2021-07-28T15:32:00Z

What is the best EDR or XDR product for a company with 9000 employees?

Hi peers,

Our company is looking for the best EDR or XDR solution for the company with 9K+ employees.

What would be your professional advice to us? Why this or another solution should be our choice?

Thanks in advance!

EA
Cybersecurity and Cyber Defense Manager at Ecopetrol
  • 12
  • 251
10
PeerSpot user
10 Answers
John Recendez - PeerSpot reviewer
Sr Customer Success Manager at IT Management Corp
User
2022-07-12T23:49:00Z
Jul 12, 2022

In my personal technical opinion, FortiEDR (an EDR/XDR product) is a highly effective solution because it’s engineered to sit at the kernel level between any executing application and the OS, NIC, and hard drive. 


This makes the solution effective beyond typical signatures (which every system uses, including FortiEDR to catch the low hanging fruit). Anything outside typical signature still cannot bypass FortiEDR because it listens to every activity as it hits the OS, NIC, and hard drive.

Remy Ma - PeerSpot reviewer
Network Security Services at ACE Managed Securty Services
Real User
Top 5
Sep 26, 2022

CrowdStrike’s Falcon Insight is inarguably the best EDR product in the market currently, irrespective of the number of users. It simplifies endpoint detection and response while giving you full-spectrum visibility in real time.
While some might consider the solution cost to be on the higher side, it assures you immediate time-to-value and cost-to-value. It’s cloud-based and doesn’t require any on-premises infrastructure management or installation. It has a single lightweight-agent architecture that deploys in minutes and opens the door for instant scalability in the future.
One of the major selling points for CrowdStrike EDR is the minimal learning curve attached to using the solution. It’s immediately operational and does not require reboots, finetuning, baselining, or complex configurations. The best part is that it has zero impact on endpoint performance and end-user productivity.

PeerSpot user
Search for a product comparison in EDR (Endpoint Detection and Response)
DO
Product Manager at Xpertus
User
2022-07-12T20:03:28Z
Jul 12, 2022

Sophos, if you have people to admin the tool, if not Sophos with MTR.

EB
Director of Community at PeerSpot (formerly IT Central Station)
Community Manager
Jul 13, 2022

@David Ozuna, why do you suggest these particular products? Thanks.

PeerSpot user
TF
CTO at Klaatu IT Security Ltd
Real User
Top 5Leaderboard
2022-07-12T13:54:55Z
Jul 12, 2022

I deploy and would recommend Deep Instinct. It has a 99%+ detection rate, even on zero days and documents like Word, Excel and PDF, automatically stops malware activation within milliseconds and has a <0.1% false-positive rate. 


In the USA it is backed by a $3M warranty from Munich Re for a single breach, and we expect this to be extended to the UK. It is very easy to implement using self-install or automation, and we have never got anything past it. In the UK it has a major bank as a client. 


Its customers include T-Systems, Honeywell, Taylor Morrison and Seiko. 

TF
CTO at Klaatu IT Security Ltd
Real User
Top 5Leaderboard
Jul 14, 2022

@Evgeny Belenky 
SE Labs also did a report https://selabs.uk/reports/deep.... It is a deep-learning based product - a neural network trained on billions of malware samples and normal documents. The weightings are transferred to an agent (d-brain) that is installed on the endpoint. Even older d-brains detect everything.

PeerSpot user
SP
Managing Member at Pender & Associates
Real User
Top 5Leaderboard
2021-09-21T14:37:55Z
Sep 21, 2021

@Edgardo Arrieta ​ 


I would confidently recommend SentinelOne as it is the only EDR that has not been breached, offers up to 1 million USD warranty if it is not able to roll back a ransomware encryption attack, automatically mitigates cyber-attacks without human intervention, uses artificial intelligence and does not require internet to mitigate attacks. 


SentinelOne also effectively provides protection against; zero-day, fileless and lateral movement attacks.

Meleria Mangaring - PeerSpot reviewer
Systems Engineer at Trends and Technologies, Inc
Reseller
Top 5
2022-08-05T00:31:11Z
Aug 5, 2022

Trend Micro Vision One!  This XDR solution can be correlated with other information within the network that could be of huge help in threat hunting and mitigating risks.

Basheer Ahmed Khan - PeerSpot reviewer
VP - Operations at Theta432
Real User
ExpertModerator
2022-07-15T08:19:15Z
Jul 15, 2022

@Edgardo Arrieta, You can look out for LimaCharlie too. It's a new product in the market. 


But it has a lot of features. You can build your own rules for detection, response, and control of your data. You can also use many freely available rules for D & R for mitigation. 


Leverage solutions custom designed for your environment and control your security posture without having to rely on external vendors to protect you from bad actors. You also get one-click access to many rulesets from sources like Yara, Soteria, Sigma, and others.

Learn what your peers think about Microsoft Defender for Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: May 2023.
708,830 professionals have used our research since 2012.
David_Roy - PeerSpot reviewer
Cyber Relations Director at Blackswan Cybersecurity
User
2022-07-13T15:58:59Z
Jul 13, 2022

Here (at BlackSwan CyberSecurity) we prefer to stay vendor neutral with an Open XDR approach. 


With that said we utilize Sophos as it provides data we use in our SIEM, and XDR provides us with some automation capabilities: Sophos XDR Fact Sheet

CP
Partner Account Manager 🔆 at SEC DataCom A/S
Reseller
Top 20
2022-07-12T06:53:49Z
Jul 12, 2022

I would recommend SentinelOne. 


Easy deployment, management and daily maintenance. Supporting most operating systems - new, legacy and mobile. 


Never breached 1 million warranty, leading MITRE and Gartner. Cool usable roll-back feature and superior storyline technology that tracks all processes and events, making IR, TH, and documentation fast and sublime.

MA
CEO, Asia Pacific with 51-200 employees
User
2022-07-11T15:54:15Z
Jul 11, 2022

Bitdefender topped the MITRE ATT&CK tests for consecutive years. 


Look at real performance and not marketing and hype.

EB
Director of Community at PeerSpot (formerly IT Central Station)
Community Manager
Jul 12, 2022

@MikeAng thanks for the reference.

PeerSpot user
Real User
2021-09-10T22:05:41Z
Sep 10, 2021

Completely automated attack investigation and remediation on a single platform.

Cynet XDR (by Cynet Security) natively unifies NGAV, EDR, NDR, UEBA and Deception technologies with automated attack investigation and remediation on a single, intuitive platform and it's backed by a 24/7 Managed Detection and Response service. 

EB
Director of Community at PeerSpot (formerly IT Central Station)
Community Manager
Jul 12, 2022

@Shani Patel, this is a follow up on my earlier question. Thanks!

PeerSpot user
Related Questions
RJ
User at African Industries
Mar 7, 2023
Hello peers,  I work for a large manufacturing company. We are evaluating EDR and XDR solutions for Endpoint Security, can anyone suggest some good ones for comparison with pros and cons? We did a demo with CrowdStrike, FortiEDR, and SentinelOne. Thank you for your help.
2 out of 5 answers
CP
Partner Account Manager 🔆 at SEC DataCom A/S
Mar 6, 2023
Hi, It seems you are already looking at some of the best and leaders in the new Gartner Quadrant. SentinelOne and CrowdStrike are very close in their offerings, detections, and responses. CrowdStrike might be a little more mature in their MDR offering, but both are doing very well in protecting your endpoints.You might consider Cybereason as well.Regarding EDR vs XDR, according to the Gartner Hype Curve, EDR is a more mature technology whereas XDR's maturity mostly is on the material from marketing. The difference is whether or not external logs and alerts are consolidated within the platform. Most EDR vendors claim they have XDR as well, but as most vendors, they talk the talk way before they can walk the walk and before the market are ready for the adoption. So if you are a first mover you can go for the full package but you must expect to accept some bugs and be the vendor's remote test lab.Besides that, nearly all solutions have APIs to be called and thus can be included in most platforms.
CA
Product Manager at a comms service provider with 51-200 employees
Mar 6, 2023
I agree with Carsten and want to add my experience. With S1, I get more false positives and resource consumption is a little bit more. Currently, I'm using CD and happy using it. MDR Services is provided by its own staff, not 3rd party. Single-click rollback is a plus with S1. About XDR, it depends on your company's security culture. I think there's no application that you just deploy and relax. If someone says "we do", I simply don't believe it. Network security is a different issue and it's hard to identify adversaries only with AI. You have to have a team to follow up on network traffic. For EDR, AI is more convenient. With XDR, AI will give you lots of false positives. After a while, you'll get exhausted from the noise. Also, most attacks target endpoints, so EDR has more priority in my opinion.
Fernando Elias Gonzalez Hernandez - PeerSpot reviewer
Cyber Security Manager at Maxitransfers LLC
Nov 9, 2022
Hi, I'm looking for an EDR with low resource consumption and very robust for 270 computers. Any suggestions? Thank you--- <Original question> Estoy buscando un EDR con bajo consumo de recursos y muy robusto para 270 equipos de computo Sugerencias? Gracias
2 out of 12 answers
Hi Fernando, Nice to meet you! From Sofistic we can help you with SOC and Crowdstrike EDR!
Pieter Plas - PeerSpot reviewer
Owner at Beerepoot Automatisering B.V.
Jul 26, 2022
Hi Fernando, I’m very happy with Kaspersky. Good value  for your money. Good support when you need it. The console gives you more than only antivirus, but also patch management for 3th party software and so many more. And i believe the best anti ransomware in the world. With kind regards,
Related Articles
EB
Director of Community at PeerSpot (formerly IT Central Station)
Aug 17, 2022
Hi dear community members, In this edition of PeerSpot's Community Spotlight, you can find out what your peers are discussing and join in the conversation. Ask and answer questions on the topics that interest you most! Read and respond to articles or contribute your own! Trending These are the topics your peers are talking about on PeerSpot this week How do I estimate the requir...
See 1 comment
EB
Director of Community at PeerSpot (formerly IT Central Station)
Aug 17, 2022
Thank you to all the community members who share their knowledge with other peers! Also, special thanks to the articles' contributors included in this Community Spotlight: @Janet Staver, @Abhirup Sarkar, @Manoj Narayanan, @Beth Safire and @Shibu Babuchandran.
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at a tech services company with 201-500 employees
Aug 9, 2022
If you’re weighing your options for endpoint security solutions, there are many options out there. However, solutions vary greatly in terms of how effectively they can protect your network. I want to help you make the best decision possible, so here are some questions to ask before buying an endpoint security solution, and why they are important. 1) Does the solution employ Foundational Tech...
EB
Director of Community at PeerSpot (formerly IT Central Station)
Aug 2, 2022
Dear professionals, Welcome back to PeerSpot's Community Spotlight! Below you can find the latest hot topics posted by your fellow PeerSpot Community members. Read articles, answer questions, and contribute to discussions that are relevant to you and your expertise. Or ask your peers for insight on topics that interest you! Trending Here are some topics that your peers are discussi...
See 1 comment
EB
Director of Community at PeerSpot (formerly IT Central Station)
Aug 2, 2022
@Chris Childerhose, @PraveenKambhampati, @Deena Nouril, @Shibu Babuchandran and @reviewer1925439, Thank you for contributing your articles and sharing your professional knowledge with 618K PeerSpot community members around the globe as well as with a much bigger readers audience!
EB
Director of Community at PeerSpot (formerly IT Central Station)
May 2, 2022
Hi peers, We're happy to share our new bi-weekly Community Spotlight with you. Here you'll find recent contributions by PeerSpot community members: questions, articles and trending discussions. Trending See what your peers are discussing at the moment! What to choose: an endpoint antivirus, an EDR solution, or both? What is your recommended IT Service Management (ITSM) tool in 2022? W...
EB
Director of Community at PeerSpot (formerly IT Central Station)
Feb 4, 2022
Hi dear community members, This is our latest community digest. It helps you catch up on recent contributions by community members. Comment below with your feedback and suggestions! Trending What are the Top 5 cybersecurity trends in 2022? What are the main benefits of modern IT Asset Discovery tools? Tip Post an educational article from your Home feed and receive 20 point...
See 1 comment
reviewer1577907 - PeerSpot reviewer
Manager at PeerSpot
Feb 4, 2022
Thank you, these community Spotlights are very handy!
Moderator
Basheer Ahmed Khan - PeerSpot reviewer
VP - Operations at Theta432
Real User
ExpertModerator
Related Articles
EB
Director of Community at PeerSpot (formerly IT Central Station)
Aug 17, 2022
Community Spotlight #20
Hi dear community members, In this edition of PeerSpot's Community Spotlight, you can find out w...
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at a tech services company with 201-500 employees
Aug 9, 2022
8 Questions to Ask While Selecting an Endpoint Security Solution for Your Business
If you’re weighing your options for endpoint security solutions, there are many options out there...
Download Free Report
Download our free Microsoft Defender for Endpoint Report and get advice and tips from experienced pros sharing their opinions. Updated: May 2023.
DOWNLOAD NOW
708,830 professionals have used our research since 2012.