No more typing reviews! Try our Samantha, our new voice AI agent.

Cybereason Endpoint Detection & Response vs VIPRE Endpoint Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Detection and Response (EDR) (6th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Cybereason Endpoint Detecti...
Ranking in Endpoint Protection Platform (EPP)
34th
Average Rating
7.8
Reviews Sentiment
5.6
Number of Reviews
22
Ranking in other categories
Endpoint Detection and Response (EDR) (29th)
VIPRE Endpoint Security
Ranking in Endpoint Protection Platform (EPP)
52nd
Average Rating
7.0
Number of Reviews
2
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.8%, up from 3.7% compared to the previous year. The mindshare of Cybereason Endpoint Detection & Response is 1.1%, up from 0.8% compared to the previous year. The mindshare of VIPRE Endpoint Security is 0.6%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.8%
Cybereason Endpoint Detection & Response1.1%
VIPRE Endpoint Security0.6%
Other94.5%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Ivan Burke - PeerSpot reviewer
Head of Research Development and Innovation at CSIR
Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments
I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.
SS
IT Security Analyst at a healthcare company with 11-50 employees
Easy to upgrade and manage but needs better reporting
There just was a lot about it that I didn't like. For blocking certain items, such as USBs, we felt like it was slowing down the network too much. Therefore we utilized a GPO for blocking things like that instead. Our environment was big and I didn't feel like the console did a good enough job. We outgrew the product. I've been asking for a change for a couple of years now, and it finally got approved. In terms of the console, I had over 2000 endpoints in there and there wasn't even a search feature for me to look through them. If I had to find where a policy was I had to sort in alphabetical order to find an endpoint that I wanted. They need to offer a search function within the console - maybe something that shows a "last connected" notice. That way, it's easier to manage obsolete machines that you don't need anymore. They had a very vague setting, like after so many days, when do you want us to remove these, you'd see them. I just wish the console was a little more responsive when I would do commands. The reports could have been better. The product would show a lot of endpoints as not communicating. That was another pain point. We constantly had to run an SQL query to clean up the database as I would know immediately when I was in the console, that it just wasn't being responsive. I could tell I was being given bad data and that we had to clean up the database. As soon as I would clean up that database, it was like a purging of the SQL database and it would become a lot more responsive. The problem was that our environment was too big. We're going through a growth spurt right now. In the end, the solution is small and much better suited for a small business. We would get a lot of false positives and instead of them fixing the false positive, they would just want us to put in an exception, which I didn't care for. The product is based on an older model of signature files. It doesn't use any artificial intelligence or anything. It was slow to refresh the policies and computer scans. The larger we got, the more it became an issue. If a company stayed small, I'm not sure if they would have noticed.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The initial setup is easy."
"From a single pane of glass, you can easily manage all of your endpoints."
"Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices."
"The solution helps find bugs, and it is safe to use to prevent attacks by hackers."
"I recommend this solution to others because it is easy to manage, reliable, and overall good to use."
"It has pretty much everything we need and works well within the Palo Alto ecosystem."
"On a scale from one to ten, I would rate Cortex XDR by Palo Alto Networks a nine."
"The most valuable features are incident creation, policy-based protection, IP whitelisting, and device encryption. These are beneficial for endpoint and server security."
"The interface is user-friendly."
"The initial setup was easy and straightforward."
"We like that it is a hybrid; it’s flexible, you can really do whatever you need to do, the initial setup is not overly complicated, the solution can scale, and it is stable and reliable."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"The solution is efficient."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"It has reduced the amount of time that we spend responding to threats by at least 50%."
"The initial setup is not overly complicated."
"It has low overhead as far as machine resources are concerned. Everything runs faster with VIPRE installed versus some of the competitors. It has also been pretty easy to use. It just runs and gives us reports. It also sends us alerts when there is something that we need to look at. It does its job, and you just look at the reports. In other ways, you just forget that it is there."
"It has improved the way our organization functions, made things run faster in our company, and has done a fantastic job of keeping our networks free of virus."
"Technical support was always very helpful and responsive."
"In general, it was pretty easy to manage."
 

Cons

"There are some third-party solutions that are difficult to integrate with, which is something that can be improved."
"Limited remote connection."
"Cortex XDR by Palo Alto Networks could improve its user interface, which is more complicated compared to competitors such as SentinelOne."
"They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else."
"It's very time-consuming to log support issues and the people that answer the tickets aren't very knowledgeable."
"The GUI could be improved."
"Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats."
"One thing that was missing was the integration part. Currently, they don't have out-of-box integration with IBM QRadar, or if they have the integration, the integration doesn't work well."
"Technical support needs to improve."
"The product's reporting isn't great."
"I would like to see improvements on the operational side, specifically in grouping."
"There can be problems with the EDI."
"The graphics are a little lacking."
"It initially took some time to deploy."
"There is room for improvement in the product features related to device control, particularly USB management."
"I feel it is a shame that I cannot create groups of groups with inheritance."
"Their management interface is a little buggy as it will hang up and crash from time to time."
"Their management interface is a little buggy. It requires a few system resources on the management interface. Its reporting can also be better. Overall, the reports are pretty good. They patch some third-party software, but if they can expand what they do for reporting and patch enterprise software, it would be handy."
"We would get a lot of false positives and instead of them fixing the false positive, they would just want us to put in an exception, which I didn't care for."
 

Pricing and Cost Advice

"Its pricing is kind of in line with its competitors and everybody else out there."
"The pricing is okay, although direct support can be expensive."
"The cost depends on your chosen license type, like Pro or other licenses."
"Cortex XDR’s pricing is very reasonable."
"When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."
"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"The pricing is a little high. It is per user per year."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."
"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"I do not have experience with the licensing of the product."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
"The pricing is manageable."
"In terms of cost, this is a good choice for our needs."
"This product is somewhat expensive and should be cheaper."
"Its price point has been phenomenal. Our previous solution from Trend Micro was triple the cost of it."
"Its price point has been phenomenal. Our previous solution from Trend Micro was triple the cost of it."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
14%
Computer Software Company
10%
Manufacturing Company
9%
Outsourcing Company
8%
Comms Service Provider
16%
University
9%
Computer Software Company
8%
Government
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise5
Large Enterprise12
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your primary use case for Cybereason Endpoint Detection & Response?
My main use case for Cybereason Endpoint Detection & Response is mostly for incident response.
What needs improvement with Cybereason Endpoint Detection & Response?
When it comes to advanced threats, it sometimes helps me with finding them and hunting them down with threat detectio...
What advice do you have for others considering Cybereason Endpoint Detection & Response?
I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR compone...
Ask a question
Earn 20 points
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Cybereason EDR, Cybereason Deep Detect & Respond
VIPRE Cloud, VIPRE Endpoint Security Cloud Edition, VIPRE Endpoint Security Server Edition
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
College Station ISD, Mid-West Companies, Guardian Network Solutions
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. VIPRE Endpoint Security and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.