No more typing reviews! Try our Samantha, our new voice AI agent.

Cybereason Endpoint Detection & Response vs Nyotron PARANOID comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Detection and Response (EDR) (6th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Cybereason Endpoint Detecti...
Ranking in Endpoint Protection Platform (EPP)
34th
Average Rating
7.8
Reviews Sentiment
5.6
Number of Reviews
22
Ranking in other categories
Endpoint Detection and Response (EDR) (29th)
Nyotron PARANOID
Ranking in Endpoint Protection Platform (EPP)
58th
Average Rating
8.6
Reviews Sentiment
7.0
Number of Reviews
2
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.8%, up from 3.7% compared to the previous year. The mindshare of Cybereason Endpoint Detection & Response is 1.1%, up from 0.8% compared to the previous year. The mindshare of Nyotron PARANOID is 0.5%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.8%
Cybereason Endpoint Detection & Response1.1%
Nyotron PARANOID0.5%
Other94.6%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Ivan Burke - PeerSpot reviewer
Head of Research Development and Innovation at CSIR
Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments
I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.
Abel Browarnik - PeerSpot reviewer
CEO at Expertos Browarnik
A cost-effective security solution for endpoint protection
The initial setup is complex. It is rare to see an effective endpoint protection system that does not require some effort. It is neither on the cloud nor on-premises. You deploy it on every endpoint or server, irrespective of perimeter. You must use a deployment tool unless you prefer to do it manually on every endpoint or server. We used an automation tool to deploy it. Since we had MSI with us. We had to verify that everything worked, but it didn't take more than two weeks for 1000 endpoints.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One thing that I like about Cortex XDR by Palo Alto Networks, it is detecting all the suspicious or malicious binaries, and it has integration with Palo Alto Firewall."
"Previously, we had to install endpoint protection per machine and then scan and update, but Cortex XDR basically does that centrally and predictably, so we have more time to do day-to-day work rather than spend time chasing those endpoints."
"Cortex XDR lets us manage several clients from the same console, and its endpoint defense is more advanced than traditional antivirus."
"The information the dashboard provides is very clear."
"Has great threat detection capabilities."
"WildFire AI is the best option for this product."
"Monitoring is most valuable."
"The anti-exploit is impenetrable."
"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."
"We are monitoring it by ourselves as well, however, their SOC team is monitoring and pre-alerting us all the time, every day."
"Cybereason reduced our detection by 85%."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."
"Cybereason EDR helps us isolate and mitigate on the fly, which is essential because we're a small team, and we don't always have a spare IT person waiting to work."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."
"Nyotron protects your users and does not acquire any threat intelligence."
"This product really is the best solution for this security issue."
"First of all, it does the job. It prevents harm to the operating system. Also, the visibility it gives to the user and to the administrator is very good."
 

Cons

"They are charging for Network Traffic Analyzer (NTA) services, so if the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better."
"The solution should add unwanted malicious hash values to a block list so that whenever the action is triggered, it will automatically prevent the malicious content."
"Cortex XDR should have a lightweight agent, and the agent size should not be heavy."
"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."
"I have faced some issues with Cortex XDR by Palo Alto Networks; there is room for improvement in the sense that certain options prevent us from seeing and segregating data."
"Based on our experience so far, its implementation is quite complex."
"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
"The playbooks could be improved to include more functionalities or actions."
"Its Microsoft PowerShell protections still need some compatibility improvements."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"Linux was a bad experience and Micro OS was a disaster."
"I feel it is a shame that I cannot create groups of groups with inheritance."
"It initially took some time to deploy."
"The graphics are a little lacking."
"Ad hoc higher-level reporting to senior management can be improved or can be implemented. That's definitely an area of improvement that they need to focus on."
"The solution should be available on Linux and other platforms, including mobile platforms such as Android and iOS."
"The main feature that is missing is to have the same solution on servers. Currently it's only protecting the client side, not the server. If they would add the server in the same solution, that would be great."
 

Pricing and Cost Advice

"It's about $55 per license on a yearly basis."
"Very costly product."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"Our customers have expressed that the price is high."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"The price is on the higher side, but it's okay."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
"This product is somewhat expensive and should be cheaper."
"I do not have experience with the licensing of the product."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
"The pricing is manageable."
"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"In terms of pricing, it's a good solution."
"In terms of cost, this is a good choice for our needs."
Information not available
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
14%
Computer Software Company
10%
Manufacturing Company
9%
Outsourcing Company
8%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise5
Large Enterprise12
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your primary use case for Cybereason Endpoint Detection & Response?
My main use case for Cybereason Endpoint Detection & Response is mostly for incident response.
What needs improvement with Cybereason Endpoint Detection & Response?
When it comes to advanced threats, it sometimes helps me with finding them and hunting them down with threat detectio...
What advice do you have for others considering Cybereason Endpoint Detection & Response?
I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR compone...
What needs improvement with Nyotron PARANOID?
There was an initial problem, we had to run the system in detection mode rather than prevention mode. The solution sh...
What is your primary use case for Nyotron PARANOID?
We use Nyotron PARANOID to protect endpoints. It serves as a second and last line of protection. It often detects thr...
What advice do you have for others considering Nyotron PARANOID?
They pushed updates frequently. Sometimes, an update breaks functionality, but it is easy to fix. It was an excellent...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Cybereason EDR, Cybereason Deep Detect & Respond
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
El Al Airlines
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. Nyotron PARANOID and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.