Try our new research platform with insights from 80,000+ expert users

Cybereason Endpoint Detection & Response vs ThreatLocker Zero Trust Endpoint Protection Platform comparison

Cybereason and ThreatLocker are both solutions in the Endpoint Protection Platform (EPP) category. Cybereason is ranked #34 with an average rating of 8.2, while ThreatLocker is ranked #6 with an average rating of 9.2. Cybereason holds a 0.8% mindshare in EPP, compared to ThreatLocker’s 0.7% mindshare. Additionally, 89% of Cybereason users are willing to recommend the solution, compared to 97% of ThreatLocker users who would recommend it.
Cybereason Endpoint Detecti...
Read 21 Cybereason Endpoint Detection & Response reviews
  • 3,422 Views
  • 1,923 Comparison Views
89% willing to recommend
ThreatLocker Zero Trust End...
Read 39 ThreatLocker Zero Trust Endpoint Protection Platform reviews
  • 2,269 Views
  • 1,503 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Mar 23, 2025

Cybereason Endpoint Detection & Response and ThreatLocker Zero Trust Endpoint Protection compete in the endpoint security market. While both offer comprehensive features, Cybereason has an advantage in threat hunting and multi-OS support, making it more appealing for diverse IT environments.

Features: Cybereason offers advanced threat hunting, real-time visibility across endpoints, and multi-OS compatibility. It ensures seamless integration across various operating systems and provides excellent threat investigation tools. ThreatLocker focuses on allowlisting, ring-fencing, and application control. Its zero-trust security model is highly efficient, offering robust protection and ease of management across multiple environments.

Room for Improvement: Cybereason requires better reporting capabilities and a more intuitive dashboard for entry-level users. Improvement in technical support for smaller organizations and sensor deployment is also needed. ThreatLocker could enhance its UI, implement staggered policy updates to manage bandwidth efficiently, and improve training offerings and ticketing system transparency.

Ease of Deployment and Customer Service: Both solutions offer flexible deployment options, including cloud, on-premises, and hybrid environments. However, users have noted occasional support delays. Cybereason’s support is generally praised for its responsiveness and effective issue resolution. In contrast, ThreatLocker provides comprehensive support but needs faster response times and availability outside typical working hours.

Pricing and ROI: Cybereason is seen as valuable but potentially costly, targeting larger businesses with its pricing model based on endpoints. ThreatLocker offers fair and flexible pricing with reasonable setup costs, making it scalable for growing companies. Both solutions provide good ROI by enhancing visibility and reducing threat response times, though ThreatLocker achieves better cost-effective integration.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform Report (Updated: April 2025).
Buyer's Guide
Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform
April 2025
Download the complete report
Helped 850,349 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cybereason Endpoint Detecti...
Ranking in Endpoint Protection Platform (EPP)
34th
Average Rating
8.0
Reviews Sentiment
7.9
Number of Reviews
21
Ranking in other categories
Endpoint Detection and Response (EDR) (23rd)
ThreatLocker Zero Trust End...
Ranking in Endpoint Protection Platform (EPP)
6th
Average Rating
9.2
Reviews Sentiment
7.6
Number of Reviews
39
Ranking in other categories
Network Access Control (NAC) (4th), Advanced Threat Protection (ATP) (6th), Application Control (1st), ZTNA (3rd), Ransomware Protection (4th)
 

Mindshare comparison

As of May 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cybereason Endpoint Detection & Response is 0.8%, down from 1.2% compared to the previous year. The mindshare of ThreatLocker Zero Trust Endpoint Protection Platform is 0.7%, down from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Chad Kliewer - PeerSpot reviewer
We can make more informed decisions on whether an action is malicious
The ease of use and dashboards are improving. We came in at a time when they were developing a new dashboard screen. Therefore, we have had some confusing times between the old and new dashboards. Knowing how the new one works, I have seen vast improvements with it. While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper. They are improving on this because I have seen some improvements in the user interface that helps with this. Part of it was moving two different screens into one, merging the two together. It is very good, but it is very technically detailed and would be harder for an entry-level person to decipher. However, improvements are being made. It leverages indicators of behavior to help us remediate faster against attacks. Sometimes, I wish there was more detail on why they consider it malicious.
Read full review
Johnathan Bodily - PeerSpot reviewer
Ensures ransomware protection and reduces phishing chaos
The application control has been great so far, and while I am still exploring the network access controls, I unfortunately don't have access to one module I would love to have due to licensing restrictions. It's easy to use in regard to reducing attack surfaces. For me, it's a piece of cake. We can have something approved within 30 seconds, thanks to the mobile app. We haven't eliminated security solutions. We just add to it, and ThreatLocker has been a great addition. We also have Kaseya and ThreatLocker as a supplement to that. It's useful. They have overlap, and we look at the overlap as a good thing. It's helped your organization save on operational costs or expenses by ensuring that many fewer hours are spent dealing with ransomware nonsense. I cannot count the amount of hours that I personally have not had to put in to recovering an environment from a ransomware event. The last big one took us about three weeks to completely recover from. Since we've grouped ThreatLocker in, the management of that whole setup has gone down to just daily help desk tasks and general server maintenance instead of having the whole system on fire. There are probably thousands of hours of saved time between our teams. It's been great so far. ThreatLocker Zero Trust Endpoint Protection Platform's ability to block access to unauthorized applications is great. It's my biggest protection, the blocked applications. In a lot of cases, you go to install something yourself that you need for management, and it comes in and says, nope. And then I have to log into the portal and approve it. I get our other guys saying, hey, why are you trying to approve something? Any of the tools that I'm using on a day-to-day basis that haven't been in the environment during the whole learning mode initially, I could go through and set extensions and all that. So, while it's a headache on that end, the amount of saved time I can't even count. It is a little frustrating on my end since I like to go as quickly as I possibly can, and it slows me down. However, that's a really good thing. Depending on the site, it can save a lot of time and cut down headaches. It's likely saved a week's worth of time. It's cut down the amount of sever help desk tickets. Those have become minimal.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"What I find most valuable is the clarity of the platform."
"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."
"The initial setup is not overly complicated."
"The dashboard is very good and you can consider it as an interactive UI."
"For me, the technical support is good."
"It gives all the information in a clear response."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
More Cybereason Endpoint Detection & Response pros
"The solution has made knowing and managing what is running on our clients' devices much easier for us. We know they cannot run what they are not supposed to run."
"ThreatLocker Zero Trust Endpoint Protection Platform provides no-sweat security that we can easily deploy."
"Being able to protect and trust nothing by default, known as zero trust, is the most important feature to me."
"We use ThreatLocker's Allowlisting to whitelist specific applications and prevent unauthorized software from running."
"Ringfencing is a valuable feature."
"It is a comprehensive platform that allows you to do a lot of things."
"Every single feature has been invaluable."
"Customer service is good. The Cyber Hero program ensures there is always someone available to help."
More ThreatLocker Zero Trust Endpoint Protection Platform pros
 

Cons

"I feel it is a shame that I cannot create groups of groups with inheritance."
"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"There is room for improvement in the product features related to device control, particularly USB management."
"They need to improve their technical support services."
"Cybereason does not have sandbox functionality."
"I feel that the product lacks reporting features and needs improvement."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"The network coverage becomes an issue most of the time."
More Cybereason Endpoint Detection & Response cons
"Their product is solid. I have a hard time complaining much about it because when we do find little things, they are usually interface-related or related to things that would be nice to have."
"Better visualizations of what exactly is happening in our logs would be helpful. There can be more visuals on what has been elevated. Presenting this in a more refined manner would be beneficial."
"The reporting could be improved."
"The support could be quicker. There are times when there is a delay in getting a response. This is problematic when immediate attention is needed."
"I find that the learning mode is too accessible. Technicians sometimes default to it instead of manually building policy controls. I would prefer the learning mode to be harder to access, ideally hidden behind a layer that requires creating at least one policy first before using the learning mode as a supplement."
"We use other vendors for other components. I'd like one vendor to control all aspects of the business, including backup, EDR solutions, email monitoring, and control, rather than using multiple vendors."
"It would be beneficial to have a tighter integration into PSA systems so that approvals can be done directly without having to leave the PSA."
"The company should strive to stay ahead of all the developments happening externally. If their progress accelerates more rapidly than the ongoing changes outside, it would prove advantageous."
More ThreatLocker Zero Trust Endpoint Protection Platform cons
 

Pricing and Cost Advice

"I do not have experience with the licensing of the product."
"In terms of cost, this is a good choice for our needs."
"The pricing is manageable."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"In terms of pricing, it's a good solution."
"This product is somewhat expensive and should be cheaper."
More Cybereason Endpoint Detection & Response pricing and cost advice
"I do not know about the licensing and price as it comes bundled from our MSP. However, it seems fairly reasonable for us, which is why we chose it."
"The pricing is reasonable and normal. I do not have any problems with the cost."
"I believe ThreatLocker's pricing model is fair and flexible, allowing account managers to offer customized deals based on our specific needs."
"The price is very reasonable, and we have been able to integrate ThreatLocker with all of our clients."
"Others say ThreatLocker is too expensive, and I tell them they're dreaming. It's well-priced for what it does."
"The price of ThreatLocker Allowlisting is reasonable in the market, but it is not fantastic."
"We have not had any real issues with the pricing. As they have added more features, due to the way our contracts are structured with our customers, we have had to hold off on adopting the new features because they do add costs."
"The pricing is pretty fair, considering other solutions. Licensing-wise, it did not take long."
More ThreatLocker Zero Trust Endpoint Protection Platform pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
850,349 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
11%
Manufacturing Company
8%
Government
6%
Computer Software Company
36%
Retailer
8%
Financial Services Firm
5%
Manufacturing Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?
Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...
See all answers
What is your primary use case for Cybereason Endpoint Detection & Response?
We use it to improve detection in the whole industrial sector. We are a big energy company. Across multiple endpoints, we deploy the EDR to secure all, improve detection, and also attempt to automa...
See all answers
What do you like most about Cybereason Endpoint Detection & Response?
The interface is user-friendly.
See all answers
What do you like most about ThreatLocker Allowlisting?
The interface is clean and well-organized, making it simple to navigate and find what we need.
See all answers
What is your experience regarding pricing and costs for ThreatLocker Allowlisting?
Pricing, setup costs, and licensing have been pretty accessible and manageable. It was not too expensive to get started, especially at a small scale for a smaller MSP. It is very accessible, easy t...
See all answers
What needs improvement with ThreatLocker Allowlisting?
For the space that it's in, it's already there. I don't know of another product that compares to its level. Even recently, with the addition of the detect module is a very nice add-on to the packet...
See all answers
 

Comparisons

Darktrace vs Cybereason Endpoint Detection & Response Logo
Darktrace vs Cybereason Endpoint Detection & Response
Compared 28% of the time
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response Logo
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response
Compared 15% of the time
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response Logo
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response
Compared 10% of the time
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response Logo
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response
Compared 10% of the time
Kaspersky Endpoint Security for Business vs Cybereason Endpoint Detection & Response Logo
Kaspersky Endpoint Security for Business vs Cybereason Endpoint Detection & Response
Compared 5% of the time
More Cybereason Endpoint Detection & Response Competitors
SentinelOne Singularity Complete vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
SentinelOne Singularity Complete vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 23% of the time
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 19% of the time
CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 18% of the time
Ivanti Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Ivanti Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 6% of the time
Huntress Managed EDR vs ThreatLocker Zero Trust Endpoint Protection Platform Logo
Huntress Managed EDR vs ThreatLocker Zero Trust Endpoint Protection Platform
Compared 6% of the time
More ThreatLocker Zero Trust Endpoint Protection Platform Competitors
 

Product Reports

Buyer's Guide
Cybereason Endpoint Detection & Response
May 2025
Cybereason Endpoint Detection & Response reportDownload Cybereason Endpoint Detection & Response product report
Buyer's Guide
ThreatLocker Zero Trust Endpoint Protection Platform
April 2025
ThreatLocker Zero Trust Endpoint Protection Platform reportDownload ThreatLocker Zero Trust Endpoint Protection Platform product report
 

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond
Protect, Allowlisting, Network Control, Ringfencing
 

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

ThreatLocker Zero Trust Endpoint Protection Platform offers robust endpoint security through application control and allowlisting, safeguarding servers and workstations from unauthorized software execution.

ThreatLocker Zero Trust Endpoint Protection Platform provides extensive application control with features like ring-fencing and selective elevation, ensuring meticulous execution management. Offering learning mode and extensive support, it integrates threat detection and activity monitoring to enhance compliance, reduce costs, and bolster cybersecurity through alerts and approvals. Despite its strengths, there are areas for improvement in training flexibility, policy updates, and interface enhancements, along with challenges in handling non-digitally signed software. Deployed across environments, it works well with existing cybersecurity instruments for real-time threat prevention.

What are the top features of ThreatLocker?
  • Intuitive Interface: User-friendly design simplifies endpoint protection management.
  • Application Blocking: Prevents unauthorized applications from running.
  • Selective Elevation: Grants control over application permissions.
  • Ring-Fencing: Isolates applications to limit interactions.
  • Allowlisting: Ensures only trusted software can execute.
  • Learning Mode: Facilitates configuration by observing user behavior.
  • Real-Time Support: Access to assistance and training resources.
What benefits should reviewers seek?
  • Compliance: Meets regulatory standards.
  • Operational Cost Reduction: Consolidated alerts and approvals.
  • Enhanced Cybersecurity: Prevention of unauthorized applications.
  • Regulatory Alignment: Helps ensure adherence to legal requirements.

ThreatLocker Zero Trust Endpoint Protection Platform is widely implemented to safeguard IT infrastructures against unauthorized access and application use. In sectors where data security is paramount, this platform enables users to prevent unauthorized software installations and control device applications, ensuring real-time threat prevention and compliance with industry regulations.

ThreatLocker
 

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Information Not Available
Buyer's Guide
Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform
April 2025
Free Report: Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform and other solutions. Updated: April 2025.
DOWNLOAD NOW
850,349 professionals have used our research since 2012.
See our Cybereason Endpoint Detection & Response vs. ThreatLocker Zero Trust Endpoint Protection Platform report.
See our list of best Endpoint Protection Platform (EPP) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.