Try our new research platform with insights from 80,000+ expert users

Cybereason Endpoint Detection & Response vs Microsoft Defender for Endpoint comparison

Cybereason and Microsoft are both solutions in the Endpoint Protection Platform (EPP) category. Cybereason is ranked #35 with an average rating of 8.2, while Microsoft is ranked #1 with an average rating of 8.3. Cybereason holds a 0.9% mindshare in EPP, compared to Microsoft’s 10.9% mindshare. Additionally, 89% of Cybereason users are willing to recommend the solution, compared to 94% of Microsoft users who would recommend it.
Cybereason Endpoint Detecti...
Read 21 Cybereason Endpoint Detection & Response reviews
  • 3,671 Views
  • 2,049 Comparison Views
89% willing to recommend
Microsoft Defender for Endp...
Read 194 Microsoft Defender for Endpoint reviews
  • 33,457 Views
  • 25,934 Comparison Views
94% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 13, 2024

Cybereason and Microsoft Defender are primary contenders in endpoint security. Cybereason stands out in pricing and customer support, but Microsoft Defender is more favored for its extensive features.

Features: Cybereason is known for threat hunting capabilities, intuitive dashboards, and effective malware detection. Microsoft Defender is appreciated for its seamless integration with other Microsoft products, extensive threat intelligence, and automatic remediation.

Room for Improvement: Cybereason could improve its reporting tools, reduce false positives, and enhance analysis speed. Microsoft Defender needs better cross-platform support, more intuitive setup procedures, and reduced system resource usage.

Ease of Deployment and Customer Service: Cybereason is noted for straightforward deployment and responsive support. Microsoft Defender’s deployment is complex due to extensive configuration needs but offers knowledgeable and helpful customer service.

Pricing and ROI: Cybereason is valued for competitive pricing and strong return on investment due to lower initial costs. Microsoft Defender, though more expensive, is worth the investment for its robust feature set and integration benefits.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cybereason Endpoint Detection & Response vs. Microsoft Defender for Endpoint Report (Updated: April 2025).
Buyer's Guide
Cybereason Endpoint Detection & Response vs. Microsoft Defender for Endpoint
April 2025
Download the complete report
Helped 849,686 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cybereason Endpoint Detecti...
Ranking in Endpoint Protection Platform (EPP)
35th
Ranking in Endpoint Detection and Response (EDR)
25th
Average Rating
8.0
Reviews Sentiment
7.9
Number of Reviews
21
Ranking in other categories
No ranking in other categories
Microsoft Defender for Endp...
Ranking in Endpoint Protection Platform (EPP)
1st
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
194
Ranking in other categories
Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Microsoft Security Suite (5th)
 

Mindshare comparison

As of April 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cybereason Endpoint Detection & Response is 0.9%, down from 1.2% compared to the previous year. The mindshare of Microsoft Defender for Endpoint is 10.9%, down from 14.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Chad Kliewer - PeerSpot reviewer
We can make more informed decisions on whether an action is malicious
The ease of use and dashboards are improving. We came in at a time when they were developing a new dashboard screen. Therefore, we have had some confusing times between the old and new dashboards. Knowing how the new one works, I have seen vast improvements with it. While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper. They are improving on this because I have seen some improvements in the user interface that helps with this. Part of it was moving two different screens into one, merging the two together. It is very good, but it is very technically detailed and would be harder for an entry-level person to decipher. However, improvements are being made. It leverages indicators of behavior to help us remediate faster against attacks. Sometimes, I wish there was more detail on why they consider it malicious.
Read full review
AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The initial setup was easy and straightforward."
"What I find most valuable is the clarity of the platform."
"The interface is user-friendly."
"The initial setup is not overly complicated."
"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"It gives all the information in a clear response."
"The initial setup was straightforward."
More Cybereason Endpoint Detection & Response pros
"Its real-time security is the most valuable."
"I am using it for very simple purposes. It is perfect and quite effective. I have been using it for a while, and I have never had any virus infection, data leak, or other security breaches. It works fine for standalone purposes. If you log on to OneDrive, it has ransomware protection."
"It is stable and easy to use. Everything is okay, and there are no performance issues."
"It comes included with the Windows license."
"The endpoint detection of threats is valuable. The initial detection of things like ransomware and viruses and being able to shut down machines immediately and stop a threat is valuable. We can stop a threat at a source versus allow it to propagate it across the network."
"There are some competitive products on the market, but the best is Microsoft Defender because it's very easy to integrate. That's one reason a lot of clients want Microsoft Defender. It's also very easy to implement compared to other solutions."
"Real-time detection and cloud-based delivery of detections are highly efficient."
"It's effective against most types of infection, and the firewall is perfect for protection."
More Microsoft Defender for Endpoint pros
 

Cons

"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
"The reporting feature needs improvement."
"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"The product's reporting isn't great."
"They need to improve their technical support services."
More Cybereason Endpoint Detection & Response cons
"We'd like the stability to be better."
"It is using a large space in your memory all the time. While an antivirus will use some of your memory, if they could reduce the load of the antivirus to some extent that would be good."
"It would be helpful if they offered video tutorial guides."
"In active mode, it's great that it gives you so much information, but it does record every keystroke so you have a lot of logs... that amount of data logging started to add up in the cost."
"The log searches for Microsoft Defender for Endpoint are pretty difficult to navigate. It needs a better UI or more intuitive search and filter mechanisms to make it easy to get through and filter through all the data logs."
"Additional security would be beneficial."
"It can be more secure."
"If the solution could be integrated more with Defender for Cloud, to be more unified, that would help. It is good now, but even more integration could be done with Defender for Cloud. We see two different portals. If Defender for Endpoint could be ported to the CSPM, Defender for Cloud, that would make things even easier for us."
More Microsoft Defender for Endpoint cons
 

Pricing and Cost Advice

"I do not have experience with the licensing of the product."
"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
"In terms of pricing, it's a good solution."
"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."
"In terms of cost, this is a good choice for our needs."
"The pricing is manageable."
"This product is somewhat expensive and should be cheaper."
More Cybereason Endpoint Detection & Response pricing and cost advice
"Microsoft has different plans for buying this product. The price depends on the configuration of the full set of products that you buy and on the licensing program in your contract."
"If we are acquiring everything in a single place, the front end becomes cost-effective."
"AV solutions are pretty expensive because they are necessary, not just for protection, but many businesses need them to comply with regulatory bodies and receive accreditation. We recently purchased an E5 license, which gives us access to the entire Microsoft suite. I would say the pricing is competitive; most tools of this kind are similarly priced. There are minor differences between the competitors, but they aren't spectacularly different. Defender for Endpoint makes sense because all our solutions are in the same place, paid for with a single license. The subscription price is around £50 per user per month, though it may have increased slightly."
"It's all pretty easy. For some clients, it's an easier sell because it's just an add-on to their existing Microsoft licensing and Office 365 licensing."
"You need a license to use this solution."
"The solution comes as a part of Windows 10 and it is covered under its license."
"The solution is free and comes with Windows."
"For me, the pricing is very good, but for management it's very expensive. Other solutions are less expensive. But when I present all the information and all the reports they say, "Well, it's expensive, but the cost-benefit is very good.""
More Microsoft Defender for Endpoint pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
849,686 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
11%
Manufacturing Company
8%
Government
6%
Educational Organization
25%
Computer Software Company
11%
Government
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?
Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...
See all answers
What is your primary use case for Cybereason Endpoint Detection & Response?
We use it to improve detection in the whole industrial sector. We are a big energy company. Across multiple endpoints, we deploy the EDR to secure all, improve detection, and also attempt to automa...
See all answers
What do you like most about Cybereason Endpoint Detection & Response?
The interface is user-friendly.
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
See all answers
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
See all answers
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
See all answers
 

Comparisons

Darktrace vs Cybereason Endpoint Detection & Response Logo
Darktrace vs Cybereason Endpoint Detection & Response
Compared 27% of the time
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response Logo
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response
Compared 17% of the time
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response Logo
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response
Compared 9% of the time
Kaspersky Endpoint Security for Business vs Cybereason Endpoint Detection & Response Logo
Kaspersky Endpoint Security for Business vs Cybereason Endpoint Detection & Response
Compared 5% of the time
Fortinet FortiEDR vs Cybereason Endpoint Detection & Response Logo
Fortinet FortiEDR vs Cybereason Endpoint Detection & Response
Compared 5% of the time
More Cybereason Endpoint Detection & Response Competitors
CrowdStrike Falcon vs Microsoft Defender for Endpoint Logo
CrowdStrike Falcon vs Microsoft Defender for Endpoint
Compared 8% of the time
Microsoft Intune vs Microsoft Defender for Endpoint Logo
Microsoft Intune vs Microsoft Defender for Endpoint
Compared 5% of the time
Symantec Endpoint Security vs Microsoft Defender for Endpoint Logo
Symantec Endpoint Security vs Microsoft Defender for Endpoint
Compared 5% of the time
F-Secure Total vs Microsoft Defender for Endpoint Logo
F-Secure Total vs Microsoft Defender for Endpoint
Compared 4% of the time
HP Wolf Security vs Microsoft Defender for Endpoint Logo
HP Wolf Security vs Microsoft Defender for Endpoint
Compared 4% of the time
More Microsoft Defender for Endpoint Competitors
 

Product Reports

Buyer's Guide
Cybereason Endpoint Detection & Response
April 2025
Cybereason Endpoint Detection & Response reportDownload Cybereason Endpoint Detection & Response product report
Buyer's Guide
Microsoft Defender for Endpoint
April 2025
Microsoft Defender for Endpoint reportDownload Microsoft Defender for Endpoint product report
 

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
 

Interactive Demo

Demo not available
Cybereason
Microsoft
 

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft
 

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Petrofrac, Metro CSG, Christus Health
Buyer's Guide
Cybereason Endpoint Detection & Response vs. Microsoft Defender for Endpoint
April 2025
Free Report: Cybereason Endpoint Detection & Response vs. Microsoft Defender for Endpoint
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. Microsoft Defender for Endpoint and other solutions. Updated: April 2025.
DOWNLOAD NOW
849,686 professionals have used our research since 2012.
See our Cybereason Endpoint Detection & Response vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.