Cybereason Endpoint Detection & Response vs ServiceNow Security Operations comparison

The compared Cybereason and ServiceNow solutions aren't in the same category. Cybereason is ranked #33 in EDR , with an average rating of 7.3, and holds a 1.1% mindshare in the category. ServiceNow is ranked #1 in IRP , with an average rating of 8.1, and holds a 14.4% mindshare. Additionally, 85% of Cybereason users are willing to recommend the solution, compared to 95% of ServiceNow users who would recommend it.

Cybereason Endpoint Detecti...

Read 22 Cybereason Endpoint Detection & Response reviews

4,077 Views
2,446 Comparison Views

85% willing to recommend

ServiceNow Security Operations

Read 22 ServiceNow Security Operations reviews

2,278 Views
319 Comparison Views

95% willing to recommend

Cybereason Endpoint Detecti...

ServiceNow Security Operations

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cybereason Endpoint Detection & Response and ServiceNow Security Operations based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR).

To learn more, read our detailed Endpoint Detection and Response (EDR) Report (Updated: January 2025).

Buyer's Guide

Endpoint Detection and Response (EDR)

January 2025

Download the complete report

Helped 867,370 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cybereason Endpoint Detecti...

Average Rating

7.8

Reviews Sentiment

5.6

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (41st), Endpoint Detection and Response (EDR) (33rd)

ServiceNow Security Operations

Average Rating

8.0

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

Security Incident Response (1st), Security Orchestration Automation and Response (SOAR) (6th), Risk-Based Vulnerability Management (10th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Cybereason Endpoint Detection & Response is designed for Endpoint Detection and Response (EDR) and holds a mindshare of 1.1%, up 1.0% compared to last year.
ServiceNow Security Operations, on the other hand, focuses on Security Incident Response, holds 14.4% mindshare, down 16.7% since last year.

Endpoint Detection and Response (EDR) Market Share Distribution
Product	Market Share (%)
Cybereason Endpoint Detection & Response	1.1%
CrowdStrike Falcon	11.4%
Microsoft Defender for Endpoint	10.1%
Other	77.4%

Endpoint Detection and Response (EDR)

Security Incident Response Market Share Distribution
Product	Market Share (%)
ServiceNow Security Operations	14.4%
Proofpoint Threat Response	15.4%
IBM Resilient	8.8%
Other	61.4%

Security Incident Response

Featured Reviews

Ivan Burke

Head of Research Development and Innovation at CSIR

Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments

I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.

Read full review

George Devasia

DevOps Team Lead at Tata Consultancy

Communication and organization improve support teams and works well with enterprises

I use ServiceNow for ticketing purposes. Specifically, I raise tickets between the support team. This is used by internal teams within the company for managing support-related tasks ServiceNow is a convenient platform to raise tickets, and the respective support team will contact us to resolve…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The initial setup is not overly complicated."

"The interface is user-friendly."

"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."

"The solution is efficient."

"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."

"What I find most valuable is the clarity of the platform."

"It gives all the information in a clear response."

"The initial setup was easy and straightforward."

More Cybereason Endpoint Detection & Response pros

"It's stable."

"The product's most valuable features include the no-code capability for workflows and flow design, which makes it user-friendly, and the ability to perform advanced configurations."

"The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product."

"Reduces time to closure and closure metrics for vulnerabilities."

"The ease of use is great."

"ServiceNow is a convenient platform to raise tickets, and the respective support team will contact us to resolve any issues."

"I will recommend it to others as it is an enterprise application used by large companies for ticketing purposes."

"ServiceNow Security Operations provides significant control over vulnerabilities, allowing users to mark false alarms as false positives and ignore them, which is important because many vulnerabilities are not real but appear as such."

More ServiceNow Security Operations pros

Cons

"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."

"There can be problems with the EDI."

"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."

"There is room for improvement in the product features related to device control, particularly USB management."

"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."

"It initially took some time to deploy."

"The network coverage becomes an issue most of the time."

"The product's reporting isn't great."

More Cybereason Endpoint Detection & Response cons

"Report generation within ServiceNow can take some time."

"Visibility and transitions between teams present significant challenges in the SecOps space, indicating that substantial training and hand-holding are required to improve usability, which is one observation I have had."

"It doesn't interact with things very well."

"The product is called SecOps, but it is not security operations in terms of SIEM solutions."

"Report generation within ServiceNow can take some time. Additionally, there are occasional issues when raising a ticket, which can also consume time."

"One area for improvement for the product is the need to tailor and alter some codes for customization, which can cause issues during upgrades. It does not support customized operations."

"The dashboard and playbook creation will need to improve"

"The initial setup is difficult."

More ServiceNow Security Operations cons

Pricing and Cost Advice

"I do not have experience with the licensing of the product."

"The pricing is manageable."

"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."

"I had to go through a third-party to purchase it, which I wasn't really pleased about."

"In terms of pricing, it's a good solution."

"In terms of cost, this is a good choice for our needs."

"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."

"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."

More Cybereason Endpoint Detection & Response pricing and cost advice

"The solution is more expensive than BMC Remedy, the other ITSM tool available in the market."

"The product is more expensive than other solutions."

"If you're going to implement it on your own, there would be internal costs. If you're going to implement it through a contractor or consultant, you have to pay for that."

"This product is a good value for the money."

"It is an expensive product."

"Compared to competitor tools, ServiceNow Security Operations is more affordable"

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

867,370 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

12%

Manufacturing Company

Comms Service Provider

Financial Services Firm

20%

Manufacturing Company

12%

Computer Software Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	4
Large Enterprise	13

By reviewers
Company Size	Count
Small Business	6
Midsize Enterprise	2
Large Enterprise	15

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?

Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...

See all answers

What is your primary use case for Cybereason Endpoint Detection & Response?

My main use case for Cybereason Endpoint Detection & Response is mostly for incident response.

See all answers

What do you like most about Cybereason Endpoint Detection & Response?

The interface is user-friendly.

See all answers

What do you like most about ServiceNow Security Operations?

The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product.

See all answers

What is your experience regarding pricing and costs for ServiceNow Security Operations?

It is relatively expensive but manageable.

See all answers

What needs improvement with ServiceNow Security Operations?

ServiceNow Security Operations is not specifically a vulnerability management or incident tool, but rather a data aggregator. It would be beneficial if, similar to the Discovery module which assess...

See all answers

Comparisons

Darktrace vs Cybereason Endpoint Detection & Response

Compared 26% of the time

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response

Compared 10% of the time

SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response

Compared 10% of the time

ESET Inspect vs Cybereason Endpoint Detection & Response

Compared 7% of the time

Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response

Compared 7% of the time

More Cybereason Endpoint Detection & Response Competitors

Splunk SOAR vs ServiceNow Security Operations

Compared 22% of the time

Palo Alto Networks Cortex XSOAR vs ServiceNow Security Operations

Compared 20% of the time

Microsoft Sentinel vs ServiceNow Security Operations

Compared 12% of the time

Tines vs ServiceNow Security Operations

Compared 8% of the time

Unified Vulnerability Management vs ServiceNow Security Operations

Compared 5% of the time

More ServiceNow Security Operations Competitors

Product Reports

Buyer's Guide

Cybereason Endpoint Detection & Response

September 2025

Cybereason Endpoint Detection & Response report

Download Cybereason Endpoint Detection & Response product report

Buyer's Guide

ServiceNow Security Operations

August 2025

Download ServiceNow Security Operations product report

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond

No data available

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

ServiceNow Security Operations is a cutting-edge security solution designed to elevate organizations' security incident response (SIR) processes through automation and orchestration. Going beyond traditional SOAR, this comprehensive Security Operations Suite integrates seamlessly with other ServiceNow products and offers a wide array of features. Its components include Security Incident Response (SIR), which automates incident workflows and offers pre-built playbooks; Security Configuration Compliance (SCC), continuously scanning and automating compliance tasks; Vulnerability Response (VR), prioritizing and remediating vulnerabilities; Threat Intelligence (TI), aggregating threat data for proactive threat hunting; and additional features like IT Service Management integration, Machine Learning and AI, reporting, and a mobile app. The benefits span improved incident response speed, reduced mean time to resolution, increased security posture, enhanced compliance, collaborative synergy between security and IT teams, and operational cost reductions.

ServiceNow

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital

DXC Technology, Freedom Security Alliance, Prime Therapeutics, Seton Hall University, York Risk Services

Buyer's Guide

Endpoint Detection and Response (EDR)

January 2025

Download Free Report

Find out what your peers are saying about CrowdStrike, SentinelOne, Microsoft and others in Endpoint Detection and Response (EDR). Updated: January 2025.

DOWNLOAD NOW

867,370 professionals have used our research since 2012.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.