

Endpoint Detection and Response (EDR)

January 2025

Download Free Report

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR). Updated: January 2025.

DOWNLOAD NOW

869,883 professionals have used our research since 2012.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.