Cybereason Endpoint Detection & Response vs ServiceNow Security Operations comparison

The compared Cybereason and ServiceNow solutions aren't in the same category. Cybereason is ranked #34 in EDR , with an average rating of 7.3, and holds a 1.1% mindshare in the category. ServiceNow is ranked #1 in IRP , with an average rating of 8.1, and holds a 13.2% mindshare. Additionally, 85% of Cybereason users are willing to recommend the solution, compared to 95% of ServiceNow users who would recommend it.

Cybereason Endpoint Detecti...

Read 22 Cybereason Endpoint Detection & Response reviews

3,883 Views
2,563 Comparison Views

85% willing to recommend

ServiceNow Security Operations

Read 22 ServiceNow Security Operations reviews

2,198 Views
308 Comparison Views

95% willing to recommend

Cybereason Endpoint Detecti...

ServiceNow Security Operations

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cybereason Endpoint Detection & Response and ServiceNow Security Operations based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR).

To learn more, read our detailed Endpoint Detection and Response (EDR) Report (Updated: January 2025).

Buyer's Guide

Endpoint Detection and Response (EDR)

January 2025

Download the complete report

Helped 869,952 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cybereason Endpoint Detecti...

Average Rating

7.8

Reviews Sentiment

5.6

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (41st), Endpoint Detection and Response (EDR) (34th)

ServiceNow Security Operations

Average Rating

8.0

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

Security Incident Response (1st), Security Orchestration Automation and Response (SOAR) (6th), Risk-Based Vulnerability Management (9th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Cybereason Endpoint Detection & Response is designed for Endpoint Detection and Response (EDR) and holds a mindshare of 1.1%, down 1.1% compared to last year.
ServiceNow Security Operations, on the other hand, focuses on Security Incident Response, holds 13.2% mindshare, down 19.0% since last year.

Endpoint Detection and Response (EDR) Market Share Distribution
Product	Market Share (%)
Cybereason Endpoint Detection & Response	1.1%
CrowdStrike Falcon	10.3%
Microsoft Defender for Endpoint	9.8%
Other	78.8%

Endpoint Detection and Response (EDR)

Security Incident Response Market Share Distribution
Product	Market Share (%)
ServiceNow Security Operations	13.2%
Proofpoint Threat Response	14.5%
IBM Resilient	8.7%
Other	63.6%

Security Incident Response

Featured Reviews

Ivan Burke

Head of Research Development and Innovation at CSIR

Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments

I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.

Read full review

Abhinay Sharma

ServiceNow Developer at Bangmetric services pvt ltd

Experience seamless integration and effective incident response with a little room for improvement in setup time

Integration is crucial in ServiceNow Security Operations because everything must be integrated to obtain data. Without integration, the solution is not as beneficial as expected. In SecOps, real-time data is essential to avoid discrepancies between real-time events and ServiceNow data. Multiple tools integrate with ServiceNow Security Operations, with Qualys being one of them. ServiceNow Security Operations collects data from various sources and presents it in a single, respectable format for assessment and action. The main benefit is not having to access separate tools for different data. It provides a unified user experience where all work and fixes can be managed from one location.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."

"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."

"The initial setup is not overly complicated."

"The dashboard is very good and you can consider it as an interactive UI."

"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."

"What I find most valuable is the clarity of the platform. It is very straightforward."

"The initial setup was straightforward."

"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."

More Cybereason Endpoint Detection & Response pros

"We refer to the setup and installation guide provided by ServiceNow. They have good documentation, which makes it easier to handle the process."

"ServiceNow is a convenient platform to raise tickets, and the respective support team will contact us to resolve any issues."

"I will recommend it to others as it is an enterprise application used by large companies for ticketing purposes."

"My favorite feature is the application vulnerability scanner."

"It has helped optimize security costs by consolidating multiple tools into one platform."

"What I found most valuable in ServiceNow Security Operations is that it's very useful for any incoming vulnerability. For example, if my team finds any vulnerability on servers such as the CA and CMDB integrated with ServiceNow Security Operations, my team can make some changes. My team can map the vulnerabilities found on the CA server, make the changes required, and resolve the vulnerabilities before the system is attacked. You can avoid vulnerability attacks through ServiceNow Security Operations, so this is the best feature of the solution. ServiceNow Security Operations is beneficial mainly for vulnerability response and engagement purposes."

"The product's most valuable features include the no-code capability for workflows and flow design, which makes it user-friendly, and the ability to perform advanced configurations."

"The ease of use is great."

More ServiceNow Security Operations pros

Cons

"It should be more stable, and the sensor needs improvement in terms of connectivity."

"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."

"The network coverage becomes an issue most of the time."

"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."

"There can be problems with the EDI."

"They need to improve their technical support services."

"I feel it is a shame that I cannot create groups of groups with inheritance."

"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."

More Cybereason Endpoint Detection & Response cons

"Report generation within ServiceNow can take some time."

"Process framework and best practices for ease of integration between IT and security teams via incident, problem, and change."

"An area for improvement I observed in ServiceNow Security Operations is the need to maintain correct CMDB data because if you're unable to do this, you can't perfectly maintain the vulnerability data. CMDB data in ServiceNow Security Operations needs to be accurate. As I've been working on ServiceNow Security Operations for only seven months, I still need more time to try all its modules before I can give recommendations regarding additional features I'd like to see in the solution."

"One area for improvement for the product is the need to tailor and alter some codes for customization, which can cause issues during upgrades. It does not support customized operations."

"The product is called SecOps, but it is not security operations in terms of SIEM solutions."

"The threat intelligence module needs a better dashboard."

"Customer awareness and understanding of ServiceNow's SecOps capabilities could be improved."

"The initial setup is difficult."

More ServiceNow Security Operations cons

Pricing and Cost Advice

"I do not have experience with the licensing of the product."

"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."

"In terms of pricing, it's a good solution."

"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."

"In terms of cost, this is a good choice for our needs."

"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."

"The pricing is manageable."

"This product is somewhat expensive and should be cheaper."

More Cybereason Endpoint Detection & Response pricing and cost advice

"It is an expensive product."

"The product is more expensive than other solutions."

"The solution is more expensive than BMC Remedy, the other ITSM tool available in the market."

"This product is a good value for the money."

"If you're going to implement it on your own, there would be internal costs. If you're going to implement it through a contractor or consultant, you have to pay for that."

"Compared to competitor tools, ServiceNow Security Operations is more affordable"

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

869,952 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

12%

Manufacturing Company

Comms Service Provider

Financial Services Firm

19%

Manufacturing Company

13%

Computer Software Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	4
Large Enterprise	13

By reviewers
Company Size	Count
Small Business	6
Midsize Enterprise	2
Large Enterprise	15

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?

Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...

See all answers

What is your primary use case for Cybereason Endpoint Detection & Response?

My main use case for Cybereason Endpoint Detection & Response is mostly for incident response.

See all answers

What do you like most about Cybereason Endpoint Detection & Response?

The interface is user-friendly.

See all answers

What do you like most about ServiceNow Security Operations?

The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product.

See all answers

What is your experience regarding pricing and costs for ServiceNow Security Operations?

It is relatively expensive but manageable.

See all answers

What needs improvement with ServiceNow Security Operations?

ServiceNow Security Operations is not specifically a vulnerability management or incident tool, but rather a data aggregator. It would be beneficial if, similar to the Discovery module which assess...

See all answers

Comparisons

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response

Compared 14% of the time

SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response

Compared 12% of the time

Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response

Compared 8% of the time

ESET Inspect vs Cybereason Endpoint Detection & Response

Compared 8% of the time

Fortinet FortiEDR vs Cybereason Endpoint Detection & Response

Compared 6% of the time

More Cybereason Endpoint Detection & Response Competitors

Splunk SOAR vs ServiceNow Security Operations

Compared 22% of the time

Palo Alto Networks Cortex XSOAR vs ServiceNow Security Operations

Compared 19% of the time

Microsoft Sentinel vs ServiceNow Security Operations

Compared 12% of the time

Tines vs ServiceNow Security Operations

Compared 8% of the time

Swimlane vs ServiceNow Security Operations

Compared 5% of the time

More ServiceNow Security Operations Competitors

Product Reports

Buyer's Guide

Cybereason Endpoint Detection & Response

October 2025

Cybereason Endpoint Detection & Response report

Download Cybereason Endpoint Detection & Response product report

Buyer's Guide

ServiceNow Security Operations

September 2025

Download ServiceNow Security Operations product report

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond

No data available

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

ServiceNow Security Operations is a cutting-edge security solution designed to elevate organizations' security incident response (SIR) processes through automation and orchestration. Going beyond traditional SOAR, this comprehensive Security Operations Suite integrates seamlessly with other ServiceNow products and offers a wide array of features. Its components include Security Incident Response (SIR), which automates incident workflows and offers pre-built playbooks; Security Configuration Compliance (SCC), continuously scanning and automating compliance tasks; Vulnerability Response (VR), prioritizing and remediating vulnerabilities; Threat Intelligence (TI), aggregating threat data for proactive threat hunting; and additional features like IT Service Management integration, Machine Learning and AI, reporting, and a mobile app. The benefits span improved incident response speed, reduced mean time to resolution, increased security posture, enhanced compliance, collaborative synergy between security and IT teams, and operational cost reductions.

ServiceNow

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital

DXC Technology, Freedom Security Alliance, Prime Therapeutics, Seton Hall University, York Risk Services

Buyer's Guide

Endpoint Detection and Response (EDR)

January 2025

Download Free Report

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR). Updated: January 2025.

DOWNLOAD NOW

869,952 professionals have used our research since 2012.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.