Cybereason Endpoint Detection & Response vs Sangfor Endpoint Secure comparison

Cybereason and Sangfor are both solutions in the Endpoint Detection and Response (EDR) category. Cybereason is ranked #28 with an average rating of 7.6, while Sangfor is ranked #17 with an average rating of 8.2. Cybereason holds a 1.0% mindshare in EDR, compared to Sangfor’s 0.7% mindshare. Additionally, 85% of Cybereason users are willing to recommend the solution, compared to 100% of Sangfor users who would recommend it.

Cybereason Endpoint Detecti...

Read 22 Cybereason Endpoint Detection & Response reviews

4,196 Views
2,476 Comparison Views

85% willing to recommend

Sangfor Endpoint Secure

Read 11 Sangfor Endpoint Secure reviews

1,586 Views
1,570 Comparison Views

100% willing to recommend

Cybereason Endpoint Detecti...

Sangfor Endpoint Secure

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Cybereason Endpoint Detection & Response and Sangfor Endpoint Secure are both robust solutions in the endpoint security market. Cybereason is highly regarded for its advanced capabilities, whereas Sangfor's strengths lie in its comprehensive feature set.

Features: Users value Cybereason's detection accuracy, real-time threat analysis, and response automation. Sangfor is appreciated for its wide range of endpoint security features, including vulnerability assessment and real-time protection. While both products provide strong feature sets, users feel Sangfor offers a more comprehensive package overall.

Room for Improvement: Cybereason users suggest improving integration with other security tools and enhancing alert management features. Sangfor users report a need for better scalability options and more intuitive reporting capabilities. Each product has specific areas needing development, with Sangfor users highlighting scalability as a key focus.

Ease of Deployment and Customer Service: Cybereason is commended for its straightforward deployment process and responsive customer support. Sangfor's deployment is also well-regarded, though users report a steeper learning curve. Customer service for Sangfor is generally appreciated but noted as less flexible than Cybereason's. Cybereason is perceived as easier to deploy with superior customer support engagement.

Pricing and ROI: Users associate Cybereason with a higher initial setup cost but acknowledge significant ROI due to its advanced threat handling. In contrast, Sangfor is considered more budget-friendly, providing solid ROI through its extensive feature set at a lower cost. While Cybereason may have a higher price, users find it justified by the powerful functionalities it offers.

To learn more, read our detailed Cybereason Endpoint Detection & Response vs. Sangfor Endpoint Secure Report (Updated: July 2025).

Buyer's Guide

Cybereason Endpoint Detection & Response vs. Sangfor Endpoint Secure

July 2025

Download the complete report

Helped 865,384 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cybereason Endpoint Detecti...

Ranking in Endpoint Detection and Response (EDR)

28th

Average Rating

7.8

Reviews Sentiment

5.6

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (37th)

Sangfor Endpoint Secure

Ranking in Endpoint Detection and Response (EDR)

17th

Average Rating

8.2

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of August 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Cybereason Endpoint Detection & Response is 1.0%, down from 1.1% compared to the previous year. The mindshare of Sangfor Endpoint Secure is 0.7%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR)

Featured Reviews

Ivan Burke

Head of Research Development and Innovation at CSIR

Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments

I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.

Read full review

Shiraz Ali

Networking Solutions Specialist at GBM

Provides a unified and multi-layer security solution

I believe Sangfor Endpoint Secure could improve in terms of its user interface and management capabilities. Having a single, more user-friendly management console, like a one-window approach, would streamline the user experience and make it easier for administrators to handle security tasks more efficiently. Sangfor Endpoint Secure currently only allows one manager to control clients, and it lacks a backup system. It would be better if it supported a secondary manager for backup in case the primary one fails, ensuring uninterrupted service.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."

"What I find most valuable is the clarity of the platform."

"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."

"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."

"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."

"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."

"The initial setup was easy and straightforward."

"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."

More Cybereason Endpoint Detection & Response pros

"The user-friendliness of Sangfor Endpoint Secure is particularly impressive. Even with basic technical knowledge, users can easily navigate the system, make changes, and implement updates."

"The most valuable feature I have found in the system is its comprehensive end-to-end protection."

"The product's initial setup phase was straightforward."

"What stands out to me is the dual-end user interface they provide."

"It has a quick response time, threat intelligence, cybersecurity features, quick report generation, behavior analysis, dynamic detection, and quarantine features."

"The tool's most valuable features are control access, endpoint security, and load balancing of ISPs."

"I like the tool's honeypot feature. Some features include having a honeypot to detect attacks in a certain area. Additionally, there is RDP protection, which means that when we remote into our server or any endpoint, we must enter a password as a second layer of security. It can also integrate with next-generation firewalls."

"Sangfor Endpoint Secure has some good policy certificates."

More Sangfor Endpoint Secure pros

Cons

"We are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment."

"The reporting feature needs improvement."

"There is room for improvement in the product features related to device control, particularly USB management."

"I feel that the product lacks reporting features and needs improvement."

"Cybereason does not have sandbox functionality."

"The network coverage becomes an issue most of the time."

"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."

"I feel it is a shame that I cannot create groups of groups with inheritance."

More Cybereason Endpoint Detection & Response cons

"It would be much more convenient if the migration tool could be installed directly on the customer's VMs, enabling a smoother migration process to the new infrastructure, with potential restrictions addressed accordingly."

"Sometimes, the VPN is not secure and doesn't work properly in Sangfor Endpoint Secure."

"Currently, the tool lacks reporting functionalities."

"I face issues while migrating from Kaspersky to Sangfor Endpoint Secure."

"Sangfor Endpoint Secure should include healing capabilities."

"There are a few areas for improvement. We have encountered licensing issues on occasion, and sometimes updates don't apply properly."

"The interface has too many buttons, making it cluttered."

"When an issue occurs, the response time for first-level support and the time taken for meetings could be improved."

More Sangfor Endpoint Secure cons

Pricing and Cost Advice

"The pricing is manageable."

"In terms of pricing, it's a good solution."

"In terms of cost, this is a good choice for our needs."

"I had to go through a third-party to purchase it, which I wasn't really pleased about."

"This product is somewhat expensive and should be cheaper."

"I do not have experience with the licensing of the product."

"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."

"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."

More Cybereason Endpoint Detection & Response pricing and cost advice

"The solution is cheap. It is cheaper than other products by 15-20 percent."

"The product is expensive compared to other vendors."

"We were using Hyper-V. So, we switched to Sangfor because of the pricing."

"Sangfor Endpoint Secure is not a cheap solution."

"Sangfor Endpoint Secure's pricing is cheap. I rate it seven out of ten."

"Its "pay as you grow" model offers cost-effectiveness compared to major cloud providers."

"Price-wise, Sangfor Endpoint Secure can be considered a competitively priced product in the market as it offers quite low prices compared to other solutions."

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

865,384 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

11%

Manufacturing Company

Government

Financial Services Firm

14%

Computer Software Company

11%

Government

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?

Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...

See all answers

What is your primary use case for Cybereason Endpoint Detection & Response?

My main use case for Cybereason Endpoint Detection & Response is mostly for incident response.

See all answers

What do you like most about Cybereason Endpoint Detection & Response?

The interface is user-friendly.

See all answers

What do you like most about Sangfor Endpoint Secure?

Sangfor Endpoint Secure has some good policy certificates.

See all answers

What needs improvement with Sangfor Endpoint Secure?

The interface has too many buttons, making it cluttered. It would be better if it were a simplified version with fewer buttons and a more consolidated layout.

See all answers

What is your primary use case for Sangfor Endpoint Secure?

Sangfor Endpoint Secure is easy to handle with its user-friendly interface. The four engines it utilizes for endpoint detection provide fewer false positives compared to other solutions. It is used...

See all answers

Comparisons

Darktrace vs Cybereason Endpoint Detection & Response

Compared 26% of the time

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response

Compared 11% of the time

SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response

Compared 10% of the time

Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response

Compared 9% of the time

ESET Inspect vs Cybereason Endpoint Detection & Response

Compared 7% of the time

More Cybereason Endpoint Detection & Response Competitors

Kaspersky Endpoint Detection and Response vs Sangfor Endpoint Secure

Compared 23% of the time

ESET Inspect vs Sangfor Endpoint Secure

Compared 10% of the time

CrowdStrike Falcon vs Sangfor Endpoint Secure

Compared 9% of the time

SentinelOne Singularity Complete vs Sangfor Endpoint Secure

Compared 8% of the time

Bitdefender GravityZone EDR vs Sangfor Endpoint Secure

Compared 8% of the time

More Sangfor Endpoint Secure Competitors

Product Reports

Buyer's Guide

Cybereason Endpoint Detection & Response

August 2025

Cybereason Endpoint Detection & Response report

Download Cybereason Endpoint Detection & Response product report

Buyer's Guide

Sangfor Endpoint Secure

July 2025

Download Sangfor Endpoint Secure product report

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond

No data available

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

Organizations use Sangfor Endpoint Secure for endpoint protection and security management, managing devices, servers, and networks against malicious threats. It also assists in blocking websites, managing infrastructure, applications, antivirus needs, and aids in migrating to cloud environments.

Sangfor Endpoint Secure offers end-to-end protection, incorporating file protection, AI detection, behavior analysis, access control, and ISP load balancing. It facilitates VM migration with minimal downtime and includes a dual-end user interface for creating firewall rules, uploading images, and configuring VM settings. Enhancements such as Hyper-V capabilities, policy certificates, honeypot features, and next-generation firewall integrations are available. However, Sangfor Endpoint Secure could improve on console management, reporting functionalities, public cloud migration support, navigation, VPN system issues, licensing, update management, transitioning processes, and incorporating healing capabilities.

What are its most important features?

Comprehensive end-to-end protection including file protection
AI detection and behavior analysis
Access control and ISP load balancing
Ease of VM migration with minimal downtime
Streamlined dual-end user interface for firewall rules and VM settings
Hyper-V capabilities and policy certificates
Honeypot feature for attack detection and RDP protection
Integration with next-generation firewalls

What benefits or ROI should users look for?

Enhanced device, server, and network security from malicious threats
Simplified migration from on-premises to cloud environments
User-friendly navigation and management capabilities
Advanced detection and behavior analysis reducing potential threats
Streamlined enforcement of robust security policies

Sangfor Endpoint Secure is implemented across various industries to ensure comprehensive security management and protection. IT departments leverage its VM migration capabilities for seamless transitions to cloud environments. Healthcare organizations use it to secure sensitive patient data, while educational institutions utilize it for safeguarding academic records and personal information. Financial services employ it to protect critical transactional data and adhere to stringent compliance requirements.

Sangfor

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital

Information Not Available

Buyer's Guide

Cybereason Endpoint Detection & Response vs. Sangfor Endpoint Secure

July 2025

Free Report: Cybereason Endpoint Detection & Response vs. Sangfor Endpoint Secure

Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. Sangfor Endpoint Secure and other solutions. Updated: July 2025.

DOWNLOAD NOW

865,384 professionals have used our research since 2012.

See our Cybereason Endpoint Detection & Response vs. Sangfor Endpoint Secure report.

See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.