IT Central Station is now PeerSpot: Here's why
Buyer's Guide
Anti-Malware Tools
May 2022
Get our free report covering CrowdStrike, Trend Micro, Palo Alto Networks, and other competitors of Bitdefender Hypervisor Introspection. Updated: May 2022.
607,127 professionals have used our research since 2012.

Read reviews of Bitdefender Hypervisor Introspection alternatives and competitors

Johnson Bresnick - PeerSpot reviewer
Director of Learning and Development at ACA - Ateliers de conversation anglaise
Real User
Top 20
It has helped us become more knowledgeable about our environment and aware of threats
Pros and Cons
  • "Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
  • "The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."

What is our primary use case?

It detects and flags malware and other attacks. We also have MDR services completely managed by Cybereason. They look into any threats, give recommendations, and analyze what's happening in our system.

How has it helped my organization?

The program has taught us a lot, so our team has become more knowledgeable about what's happening in our environment and what is or isn't a threat with the solutions and the services provided to us. There's also an excellent learning process with the EDR wherein they encourage the users to learn what's happening to, I think, be more confident when mitigating any threats or any problems in the environment. Before we had the solution, we were largely unaware of what was happening. Now we are more confident and better grasp what's happening in our environment.

Cybereason EDR helps us isolate and mitigate on the fly, which is essential because we're a small team, and we don't always have a spare IT person waiting to work. We need our team to be proactive in those situations.

Cybereason's operation-centric approach has helped us move beyond chasing multiple alerts and visualize the entire timeline of malicious operations. We can see when they started when they were detected, and if there's any lateral movement. It uses behavior indicators to detect attacks which is an innovative approach. I believe the indicators help remediate attacks quickly, but then again, we have the complete monitoring solution, so they're the ones doing the remediation and sending us recommendations.

It has cut down on the time we spend hunting and responding to threats, which has increased our efficiency because we spend less time thinking about it or managing the system. Cybereason is helpful to us as a small team because we don't necessarily need a dedicated person to analyze threats. Cybereason's monitoring service takes care of that. If there's a threat, we don't need to investigate to see if it's a false positive,

What is most valuable?

Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment.

I would give the dashboards a perfect 10 out of ten for ease of use. The interface is intuitive, with excellent menus. You can view the data in different ways and customize it fairly easily. There is always a learning curve with any IT solution, but this one is pretty user-friendly, and you can learn it quickly.

Cybereason gives us real-time visibility of an entire malicious operation from the root cause to all affected endpoints. It's an excellent way to visualize the timeline, see what's involved, find out what's happening, and learn what kind of connections or processes are running. I think that's if I'm ever shopping for another solution, that would be a must-have.

What needs improvement?

The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor.

For how long have I used the solution?

I've been using Cybereason EDR since June, so about half a year.

What do I think about the stability of the solution?

Cybereason is stable. We haven't had any hiccups or outages so far. 

What do I think about the scalability of the solution?

I think Cybereason is highly scalable. If we added doubled, tripled, or quadrupled our team size, we could easily continue operations as normal with this solution. It's currently on all the endpoints, but we might increase our usage if we get more language training clients.

How are customer service and support?

Cybereason support has been great. 

Which solution did I use previously and why did I switch?

We used BitDefender previously, but we decided to switch to Cybereason because it offers some new technology like AI. The company is growing and it looks promising. 

How was the initial setup?

Setting up Cybereason was straightforward. However, if you don't have an IT team that can program the exceptions you need or run the automatic installation,  it might take some time to figure out how it all works. Cybereason offered us some support during deployment. They have a forum, and if we had any questions, Cybereas support could offer customized solutions or guide us through the process. 

The deployment didn't take too long because we didn't have many endpoints. It was maybe a couple of days. We can automatically deploy the sensors on our new machines, so it's quick and easy to expand. The policies are set automatically when we onboard employees and the sensors run pretty smoothly.

What's my experience with pricing, setup cost, and licensing?

Cybereason is affordable.

Which other solutions did I evaluate?

We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money.

What other advice do I have?

I rate Cybereason EDR 10 out of 10. I recommend it because it's much better than anything else out there. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
Fathi Ben Nasr - PeerSpot reviewer
Chief information security officer at a transportation company with 5,001-10,000 employees
Real User
Top 20
Endpoint security platform with excellent technical support, but its packaging, installation, and console need improvement
Pros and Cons
  • "Endpoint security platform that provides protection for Active Directory environments, file servers, etc., and offers excellent technical support."
  • "Installation and packaging for Symantec Endpoint Security Complete should be improved. Its console is also confusing, so that's another area for improvement."

What is our primary use case?

Symantec Endpoint Security Complete protects the Active Directory environment and file servers of the organization.

What needs improvement?

The installation process for Symantec Endpoint Security Complete could be improved as it's not straightforward, in particular, the remote installation could be better. Installing this product is confusing.

Another area for improvement is the packaging of Symantec Endpoint Security Complete. It could be simplified, e.g. instead of making a lot of confusing packages, they could make a single package like what's done in Bitdefender.  You have to enable and disable the modules of the package, not different packages, as it's confusing.

The console of Symantec Endpoint Security Complete should also be improved, as it is confusing.

For how long have I used the solution?

We've been dealing with Symantec Endpoint Security Complete for two months now.

How are customer service and support?

The technical support for Symantec Endpoint Security Complete is excellent.

How was the initial setup?

Installing Symantec Endpoint Security Complete is not as straightforward as the Bitdefender installation. I find the installation of this product really cumbersome.

I'm still not done with the installation of Symantec Endpoint Security Complete, e.g. I wasn't able to install it on just 20 endpoints. I'm not able to complete all the installation, because the remote installation doesn't work as expected.

What's my experience with pricing, setup cost, and licensing?

We purchased a three-year license for Symantec Endpoint Security Complete. In the past, we used to pay for product licenses yearly, but now I recommend buying the three-year license.

Which other solutions did I evaluate?

I was able to evaluate Bitdefender.

What other advice do I have?

We are using Symantec Endpoint Security Complete on just one endpoint, particularly the Active Directory M57. We have migrated from Symantec on-premises to Symantec on cloud. For the workstation, we are using Symantec Endpoint Security, e.g. the standard edition, not Symantec Endpoint Security Complete.

I can't tell you more about the product because really I don't have much experience with the newest version of Symantec Endpoint Security Complete, e.g. version 14.3. My experience with the product is not the same as my experience with Bitdefender, in particular, I have more experience with Bitdefender as I've been dealing with it for years.

I'm unable to rate the stability of this product, because two months of usage isn't enough to give valuable judgment.

We have 20 users of Symantec Endpoint Security Complete. We may be increasing the endpoints, e.g. we have one endpoint currently, and it could be increased to three. It won't be a big increase, because this is a small organization, and not a big company.

I won't be recommending this product to other people who may want to start using it, because I can only recommend Bitdefender as I have years of experience with it, and only two months experience with Symantec Endpoint Security Complete.

I only have a few months of experience with Symantec Endpoint Security Complete, and in the past, I would have rated it three out ten. Now, I'm giving it a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Network Engineer at a tech vendor with 1-10 employees
Real User
Excellent at detecting viruses, very stable and easy to use
Pros and Cons
  • "It's excellent at detecting viruses."
  • "The initial setup is complex."

What is our primary use case?

We primarily use the solution for securing our endpoints.

What is most valuable?

The solution always has the most up-to-date software.

The solution runs well.

It's excellent at detecting viruses.

The solution is very stable.

Our organization can easily scale the solution.

The solution is very compatible with Windows devices.

The solution is very basic and easy to use.

What needs improvement?

The solution seems incapable of stopping the proxy connection. The proxy server seems to be bypassing the antivirus. It's an aspect they need to improve.

The initial setup is complex.

While it's compatible with Windows, it may not work as well with other operating systems.

Reporting is not that good for Kaspersky. I want more detailed reporting, I want the details reported in the reporting section, and everything is in one report. That is not possible now on Kaspersky. The reporting consists of the computer name or the IP only. I want complete detailed reporting capabilities in the next update.

For how long have I used the solution?

We're only been working with the solution for about a year or so.

What do I think about the stability of the solution?

The solution is stable. I haven't had issues with it and found it to be reliable. It doesn't crash or freeze. There aren't bugs or glitches.

What do I think about the scalability of the solution?

The solution is easily scalable. If a company needs to expand the solution, they can do so easily.

How are customer service and technical support?

The technical support is okay, however, they need to have more expertise on the solution. Sometimes you will get a member of their support staff and they don't seem as knowledgeable as they should be.

Which solution did I use previously and why did I switch?

We work mostly with Kaspersky, as well as Trend Micro and Bitdefender.

How was the initial setup?

I wouldn't say that the solution has a straightforward implementation. It's a bit complex. It needs access to the Kaspersky server on-premises. It isn't an easy process.

You only need one day to deploy the server.

You only need one or two people to manage the deployment.

What about the implementation team?

I handled the implementation myself.

What other advice do I have?

We're a Kaspersky partner.

We have clients of different sizes and the solution works well for all of them. It's perfect for any sized company.

It's a very good product. Everything is in a very professional environment. It's largely easy to set up. However, we've noticed that the RAM utilization is very high when Kaspersky is running on a computer. This might distract users that don't have too much memory on their machines.

On a scale of one to ten, I'd rate it at eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Engineer at a educational organization with 5,001-10,000 employees
Real User
Pre-installed, free, and easy to use, but the free version doesn't provide centralized management, EDR, and behavioral analysis
Pros and Cons
  • "It is easy to use because it is already pre-installed in Windows 10. We don't have to do anything to configure it. You can also configure the firewall by using a group policy so that it can be easily adopted in an environment."
  • "Microsoft Defender in the basic form is not very useful for managing the security environment. The free version is not capable of covering the needs of centralized management, EDR, and behavioral analysis. If you don't have the commercial version, you can't have centralized management and set up the policies and other things. Each client is a standalone installation, which is not useful for security in an enterprise model."

What is our primary use case?

We were using the basic endpoint from Sophos without Intercept X and the EDR model, and currently, we are in the selection process of a new platform that has EDR embedded. We are using Microsoft Defender Antivirus for the time being till we get the new platform.

What is most valuable?

It is easy to use because it is already pre-installed in Windows 10. We don't have to do anything to configure it. You can also configure the firewall by using a group policy so that it can be easily adopted in an environment.

What needs improvement?

Microsoft Defender in the basic form is not very useful for managing the security environment. The free version is not capable of covering the needs of centralized management, EDR, and behavioral analysis. If you don't have the commercial version, you can't have centralized management and set up the policies and other things. Each client is a standalone installation, which is not useful for security in an enterprise model.

For how long have I used the solution?

I have been using this solution for six months.

What do I think about the scalability of the solution?

Currently, we have about 2,000 users.

How are customer service and technical support?

I didn't use support for this solution.

How was the initial setup?

It was already pre-installed in Windows 10.

What's my experience with pricing, setup cost, and licensing?

It is free. It is included in Windows 10.

Which other solutions did I evaluate?

We are using Microsoft Defender only for the time being. We will switch to another endpoint platform that can offer us more advanced features, centralized management, and EDR. We have not chosen the solution at the moment, but we might go for Bitdefender. It is one of the products that we have evaluated, and it can be suitable for our environment. It has some use cases that are really in the same line as our requirements.

What other advice do I have?

I would recommend this solution only for small home environments. It is not for enterprise environments unless you buy the commercial version.

I would rate Microsoft Defender Antivirus a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Anti-Malware Tools
May 2022
Get our free report covering CrowdStrike, Trend Micro, Palo Alto Networks, and other competitors of Bitdefender Hypervisor Introspection. Updated: May 2022.
607,127 professionals have used our research since 2012.