Try our new research platform with insights from 80,000+ expert users

Cybereason Endpoint Detection & Response vs ThreatLocker Zero Trust Endpoint Protection Platform comparison

Cybereason and ThreatLocker are both solutions in the Endpoint Protection Platform (EPP) category. Cybereason is ranked #41 with an average rating of 7.3, while ThreatLocker is ranked #7 with an average rating of 9.2. Cybereason holds a 0.8% mindshare in EPP, compared to ThreatLocker’s 0.9% mindshare. Additionally, 85% of Cybereason users are willing to recommend the solution, compared to 97% of ThreatLocker users who would recommend it.
Cybereason Endpoint Detecti...
Read 22 Cybereason Endpoint Detection & Response reviews
  • 3,883 Views
  • 2,446 Comparison Views
85% willing to recommend
ThreatLocker Zero Trust End...
Read 40 ThreatLocker Zero Trust Endpoint Protection Platform reviews
  • 3,141 Views
  • 1,947 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 5, 2025

Cybereason and ThreatLocker compete in the endpoint security category. Cybereason tends to have an upper hand in detailed threat analysis and visualization of cyber kill chains, while ThreatLocker is favored for strict application and access control.

Features: Cybereason offers advanced threat hunting, intuitive threat analysis, and visualization of cyber kill chains. ThreatLocker focuses on application control, ring-fencing, and a zero trust model, providing precise endpoint activity control.

Room for Improvement: Cybereason could improve its technical support speed, reporting features, and platform integration. ThreatLocker needs to enhance its user interface, training options, and support accessibility.

Ease of Deployment and Customer Service: Cybereason is deployable on Public, On-premises, and Hybrid Clouds, offering flexibility but requiring technical expertise. Its customer support is responsive but needs faster issue resolution. ThreatLocker supports Public, On-premises, Hybrid, and Private Clouds, with cooperative support that could improve ticket processing speed.

Pricing and ROI: Cybereason, while not the cheapest, is considered affordable and provides good ROI by enhancing visibility and reducing operational costs. ThreatLocker offers flexible pricing, appealing to businesses seeking comprehensive yet cost-effective cybersecurity. Its cost-effective management is appreciated by MSPs.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform Report (Updated: September 2025).
Buyer's Guide
Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform
September 2025
Download the complete report
Helped 869,760 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
1.0
Cybereason EDR boosts network visibility, reduces threat response time by 50%, and offers ROI in 12-24 months.
Sentiment score
7.9
ThreatLocker Zero Trust Platform enhances security, improves efficiency, saves costs, increases revenue, and supports business growth by reducing threats.
No quotes available
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
If something were to happen without ThreatLocker, the cost would be huge, and thus, having it is definitely worth it.
The main return on investment is peace of mind, knowing that with ThreatLocker on any endpoint, it will almost always block all malicious code or exploits, even zero-day exploits.
It keeps malware, Trojans, and ransomware at bay.
For more quotes and insights, download the ThreatLocker Zero Trust Endpoint Protection Platform report
DL
LS
Johnathan Bodily - PeerSpot reviewer
 

Customer Service

Sentiment score
5.0
Cybereason's customer service is competent and knowledgeable, though escalations can cause delays, especially without partnership status.
Sentiment score
7.7
ThreatLocker Zero Trust's responsive customer service, highlighted by the Cyber Hero program, is praised for speed, professionalism, and effectiveness.
Nine is great actually since we have people available when we ask, and they know what they are talking about.
if you're a partner with them, they provide fairly good support through a concept called invest support.
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
They have been very responsive, helpful, and knowledgeable.
I would rate their customer support a ten out of ten.
Their support is world-class.
For more quotes and insights, download the ThreatLocker Zero Trust Endpoint Protection Platform report
reviewer2642739 - PeerSpot reviewerIvan Burke - PeerSpot reviewerreviewer2665902 - PeerSpot reviewer
RH
CL
 

Scalability Issues

Sentiment score
6.2
<p>Cybereason Endpoint Detection &amp; Response is highly scalable, effectively supporting large organizations with seamless expansion and flexible adaptation.</p>
Sentiment score
8.0
ThreatLocker Zero Trust Platform offers seamless scalability and adaptability, efficiently managing diverse environments and dynamic growth across endpoints.
No quotes available
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
I started off with just the servers, and within a month and a half, I set up the entire company with ThreatLocker.
It seems to primarily operate on the endpoints rather than at a central location pushing out policies.
I would rate it a ten out of ten for scalability.
For more quotes and insights, download the ThreatLocker Zero Trust Endpoint Protection Platform report
Johnathan Bodily - PeerSpot reviewerreviewer2665902 - PeerSpot reviewer
LS
 

Stability Issues

Sentiment score
5.5
Cybereason EDR is reliable with occasional upgrade issues, but improves system speed, and support resolves performance concerns.
Sentiment score
7.4
ThreatLocker Zero Trust Platform is praised for stability and reliability, with minor issues swiftly addressed by support.
We inform Cybereason about any issues, and they work on a new solution, either with an update or a custom fix in anticipation of the next update.
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
For five years, we have not had a problem.
Once deployed, it downloads the policies locally, so even if the computer doesn't have internet, it doesn't matter.
It has been very stable, reliable, and accessible.
For more quotes and insights, download the ThreatLocker Zero Trust Endpoint Protection Platform report
reviewer2642739 - PeerSpot reviewer
CL
RN
JA
 

Room For Improvement

Cybereason needs better support, simpler deployment, and enhanced features, including automation, dashboard design, and compatibility improvements.
ThreatLocker needs UI improvements, better integrations, expanded training, enhanced analytics, restricted Learning Mode, and faster support.
No quotes available
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
Controlling the cloud environment, not just endpoints, is crucial.
This is problematic when immediate attention is needed.
Comprehensive 24-hour log monitoring is a valuable enhancement for both business and enterprise-level users.
For more quotes and insights, download the ThreatLocker Zero Trust Endpoint Protection Platform report
JA
Musah Ibrahim - PeerSpot reviewerreviewer2594715 - PeerSpot reviewer
 

Setup Cost

Cybereason offers a competitively priced, comprehensive EDR solution with potential cost benefits for experienced users in enterprises.
Enterprise buyers find ThreatLocker's pricing competitive and flexible, valuing its affordability, transparency, and accessible setup costs.
No quotes available
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
After conversations with other partners, it became clear we underpriced it initially, which caused most of our issues.
We are moving towards the Unified solution, where they basically bundle everything together, providing us better stability with the ability to bring in new product offerings without having to go back to the customer and say, 'This is going to cost you.'
I had a really good deal at the time, and it continues to be cost-effective.
For more quotes and insights, download the ThreatLocker Zero Trust Endpoint Protection Platform report
RH
CL
ZK
 

Valuable Features

Cybereason EDR offers real-time threat visibility, automatic isolation, and extensive threat-hunting for efficient endpoint management and minimal false positives.
ThreatLocker Zero Trust Platform enhances security with features like application control, selective elevation, and robust network access controls.
What I find most valuable is the clarity of the platform.
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
ThreatLocker Zero Trust Endpoint Protection Platform's ability to block access to unauthorized applications has been excellent.
It protects our customers.
The major benefit is fewer breaches overall, as nothing can be run without prior approval. This helps my company protect its data and secure itself effectively.
For more quotes and insights, download the ThreatLocker Zero Trust Endpoint Protection Platform report
reviewer2642739 - PeerSpot reviewer
ZK
JV
DL
 

Categories and Ranking

Cybereason Endpoint Detecti...
Ranking in Endpoint Protection Platform (EPP)
41st
Average Rating
7.8
Reviews Sentiment
5.6
Number of Reviews
22
Ranking in other categories
Endpoint Detection and Response (EDR) (34th)
ThreatLocker Zero Trust End...
Ranking in Endpoint Protection Platform (EPP)
7th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
40
Ranking in other categories
Network Access Control (NAC) (5th), Advanced Threat Protection (ATP) (6th), Application Control (1st), ZTNA (4th), Ransomware Protection (1st)
 

Mindshare comparison

As of October 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cybereason Endpoint Detection & Response is 0.8%, down from 1.1% compared to the previous year. The mindshare of ThreatLocker Zero Trust Endpoint Protection Platform is 0.9%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Market Share Distribution
ProductMarket Share (%)
ThreatLocker Zero Trust Endpoint Protection Platform0.9%
Cybereason Endpoint Detection & Response0.8%
Other98.3%
Endpoint Protection Platform (EPP)
 

Featured Reviews

Ivan Burke - PeerSpot reviewer
Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments
I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.
Read full review
Johnathan Bodily - PeerSpot reviewer
Ensures ransomware protection and reduces phishing chaos
The application control has been great so far, and while I am still exploring the network access controls, I unfortunately don't have access to one module I would love to have due to licensing restrictions. It's easy to use in regard to reducing attack surfaces. For me, it's a piece of cake. We can have something approved within 30 seconds, thanks to the mobile app. We haven't eliminated security solutions. We just add to it, and ThreatLocker has been a great addition. We also have Kaseya and ThreatLocker as a supplement to that. It's useful. They have overlap, and we look at the overlap as a good thing. It's helped your organization save on operational costs or expenses by ensuring that many fewer hours are spent dealing with ransomware nonsense. I cannot count the amount of hours that I personally have not had to put in to recovering an environment from a ransomware event. The last big one took us about three weeks to completely recover from. Since we've grouped ThreatLocker in, the management of that whole setup has gone down to just daily help desk tasks and general server maintenance instead of having the whole system on fire. There are probably thousands of hours of saved time between our teams. It's been great so far. ThreatLocker Zero Trust Endpoint Protection Platform's ability to block access to unauthorized applications is great. It's my biggest protection, the blocked applications. In a lot of cases, you go to install something yourself that you need for management, and it comes in and says, nope. And then I have to log into the portal and approve it. I get our other guys saying, hey, why are you trying to approve something? Any of the tools that I'm using on a day-to-day basis that haven't been in the environment during the whole learning mode initially, I could go through and set extensions and all that. So, while it's a headache on that end, the amount of saved time I can't even count. It is a little frustrating on my end since I like to go as quickly as I possibly can, and it slows me down. However, that's a really good thing. Depending on the site, it can save a lot of time and cut down headaches. It's likely saved a week's worth of time. It's cut down the amount of sever help desk tickets. Those have become minimal.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
869,760 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
12%
Manufacturing Company
8%
Comms Service Provider
7%
Computer Software Company
28%
Retailer
9%
Manufacturing Company
7%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise4
Large Enterprise13
By reviewers
Company SizeCount
Small Business32
Midsize Enterprise4
Large Enterprise3
 

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?
Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...
See all answers
What is your primary use case for Cybereason Endpoint Detection & Response?
My main use case for Cybereason Endpoint Detection &amp; Response is mostly for incident response.
See all answers
What do you like most about Cybereason Endpoint Detection & Response?
The interface is user-friendly.
See all answers
What do you like most about ThreatLocker Allowlisting?
The interface is clean and well-organized, making it simple to navigate and find what we need.
See all answers
What is your experience regarding pricing and costs for ThreatLocker Allowlisting?
Pricing, setup costs, and licensing have been pretty accessible and manageable. It was not too expensive to get started, especially at a small scale for a smaller MSP. It is very accessible, easy t...
See all answers
What needs improvement with ThreatLocker Allowlisting?
For the space that it's in, it's already there. I don't know of another product that compares to its level. Even recently, with the addition of the detect module is a very nice add-on to the packet...
See all answers
 

Comparisons

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response Logo
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response
Compared 15% of the time
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response Logo
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response
Compared 12% of the time
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response Logo
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response
Compared 9% of the time
ESET Inspect vs Cybereason Endpoint Detection & Response Logo
ESET Inspect vs Cybereason Endpoint Detection & Response
Compared 9% of the time
Fortinet FortiEDR vs Cybereason Endpoint Detection & Response Logo
Fortinet FortiEDR vs Cybereason Endpoint Detection & Response
Compared 6% of the time
More Cybereason Endpoint Detection & Response Competitors
CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 14% of the time
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 10% of the time
SentinelOne Singularity Complete vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
SentinelOne Singularity Complete vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 7% of the time
ManageEngine Application Control Plus vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
ManageEngine Application Control Plus vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 6% of the time
Airlock Digital Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Airlock Digital Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 6% of the time
More ThreatLocker Zero Trust Endpoint Protection Platform Competitors
 

Product Reports

Buyer's Guide
Cybereason Endpoint Detection & Response
October 2025
Cybereason Endpoint Detection & Response reportDownload Cybereason Endpoint Detection & Response product report
Buyer's Guide
ThreatLocker Zero Trust Endpoint Protection Platform
September 2025
ThreatLocker Zero Trust Endpoint Protection Platform reportDownload ThreatLocker Zero Trust Endpoint Protection Platform product report
 

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond
Protect, Allowlisting, Network Control, Ringfencing
 

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

ThreatLocker Zero Trust Endpoint Protection Platform offers robust endpoint security through application control and allowlisting, safeguarding servers and workstations from unauthorized software execution.

ThreatLocker Zero Trust Endpoint Protection Platform provides extensive application control with features like ring-fencing and selective elevation, ensuring meticulous execution management. Offering learning mode and extensive support, it integrates threat detection and activity monitoring to enhance compliance, reduce costs, and bolster cybersecurity through alerts and approvals. Despite its strengths, there are areas for improvement in training flexibility, policy updates, and interface enhancements, along with challenges in handling non-digitally signed software. Deployed across environments, it works well with existing cybersecurity instruments for real-time threat prevention.

What are the top features of ThreatLocker?
  • Intuitive Interface: User-friendly design simplifies endpoint protection management.
  • Application Blocking: Prevents unauthorized applications from running.
  • Selective Elevation: Grants control over application permissions.
  • Ring-Fencing: Isolates applications to limit interactions.
  • Allowlisting: Ensures only trusted software can execute.
  • Learning Mode: Facilitates configuration by observing user behavior.
  • Real-Time Support: Access to assistance and training resources.
What benefits should reviewers seek?
  • Compliance: Meets regulatory standards.
  • Operational Cost Reduction: Consolidated alerts and approvals.
  • Enhanced Cybersecurity: Prevention of unauthorized applications.
  • Regulatory Alignment: Helps ensure adherence to legal requirements.

ThreatLocker Zero Trust Endpoint Protection Platform is widely implemented to safeguard IT infrastructures against unauthorized access and application use. In sectors where data security is paramount, this platform enables users to prevent unauthorized software installations and control device applications, ensuring real-time threat prevention and compliance with industry regulations.

ThreatLocker
 

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Information Not Available
Buyer's Guide
Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform
September 2025
Free Report: Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform and other solutions. Updated: September 2025.
DOWNLOAD NOW
869,760 professionals have used our research since 2012.
See our Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform report.
See our list of best Endpoint Protection Platform (EPP) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.