Cybereason Endpoint Detection & Response vs Sangfor Endpoint Secure comparison

Cybereason and Sangfor are both solutions in the Endpoint Detection and Response (EDR) category. Cybereason is ranked #34 with an average rating of 7.3, while Sangfor is ranked #19 with an average rating of 8.2. Cybereason holds a 1.1% mindshare in EDR, compared to Sangfor’s 0.7% mindshare. Additionally, 85% of Cybereason users are willing to recommend the solution, compared to 100% of Sangfor users who would recommend it.

Cybereason Endpoint Detecti...

Read 22 Cybereason Endpoint Detection & Response reviews

3,883 Views
2,563 Comparison Views

85% willing to recommend

Sangfor Endpoint Secure

Read 11 Sangfor Endpoint Secure reviews

1,599 Views
1,583 Comparison Views

100% willing to recommend

Cybereason Endpoint Detecti...

Sangfor Endpoint Secure

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Cybereason Endpoint Detection & Response and Sangfor Endpoint Secure are both robust solutions in the endpoint security market. Cybereason is highly regarded for its advanced capabilities, whereas Sangfor's strengths lie in its comprehensive feature set.

Features: Users value Cybereason's detection accuracy, real-time threat analysis, and response automation. Sangfor is appreciated for its wide range of endpoint security features, including vulnerability assessment and real-time protection. While both products provide strong feature sets, users feel Sangfor offers a more comprehensive package overall.

Room for Improvement: Cybereason users suggest improving integration with other security tools and enhancing alert management features. Sangfor users report a need for better scalability options and more intuitive reporting capabilities. Each product has specific areas needing development, with Sangfor users highlighting scalability as a key focus.

Ease of Deployment and Customer Service: Cybereason is commended for its straightforward deployment process and responsive customer support. Sangfor's deployment is also well-regarded, though users report a steeper learning curve. Customer service for Sangfor is generally appreciated but noted as less flexible than Cybereason's. Cybereason is perceived as easier to deploy with superior customer support engagement.

Pricing and ROI: Users associate Cybereason with a higher initial setup cost but acknowledge significant ROI due to its advanced threat handling. In contrast, Sangfor is considered more budget-friendly, providing solid ROI through its extensive feature set at a lower cost. While Cybereason may have a higher price, users find it justified by the powerful functionalities it offers.

To learn more, read our detailed Cybereason Endpoint Detection & Response vs. Sangfor Endpoint Secure Report (Updated: September 2025).

Buyer's Guide

Cybereason Endpoint Detection & Response vs. Sangfor Endpoint Secure

September 2025

Download the complete report

Helped 869,566 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cybereason Endpoint Detecti...

Ranking in Endpoint Detection and Response (EDR)

34th

Average Rating

7.8

Reviews Sentiment

5.6

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (41st)

Sangfor Endpoint Secure

Ranking in Endpoint Detection and Response (EDR)

19th

Average Rating

8.2

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of October 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Cybereason Endpoint Detection & Response is 1.1%, down from 1.1% compared to the previous year. The mindshare of Sangfor Endpoint Secure is 0.7%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR) Market Share Distribution
Product	Market Share (%)
Sangfor Endpoint Secure	0.7%
Cybereason Endpoint Detection & Response	1.1%
Other	98.2%

Endpoint Detection and Response (EDR)

Featured Reviews

Ivan Burke

Head of Research Development and Innovation at CSIR

Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments

I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.

Read full review

Shiraz Ali

Networking Solutions Specialist at GBM

Provides a unified and multi-layer security solution

I believe Sangfor Endpoint Secure could improve in terms of its user interface and management capabilities. Having a single, more user-friendly management console, like a one-window approach, would streamline the user experience and make it easier for administrators to handle security tasks more efficiently. Sangfor Endpoint Secure currently only allows one manager to control clients, and it lacks a backup system. It would be better if it supported a secondary manager for backup in case the primary one fails, ensuring uninterrupted service.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."

"Immediately we can pick up the computers in the network if any malicious operation that is triggered."

"It gives all the information in a clear response."

"The solution is efficient."

"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."

"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."

"The initial setup was straightforward."

"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."

More Cybereason Endpoint Detection & Response pros

"The tool's most valuable features are control access, endpoint security, and load balancing of ISPs."

"The tool's AI feature is helpful in endpoint security."

"The most valuable feature I have found in the system is its comprehensive end-to-end protection."

"Sangfor Endpoint Secure has some good policy certificates."

"We use the product for network protection from any malicious threat."

"I like the tool's honeypot feature. Some features include having a honeypot to detect attacks in a certain area. Additionally, there is RDP protection, which means that when we remote into our server or any endpoint, we must enter a password as a second layer of security. It can also integrate with next-generation firewalls."

"What stands out to me is the dual-end user interface they provide."

"The real-time monitoring feature of Sangfor Endpoint Secure is truly real-time, with no delay compared to other solutions."

More Sangfor Endpoint Secure pros

Cons

"They need to improve their technical support services."

"The reporting feature needs improvement."

"We are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment."

"The network coverage becomes an issue most of the time."

"It should be more stable, and the sensor needs improvement in terms of connectivity."

"There is room for improvement in the product features related to device control, particularly USB management."

"I feel that the product lacks reporting features and needs improvement."

"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."

More Cybereason Endpoint Detection & Response cons

"I face issues while migrating from Kaspersky to Sangfor Endpoint Secure."

"There are a few areas for improvement. We have encountered licensing issues on occasion, and sometimes updates don't apply properly."

"Currently, the tool lacks reporting functionalities."

"It is complicated to establish a tunnel due to technical issues in the VPN system."

"Sangfor Endpoint Secure performs poorly."

"It would be much more convenient if the migration tool could be installed directly on the customer's VMs, enabling a smoother migration process to the new infrastructure, with potential restrictions addressed accordingly."

"I believe Sangfor Endpoint Secure could improve in terms of its user interface and management capabilities."

"Sometimes, the VPN is not secure and doesn't work properly in Sangfor Endpoint Secure."

More Sangfor Endpoint Secure cons

Pricing and Cost Advice

"I do not have experience with the licensing of the product."

"The pricing is manageable."

"I had to go through a third-party to purchase it, which I wasn't really pleased about."

"This product is somewhat expensive and should be cheaper."

"In terms of pricing, it's a good solution."

"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."

"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."

"In terms of cost, this is a good choice for our needs."

More Cybereason Endpoint Detection & Response pricing and cost advice

"Sangfor Endpoint Secure's pricing is cheap. I rate it seven out of ten."

"The product is expensive compared to other vendors."

"The solution is cheap. It is cheaper than other products by 15-20 percent."

"We were using Hyper-V. So, we switched to Sangfor because of the pricing."

"Sangfor Endpoint Secure is not a cheap solution."

"Price-wise, Sangfor Endpoint Secure can be considered a competitively priced product in the market as it offers quite low prices compared to other solutions."

"Its "pay as you grow" model offers cost-effectiveness compared to major cloud providers."

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

869,566 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

12%

Manufacturing Company

Comms Service Provider

Financial Services Firm

14%

Computer Software Company

11%

Government

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	4
Large Enterprise	13

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	3
Large Enterprise	3

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?

Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...

See all answers

What is your primary use case for Cybereason Endpoint Detection & Response?

My main use case for Cybereason Endpoint Detection & Response is mostly for incident response.

See all answers

What do you like most about Cybereason Endpoint Detection & Response?

The interface is user-friendly.

See all answers

What do you like most about Sangfor Endpoint Secure?

Sangfor Endpoint Secure has some good policy certificates.

See all answers

What needs improvement with Sangfor Endpoint Secure?

The interface has too many buttons, making it cluttered. It would be better if it were a simplified version with fewer buttons and a more consolidated layout.

See all answers

What is your primary use case for Sangfor Endpoint Secure?

Sangfor Endpoint Secure is easy to handle with its user-friendly interface. The four engines it utilizes for endpoint detection provide fewer false positives compared to other solutions. It is used...

See all answers

Comparisons

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response

Compared 15% of the time

SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response

Compared 12% of the time

Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response

Compared 9% of the time

ESET Inspect vs Cybereason Endpoint Detection & Response

Compared 9% of the time

Fortinet FortiEDR vs Cybereason Endpoint Detection & Response

Compared 6% of the time

More Cybereason Endpoint Detection & Response Competitors

Kaspersky Endpoint Detection and Response vs Sangfor Endpoint Secure

Compared 21% of the time

Bitdefender GravityZone EDR vs Sangfor Endpoint Secure

Compared 11% of the time

ESET Inspect vs Sangfor Endpoint Secure

Compared 10% of the time

CrowdStrike Falcon vs Sangfor Endpoint Secure

Compared 9% of the time

Trend Vision One Endpoint Security vs Sangfor Endpoint Secure

Compared 8% of the time

More Sangfor Endpoint Secure Competitors

Product Reports

Buyer's Guide

Cybereason Endpoint Detection & Response

October 2025

Cybereason Endpoint Detection & Response report

Download Cybereason Endpoint Detection & Response product report

Buyer's Guide

Sangfor Endpoint Secure

September 2025

Download Sangfor Endpoint Secure product report

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond

No data available

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

Organizations use Sangfor Endpoint Secure for endpoint protection and security management, managing devices, servers, and networks against malicious threats. It also assists in blocking websites, managing infrastructure, applications, antivirus needs, and aids in migrating to cloud environments.

Sangfor Endpoint Secure offers end-to-end protection, incorporating file protection, AI detection, behavior analysis, access control, and ISP load balancing. It facilitates VM migration with minimal downtime and includes a dual-end user interface for creating firewall rules, uploading images, and configuring VM settings. Enhancements such as Hyper-V capabilities, policy certificates, honeypot features, and next-generation firewall integrations are available. However, Sangfor Endpoint Secure could improve on console management, reporting functionalities, public cloud migration support, navigation, VPN system issues, licensing, update management, transitioning processes, and incorporating healing capabilities.

What are its most important features?

Comprehensive end-to-end protection including file protection
AI detection and behavior analysis
Access control and ISP load balancing
Ease of VM migration with minimal downtime
Streamlined dual-end user interface for firewall rules and VM settings
Hyper-V capabilities and policy certificates
Honeypot feature for attack detection and RDP protection
Integration with next-generation firewalls

What benefits or ROI should users look for?

Enhanced device, server, and network security from malicious threats
Simplified migration from on-premises to cloud environments
User-friendly navigation and management capabilities
Advanced detection and behavior analysis reducing potential threats
Streamlined enforcement of robust security policies

Sangfor Endpoint Secure is implemented across various industries to ensure comprehensive security management and protection. IT departments leverage its VM migration capabilities for seamless transitions to cloud environments. Healthcare organizations use it to secure sensitive patient data, while educational institutions utilize it for safeguarding academic records and personal information. Financial services employ it to protect critical transactional data and adhere to stringent compliance requirements.

Sangfor

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital

Information Not Available

Buyer's Guide

Cybereason Endpoint Detection & Response vs. Sangfor Endpoint Secure

September 2025

Free Report: Cybereason Endpoint Detection & Response vs. Sangfor Endpoint Secure

Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. Sangfor Endpoint Secure and other solutions. Updated: September 2025.

DOWNLOAD NOW

869,566 professionals have used our research since 2012.

See our Cybereason Endpoint Detection & Response vs. Sangfor Endpoint Secure report.

See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.