No more typing reviews! Try our Samantha, our new voice AI agent.

Cybereason Endpoint Detection & Response vs N-able EDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Cybereason Endpoint Detecti...
Ranking in Endpoint Detection and Response (EDR)
29th
Average Rating
7.8
Reviews Sentiment
5.6
Number of Reviews
22
Ranking in other categories
Endpoint Protection Platform (EPP) (34th)
N-able EDR
Ranking in Endpoint Detection and Response (EDR)
50th
Average Rating
7.6
Reviews Sentiment
7.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Cybereason Endpoint Detection & Response is 1.2%, up from 0.9% compared to the previous year. The mindshare of N-able EDR is 0.7%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Cybereason Endpoint Detection & Response1.2%
N-able EDR0.7%
Other94.5%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Ivan Burke - PeerSpot reviewer
Head of Research Development and Innovation at CSIR
Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments
I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.
NM
Senior Operations Specialist at Tagit cc
Reporting effectiveness and advanced AI capabilities improve threat awareness while needing pricing simplification and licensing self-service
With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process. If they could bundle it as one solution and show the capabilities or features, they would be able to sell it more effectively, and as resellers, we could sell it to customers more easily. The technical support is responsive, but sometimes we experience limitations regarding the ability to add licensing. They could implement a self-service platform for assigning new licenses or ordering more. Currently, we depend on contacting someone who sends a new contract to sign through the process. They could change their licensing model, though I am not the right person to comment on functionality. On the reporting side, everything is covered.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The dashboard is customizable."
"It collects and caches and the knowledge of machine learning from different customers to take to the cloud, it makes it better to use for everybody, it allows for quick learning and updates and can, therefore, offer zero-day malware security, and this sharing of metadata helps make the solution very safe."
"The scalability of Cortex XDR by Palo Alto Networks is very good."
"But overall, when we speak about security and protection, they are one of the top providers."
"It detected stuff that other things wouldn't detect."
"Cortex XDR by Palo Alto Networks is specifically designed to prevent zero-day attacks and is part of an ecosystem of Palo Alto, providing customers with a long-term vision to modify and redesign how security is applied in their company."
"Automation and playbooks have helped me significantly, as Cortex Xnor's playbooks predefine the workflow of the automation, such as response processes, alert triggering, and enriching the context, efficiently detecting and blocking malicious attacks with firewalls while eliminating workload and speeding responses for next-generation operations."
"The most valuable features are incident creation, policy-based protection, IP whitelisting, and device encryption. These are beneficial for endpoint and server security."
"It has reduced the amount of time that we spend responding to threats by at least 50%."
"The initial setup was straightforward."
"What I find most valuable is the clarity of the platform. It is very straightforward."
"In terms of pricing, it's a good solution."
"If one supports the notion that layered security needs to focus on inside out risk instead of trying to securing the perimeter - a very compelling tool for where to focus your infosec/forensic brain power."
"We like that it is a hybrid; it’s flexible, you can really do whatever you need to do, the initial setup is not overly complicated, the solution can scale, and it is stable and reliable."
"Please go for it as this is an efficient product in the cyber security space."
"For me, the technical support is good."
"The most valuable features are the rollback feature, it's important for us. The AI models and are good."
"The most valuable feature, which I can describe as the '360 vision' of the inventory device, provides a complete view of all the devices."
"We have been using this solution for quite some time, and the AI functionality is quite advanced; we are able to provide insights on different aspects and read the reports easily."
"It provides visibility and a storyline to track the virus or malware's activities, showing infected processes and changes made."
 

Cons

"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
"Product might have some bugs."
"A little bit more automation would be nice."
"The encryption is not up to the mark."
"The technical support is not very good. I find the process difficult."
"The solution could improve by providing better integration with their own products and others."
"Cybereason does not have sandbox functionality."
"Technical support needs to improve."
"Its Microsoft PowerShell protections still need some compatibility improvements."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"We are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment."
"There is room for improvement in the product features related to device control, particularly USB management."
"I would like to see them add support for both Android and iOS smartphones."
"With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process."
"I would rate the scalability as seven out of ten. The capability is useful. Concerning the license, if I add one more device without a license, it will automatically subscribe to a license. I do not appreciate that."
"We have a lot of false positives we see in the dashboard. I think this is the only problem we are facing."
 

Pricing and Cost Advice

"It has reasonable pricing for the use cases it provides to the company."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"The price is on the higher side, but it's okay."
"The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"It's about $55 per license on a yearly basis."
"I don't have any issues with the pricing. We are satisfied with the price."
"The tool's price is moderate."
"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"I do not have experience with the licensing of the product."
"This product is somewhat expensive and should be cheaper."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
"The pricing is manageable."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."
"In terms of cost, this is a good choice for our needs."
"The pricing is average."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
14%
Computer Software Company
10%
Manufacturing Company
9%
Outsourcing Company
8%
Manufacturing Company
19%
Comms Service Provider
14%
Transportation Company
11%
Healthcare Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise5
Large Enterprise12
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your primary use case for Cybereason Endpoint Detection & Response?
My main use case for Cybereason Endpoint Detection & Response is mostly for incident response.
What needs improvement with Cybereason Endpoint Detection & Response?
When it comes to advanced threats, it sometimes helps me with finding them and hunting them down with threat detectio...
What advice do you have for others considering Cybereason Endpoint Detection & Response?
I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR compone...
What needs improvement with N-able EDR?
With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process. If t...
What is your primary use case for N-able EDR?
We are using N-able EDR, but I think Sophos makes sense because of the environment we operate in. The localization an...
What advice do you have for others considering N-able EDR?
I am more focused on operations and procurement. The decision to use this solution was made before I joined the compa...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Cybereason EDR, Cybereason Deep Detect & Respond
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Information Not Available
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. N-able EDR and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.