Cybereason Endpoint Detection & Response vs Morphisec comparison

Cybereason and Morphisec are both solutions in the Endpoint Protection Platform (EPP) category. Cybereason is ranked #41 with an average rating of 7.3, while Morphisec is ranked #54. Cybereason holds a 0.8% mindshare in EPP, compared to Morphisec’s 0.5% mindshare. Additionally, 85% of Cybereason users are willing to recommend the solution, compared to 100% of Morphisec users who would recommend it.

Cybereason Endpoint Detecti...

Read 22 Cybereason Endpoint Detection & Response reviews

3,883 Views
2,446 Comparison Views

85% willing to recommend

Morphisec

Read 21 Morphisec reviews

1,975 Views
1,067 Comparison Views

100% willing to recommend

Cybereason Endpoint Detecti...

Morphisec

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Cybereason Endpoint Detection & Response and Morphisec compete in the cybersecurity category. Cybereason is viewed favorably for its threat detection and customer support, while Morphisec's strength lies in its preventive approach.

Features:Cybereason offers advanced threat detection capabilities and real-time insights. Morphisec provides proactive prevention of zero-day attacks using its unique Moving Target Defense technology. Cybereason delivers in-depth analytics, and Morphisec focuses on pre-emptive protection.

Room for Improvement:Cybereason users express a need for more streamlined automation, better scalability, and enhanced integration with other tools. Morphisec faces challenges in integration with other platforms and enhanced reporting capabilities, as well as a more user-friendly setup process.

Ease of Deployment and Customer Service:Cybereason offers a straightforward deployment process and responsive customer service. Morphisec is considered more challenging to deploy but is supported by a dedicated team.

Pricing and ROI:Cybereason's setup cost is competitive, providing good ROI through effective threat detection and remediation. Morphisec's costs may be higher, but users find the ROI justified by its preventive cybersecurity approach. Cybereason offers better upfront affordability and ROI in threat management, while Morphisec's higher cost is balanced by its preventive benefits.

To learn more, read our detailed Cybereason Endpoint Detection & Response vs. Morphisec Report (Updated: September 2025).

Buyer's Guide

Cybereason Endpoint Detection & Response vs. Morphisec

September 2025

Download the complete report

Helped 869,566 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cybereason Endpoint Detecti...

Ranking in Endpoint Protection Platform (EPP)

41st

Ranking in Endpoint Detection and Response (EDR)

34th

Average Rating

7.8

Reviews Sentiment

5.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Morphisec

Ranking in Endpoint Protection Platform (EPP)

54th

Ranking in Endpoint Detection and Response (EDR)

61st

Average Rating

9.2

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Vulnerability Management (64th), Advanced Threat Protection (ATP) (34th), Cloud Workload Protection Platforms (CWPP) (31st), Threat Deception Platforms (15th)

Mindshare comparison

As of October 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cybereason Endpoint Detection & Response is 0.8%, down from 1.1% compared to the previous year. The mindshare of Morphisec is 0.5%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP) Market Share Distribution
Product	Market Share (%)
Cybereason Endpoint Detection & Response	0.8%
Morphisec	0.5%
Other	98.7%

Endpoint Protection Platform (EPP)

Featured Reviews

Ivan Burke

Head of Research Development and Innovation at CSIR

Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments

I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.

Read full review

Rick Schibler

VP of Information Technology at Kentucky Trailer

Offers in-memory protection at a lower price than competitors

Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"What I find most valuable is the clarity of the platform."

"The initial setup is not overly complicated."

"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."

"What I find most valuable is the clarity of the platform. It is very straightforward."

"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."

"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."

"For me, the technical support is good."

"The initial setup process is straightforward."

More Cybereason Endpoint Detection & Response pros

"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."

"Morphisec has absolutely helped save money on our security stack. The ransomware at the end of the day can cost organizations millions upon millions of dollars. Investing in tools like Morphisec is a great reduction in that cost. If I can spend $10,000 in a year to protect assets that could be ransomed for $20,000,000, that's definitely a bet that one should pursue. Morphisec absolutely it's worth the investment."

"Morphisec also provides full visibility into security events for Microsoft Defender and Morphisec in one dashboard... in the single pane of glass provided by Morphisec, it's all right there at your fingertips: easy to access and easy to understand. And if you choose to go down further to know everything from the process to the hash behind it, you can."

"It also provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. We've always had that capability with Morphisec. The more recent version appears to do that even a little bit more natively and it's given us visibility that we didn't have otherwise."

"Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure."

"The simplicity of the solution, how easy it is to deploy and how small it is when deployed as an agent on a device, is probably the biggest aspect, given what it can do."

"Morphisec stops attacks without needing to know what type of threat it is, just that it is foreign. It is based on injections, so it would know when a software launches. If a software launches and something else also launches, then it would count that as anomalous and block it. Because the software looks at the code, and if it executes something else that is not related, then Morphisec would block it. That is how it works."

"Since using Morphisec we have seen a downturn in attacks because Morphisec protects us versus Defenders and whatnot that are signature-based. I know we have not had any issues with ransomware or other zero-day attacks that we've seen with machines that, all of a sudden, have become before we instituted the product. Now the machine had to be re-imaged and there was a loss of data because something was on the machine. You couldn't really determine what was on the machine because nothing was picking it up. The products we were using weren't picking it up."

More Morphisec pros

Cons

"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."

"It should be more stable, and the sensor needs improvement in terms of connectivity."

"I feel it is a shame that I cannot create groups of groups with inheritance."

"We are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment."

"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."

"They need to improve their technical support services."

"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."

"There is room for improvement in the product features related to device control, particularly USB management."

More Cybereason Endpoint Detection & Response cons

"Right now, it's just their auto-update feature. I know they are currently working on that. When they release a new version of the threat prevention platform, I do have to update that, rolling out to every computer. They have said, "From version 5, you would be able to do an auto-update." While this is very minor, that is the only thing that I would say needs to be upgraded. It would just make life a lot easier for other IT teams. However, I have simplified the process, so all I need to do is just download one file."

"Those are some of the features that I was looking for on my on-prem platform that they've already instituted in the cloud and that I'm sure will be instituting on their on-prem platform as well. Having to have an on-prem server required a lot of administration. Being able to push that to the cloud and have it managed up there for us is a real nice addition."

"Automating reports needs improvement. I would like to have better reporting capabilities within it or automated reporting to be a little bit more dynamic. That's something I know they're working on. We literally are in the process. We started the process a week and a half ago of going to their latest version, so I've not seen their latest one up and running yet."

"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity."

"We have only had four attacks in the last year, "attacks" being some benign PDF from a vendor that, for some reason, were triggered. There were no actual attacks. They were just four false positives, or something lowly like adware. There have been false positives with both the on-premises solution and the cloud solution."

"The only area that really needs improvement is the reporting functionality. Gathering the detailed information that is in the system for an executive, or for me as a director, could be better. Some of the interface and reporting aspects are a little bit dated. They're working on it."

"It would be useful for them if they had some kind of network discovery. That kind of functionality I think would give IT administrators a little bit more confidence that they have 100 percent coverage, and it gives them something to audit against. Network discovery would be one area I would definitely suggest that they put some effort into."

"In the Windows Defender integration, they have put in a report of computers that need Windows Defender updates. If those updates could be kicked off directly from the dashboard, instead of having to go to another system entirely, that would be good."

More Morphisec cons

Pricing and Cost Advice

"In terms of cost, this is a good choice for our needs."

"I do not have experience with the licensing of the product."

"This product is somewhat expensive and should be cheaper."

"In terms of pricing, it's a good solution."

"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."

"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."

"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."

"I had to go through a third-party to purchase it, which I wasn't really pleased about."

More Cybereason Endpoint Detection & Response pricing and cost advice

"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."

"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."

"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."

"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."

"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."

"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."

"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."

"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."

More Morphisec pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

869,566 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

12%

Manufacturing Company

Comms Service Provider

Outsourcing Company

16%

Manufacturing Company

12%

Computer Software Company

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	4
Large Enterprise	13

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	8
Large Enterprise	8

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?

Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...

See all answers

What is your primary use case for Cybereason Endpoint Detection & Response?

My main use case for Cybereason Endpoint Detection & Response is mostly for incident response.

See all answers

What do you like most about Cybereason Endpoint Detection & Response?

The interface is user-friendly.

See all answers

Ask a question

Earn 20 points

Comparisons

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response

Compared 15% of the time

SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response

Compared 12% of the time

Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response

Compared 9% of the time

ESET Inspect vs Cybereason Endpoint Detection & Response

Compared 9% of the time

Fortinet FortiEDR vs Cybereason Endpoint Detection & Response

Compared 7% of the time

More Cybereason Endpoint Detection & Response Competitors

CrowdStrike Falcon vs Morphisec

Compared 22% of the time

Halcyon vs Morphisec

Compared 19% of the time

SentinelOne Singularity Complete vs Morphisec

Compared 11% of the time

Hyver vs Morphisec

Compared 11% of the time

Deep Instinct Prevention Platform vs Morphisec

Compared 11% of the time

More Morphisec Competitors

Product Reports

Buyer's Guide

Cybereason Endpoint Detection & Response

October 2025

Cybereason Endpoint Detection & Response report

Download Cybereason Endpoint Detection & Response product report

Buyer's Guide

Morphisec

September 2025

Download Morphisec product report

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond

Morphisec, Morphisec Moving Target Defense

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

Morphisec integrates seamlessly with platforms like Microsoft Defender, offering signatureless protection against zero-day threats and ransomware. It enhances existing endpoint solutions with minimal maintenance through its set-and-forget deployment, providing heightened security and reduced false positives.

Morphisec strengthens defense strategies by merging memory morphing and signatureless protection to effectively block zero-day attacks and ransomware. It operates efficiently within existing infrastructure, reducing system impact and maintenance needs. Users find its full visibility dashboard invaluable. Despite its strengths, cloud deployment and reporting features can be improved. Stability, alerts, and integration with other systems pose challenges for users, impacting usability and support quality.

What are Morphisec's key features?

Seamless Integration: Works with Microsoft Defender for comprehensive dashboard visibility
Memory Morphing: Hides processes to reduce attack surfaces
Signatureless Protection: Prevents threats without impacting performance
Automatic Threat Blocking: Uses inbuilt intelligence to detect risks
Set-and-Forget Deployment: Simplifies management and reduces maintenance

What benefits should users consider in reviews?

Quick Deployment: Fast setup without disrupting operations
Enhanced Protection: Provides an additional defense layer against advanced threats
Cost-Effectiveness: Works with existing licenses, minimizing extra investments
Improved Compatibility: Integrates smoothly with current antivirus systems
Minimal System Impact: Operates efficiently without overloading resources

In security-focused industries, Morphisec is crucial for protecting workstations and servers against sophisticated attacks like ransomware. Its signatureless technology offers early threat detection, while compatibility with existing systems ensures seamless integration, providing advanced protection without additional licensing costs.

Morphisec

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital

Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center

Buyer's Guide

Cybereason Endpoint Detection & Response vs. Morphisec

September 2025

Free Report: Cybereason Endpoint Detection & Response vs. Morphisec

Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. Morphisec and other solutions. Updated: September 2025.

DOWNLOAD NOW

869,566 professionals have used our research since 2012.

See our Cybereason Endpoint Detection & Response vs. Morphisec report.

See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.