Cybereason Endpoint Detection & Response vs ServiceNow Security Operations comparison

The compared Cybereason and ServiceNow solutions aren't in the same category. Cybereason is ranked #33 in EDR , with an average rating of 7.3, and holds a 1.1% mindshare in the category. ServiceNow is ranked #1 in IRP , with an average rating of 8.1, and holds a 14.4% mindshare. Additionally, 85% of Cybereason users are willing to recommend the solution, compared to 95% of ServiceNow users who would recommend it.

Cybereason Endpoint Detecti...

Read 22 Cybereason Endpoint Detection & Response reviews

4,077 Views
2,446 Comparison Views

85% willing to recommend

ServiceNow Security Operations

Read 22 ServiceNow Security Operations reviews

2,278 Views
319 Comparison Views

95% willing to recommend

Cybereason Endpoint Detecti...

ServiceNow Security Operations

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cybereason Endpoint Detection & Response and ServiceNow Security Operations based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR).

To learn more, read our detailed Endpoint Detection and Response (EDR) Report (Updated: January 2025).

Buyer's Guide

Endpoint Detection and Response (EDR)

January 2025

Download the complete report

Helped 867,370 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cybereason Endpoint Detecti...

Average Rating

7.8

Reviews Sentiment

5.6

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (41st), Endpoint Detection and Response (EDR) (33rd)

ServiceNow Security Operations

Average Rating

8.0

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

Security Incident Response (1st), Security Orchestration Automation and Response (SOAR) (6th), Risk-Based Vulnerability Management (10th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Cybereason Endpoint Detection & Response is designed for Endpoint Detection and Response (EDR) and holds a mindshare of 1.1%, up 1.0% compared to last year.
ServiceNow Security Operations, on the other hand, focuses on Security Incident Response, holds 14.4% mindshare, down 16.7% since last year.

Endpoint Detection and Response (EDR) Market Share Distribution
Product	Market Share (%)
Cybereason Endpoint Detection & Response	1.1%
CrowdStrike Falcon	11.4%
Microsoft Defender for Endpoint	10.1%
Other	77.4%

Endpoint Detection and Response (EDR)

Security Incident Response Market Share Distribution
Product	Market Share (%)
ServiceNow Security Operations	14.4%
Proofpoint Threat Response	15.4%
IBM Resilient	8.8%
Other	61.4%

Security Incident Response

Featured Reviews

Ivan Burke

Head of Research Development and Innovation at CSIR

Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments

I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.

Read full review

George Devasia

DevOps Team Lead at Tata Consultancy

Communication and organization improve support teams and works well with enterprises

I use ServiceNow for ticketing purposes. Specifically, I raise tickets between the support team. This is used by internal teams within the company for managing support-related tasks ServiceNow is a convenient platform to raise tickets, and the respective support team will contact us to resolve…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"What I find most valuable is the clarity of the platform. It is very straightforward."

"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."

"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."

"It gives all the information in a clear response."

"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."

"The initial setup is not overly complicated."

"The solution is efficient."

"The interface is user-friendly."

More Cybereason Endpoint Detection & Response pros

"It's stable."

"The SOAR module of ServiceNow Security Operations is the most valuable feature"

"ServiceNow Security Operations provides significant control over vulnerabilities, allowing users to mark false alarms as false positives and ignore them, which is important because many vulnerabilities are not real but appear as such."

"Reduces time to closure and closure metrics for vulnerabilities."

"ServiceNow Security Operations collects data from various sources and presents it in a single, respectable format for assessment and action, providing a unified user experience where all work and fixes can be managed from one location."

"It gives you the ability to bring data into the system. The workflows are out of the box, and it gives you the ability to auto-assign the incidents based on criteria and vulnerabilities."

"The ease of use is great."

"I will recommend it to others as it is an enterprise application used by large companies for ticketing purposes."

More ServiceNow Security Operations pros

Cons

"I feel that the product lacks reporting features and needs improvement."

"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."

"The reporting feature needs improvement."

"There is room for improvement in the product features related to device control, particularly USB management."

"They need to improve their technical support services."

"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."

"The network coverage becomes an issue most of the time."

"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."

More Cybereason Endpoint Detection & Response cons

"The solution needs to make customization easier. You cannot do much customization immediately. It requires an extensive workload. If the customization process was user-friendly, it would be much better."

"We'd like customization to be easier in terms of the UI and using the dashboards."

"Report generation within ServiceNow can take some time."

"Visibility and transitions between teams present significant challenges in the SecOps space, indicating that substantial training and hand-holding are required to improve usability, which is one observation I have had."

"In future releases, I would like to add a follow-up and reminder feature. For the tickets in our queue, we could set reminders. This would help us prioritize older tickets before moving on to new ones."

"The threat intelligence module needs a better dashboard."

"The initial setup is difficult."

"There are limitations for the third-parties that are providing the inputs. They should increase the robustness of the solution."

More ServiceNow Security Operations cons

Pricing and Cost Advice

"In terms of cost, this is a good choice for our needs."

"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."

"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."

"In terms of pricing, it's a good solution."

"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."

"The pricing is manageable."

"I do not have experience with the licensing of the product."

"I had to go through a third-party to purchase it, which I wasn't really pleased about."

More Cybereason Endpoint Detection & Response pricing and cost advice

"If you're going to implement it on your own, there would be internal costs. If you're going to implement it through a contractor or consultant, you have to pay for that."

"The product is more expensive than other solutions."

"It is an expensive product."

"This product is a good value for the money."

"Compared to competitor tools, ServiceNow Security Operations is more affordable"

"The solution is more expensive than BMC Remedy, the other ITSM tool available in the market."

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

867,370 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

12%

Manufacturing Company

Comms Service Provider

Financial Services Firm

20%

Manufacturing Company

12%

Computer Software Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	4
Large Enterprise	13

By reviewers
Company Size	Count
Small Business	6
Midsize Enterprise	2
Large Enterprise	15

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?

Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...

See all answers

What is your primary use case for Cybereason Endpoint Detection & Response?

My main use case for Cybereason Endpoint Detection & Response is mostly for incident response.

See all answers

What do you like most about Cybereason Endpoint Detection & Response?

The interface is user-friendly.

See all answers

What do you like most about ServiceNow Security Operations?

The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product.

See all answers

What is your experience regarding pricing and costs for ServiceNow Security Operations?

It is relatively expensive but manageable.

See all answers

What needs improvement with ServiceNow Security Operations?

ServiceNow Security Operations is not specifically a vulnerability management or incident tool, but rather a data aggregator. It would be beneficial if, similar to the Discovery module which assess...

See all answers

Comparisons

Darktrace vs Cybereason Endpoint Detection & Response

Compared 26% of the time

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response

Compared 10% of the time

SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response

Compared 10% of the time

ESET Inspect vs Cybereason Endpoint Detection & Response

Compared 7% of the time

Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response

Compared 7% of the time

More Cybereason Endpoint Detection & Response Competitors

Splunk SOAR vs ServiceNow Security Operations

Compared 22% of the time

Palo Alto Networks Cortex XSOAR vs ServiceNow Security Operations

Compared 20% of the time

Microsoft Sentinel vs ServiceNow Security Operations

Compared 12% of the time

Tines vs ServiceNow Security Operations

Compared 8% of the time

Unified Vulnerability Management vs ServiceNow Security Operations

Compared 5% of the time

More ServiceNow Security Operations Competitors

Product Reports

Buyer's Guide

Cybereason Endpoint Detection & Response

September 2025

Cybereason Endpoint Detection & Response report

Download Cybereason Endpoint Detection & Response product report

Buyer's Guide

ServiceNow Security Operations

August 2025

Download ServiceNow Security Operations product report

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond

No data available

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

ServiceNow Security Operations is a cutting-edge security solution designed to elevate organizations' security incident response (SIR) processes through automation and orchestration. Going beyond traditional SOAR, this comprehensive Security Operations Suite integrates seamlessly with other ServiceNow products and offers a wide array of features. Its components include Security Incident Response (SIR), which automates incident workflows and offers pre-built playbooks; Security Configuration Compliance (SCC), continuously scanning and automating compliance tasks; Vulnerability Response (VR), prioritizing and remediating vulnerabilities; Threat Intelligence (TI), aggregating threat data for proactive threat hunting; and additional features like IT Service Management integration, Machine Learning and AI, reporting, and a mobile app. The benefits span improved incident response speed, reduced mean time to resolution, increased security posture, enhanced compliance, collaborative synergy between security and IT teams, and operational cost reductions.

ServiceNow

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital

DXC Technology, Freedom Security Alliance, Prime Therapeutics, Seton Hall University, York Risk Services

Buyer's Guide

Endpoint Detection and Response (EDR)

January 2025

Download Free Report

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR). Updated: January 2025.

DOWNLOAD NOW

867,370 professionals have used our research since 2012.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.