Try our new research platform with insights from 80,000+ expert users

Cybereason Endpoint Detection & Response vs Microsoft Defender for Endpoint comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 13, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cybereason Endpoint Detecti...
Ranking in Endpoint Protection Platform (EPP)
35th
Ranking in Endpoint Detection and Response (EDR)
24th
Average Rating
8.0
Reviews Sentiment
7.9
Number of Reviews
21
Ranking in other categories
No ranking in other categories
Microsoft Defender for Endp...
Ranking in Endpoint Protection Platform (EPP)
1st
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
197
Ranking in other categories
Advanced Threat Protection (ATP) (4th), Anti-Malware Tools (1st), Microsoft Security Suite (4th)
 

Mindshare comparison

As of July 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cybereason Endpoint Detection & Response is 0.8%, down from 1.1% compared to the previous year. The mindshare of Microsoft Defender for Endpoint is 10.4%, down from 14.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

AtulChaurasia - PeerSpot reviewer
Scalable platform with intuitive features for detecting malicious files
The initial setup process is straightforward. We have to install the agent, create a package, and deploy it on servers. It has a prebuilt console managed by the cloud team of Cybereason. We don't have to worry about the console and concentrate on endpoint implementation. It takes ten days to deploy it on 10,000 devices.
Sudhen Swami - PeerSpot reviewer
Easy to update with good protection and a useful cloud portal
We've mainly used it for endpoints. However, we've also used it for DLP as well. We're also in the process of implementing it for cloud and identity as well. However, it's very good for endpoints, and that's our main focus. The malware protection is good. The visibility it provides is very useful. We can combine visibility with wider security features and alerts around malware, misconfiguration, or any other kinds of threats. The cloud portal is quite good. From there, we are able to see alerts and have colleagues review issues and monitor to see if any patterns arise. It's serving us quite well overall. It allows us to look at other items, like application and browser control. It helps us prioritize threats. We have a process in place now where we can review issues and remediate them effectively. We have been able to integrate a variety of Microsoft security products together. We use Azure AD, for example, and we've begun to implement DLP, among other items. We're looking at labeling and tagging and will expand into that soon. Defender has more stringent system requirements than, for example, Check Point. So when we implemented the Check Point Endpoint agent, that solution didn't mind what version of Windows you were using. When we moved to Defender, Defender had certain system prerequisites that had to be met. So we had to make sure that we're on a minimum version of Windows when we're utilizing Office, and Office has to be a particular version as well. It has more stringent system requirements that have to be met before you can implement it. It works natively together with other Microsoft solutions. Once you get more and more of those different components across the environment, then you start to get better visibility. So, rather than having lots of different solutions, you have fewer solutions and a single vendor solution. That way, you start getting into a position where you get better visibility and integration as well. The standardization is good. It's important. It's helping me with monitoring and learning. Updates and upgrades are quite smooth and seamless. Defender helps us automate routine tasks. Quite a lot of Microsoft is straightforward for us now. Previously, we didn't have enough resources and were unable to look at the alerts. Having this in place makes things a lot more straightforward for us. We have both the technology and the people in place now, alongside the process. We do see the benefits in that, and that's why we're continuing our adoption across the estate in terms of client and server as well. It's helping us avoid looking at multiple dashboards and centralized monitoring. We're not fully there yet. We're getting there. While we haven't witnessed time saving yet, once it's fully deployed, it will. By then, we'll have standardized processes across a single solution. We have saved money, however, as we continue to reduce non-Mircosft systems. Since we won't be using various competing technologies, we can save on licensing costs. We've likely so far saved 15%. While it's hard to estimate exactly how much, the solution has helped us decrease time to detection and time to respond.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The interface is user-friendly."
"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"What I find most valuable is the clarity of the platform. It is very straightforward."
"The dashboard is very good and you can consider it as an interactive UI."
"It gives all the information in a clear response."
"What I find most valuable is the clarity of the platform."
"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"The biggest benefit to Windows Defender is that it is built-in to the operating system by Microsoft."
"The detection features are valuable, as is the fact that it is easier to port these logs into Sentinel. That is also useful for us. It is more comprehensive."
"Microsoft Defender for Endpoint's most valuable feature is its ease of use."
"I like the simplicity of the portal and the integration with Microsoft Intune. Microsoft Defender for Endpoint is easy to use and implement."
"This software is easy to use."
"The endpoint detection of threats is valuable. The initial detection of things like ransomware and viruses and being able to shut down machines immediately and stop a threat is valuable. We can stop a threat at a source versus allow it to propagate it across the network."
"This is not an inventory solution, but it helps you take count of how many workstations you have, as well as what software is installed on each of them."
"We can run the virus scan across our entire environment."
 

Cons

"It initially took some time to deploy."
"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"I would like to see improvements on the operational side, specifically in grouping."
"There is room for improvement in the product features related to device control, particularly USB management."
"I feel it is a shame that I cannot create groups of groups with inheritance."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"I feel that the product lacks reporting features and needs improvement."
"They need to improve their technical support services."
"I miss having an executive dashboard or a simple view for viewing things. Everything is extensive in this solution. Everything is configurable and manageable, but the environment of Microsoft 365 has about 13 administrative dashboards, and in each of the dashboards, there are a gazillion things to set up. It is good for a large enterprise, but for a 200-seat client, you need to see 5% of that."
"They can improve it on the online protection front since people nowadays are moving online and working from home."
"Integrating this with third-party systems has some complexity involved."
"There are likely some technical improvements or features that could be added, however, I cannot say, off the top of my head, what they would be."
"The solution could be more friendly for end-users, with different type of scans or scheduled scans for it."
"If there were more template queries in the library, that would make it much easier. They could have basic things, like, "Where's the IP for this user?" or, "What file was downloaded from this user?" If there were more of those basic queries that would help."
"Microsoft Defender for Endpoint should have more transparency. In the latest edition of Windows, Windows 11, it is a compulsory requirement to connect to a Microsoft account, which in turn has implications for Defender. This should be removed."
"Microsoft Defender for Endpoint can have more options and more AI capabilities in the future, because everything keeps changing."
 

Pricing and Cost Advice

"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"In terms of cost, this is a good choice for our needs."
"This product is somewhat expensive and should be cheaper."
"In terms of pricing, it's a good solution."
"The pricing is manageable."
"I do not have experience with the licensing of the product."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
"It is affordable and comes in the Office 365 bundle."
"This is an expensive product and licensing for all Microsoft products is a big issue."
"The solutions price could be cheaper."
"When customers haven't deployed the solution and don't have licenses, it can be expensive to start from scratch."
"We pay a yearly license for Microsoft Defender. We also have a support contract with them."
"I don't know the standalone costs. It is my understanding that the M365 E5 is $56 a month or something close to that pricing. That would be for the full suite. Just Defender might be $8 a month. I can't say for sure."
"The solution is free with Windows."
"The price of Microsoft Defender for Endpoint is reasonable. Other solutions are more expensive, such as ClowdStrike."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
861,170 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
11%
Manufacturing Company
8%
Comms Service Provider
6%
Computer Software Company
13%
Educational Organization
11%
Financial Services Firm
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?
Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...
What is your primary use case for Cybereason Endpoint Detection & Response?
We use it to improve detection in the whole industrial sector. We are a big energy company. Across multiple endpoints, we deploy the EDR to secure all, improve detection, and also attempt to automa...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Petrofrac, Metro CSG, Christus Health
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. Microsoft Defender for Endpoint and other solutions. Updated: May 2025.
861,170 professionals have used our research since 2012.