Cybereason
Cybereason
Cybereason detects and responds to threats by analyzing endpoint activity and correlating data across devices. It uses behavioral analytics to identify suspicious patterns and supports automated remediation workflows.
Cybereason detects and responds to threats by analyzing endpoint activity and correlating data across devices. It uses behavioral analytics to identify suspicious patterns and supports automated remediation workflows.
Cost considerations
Functionality
Compatibility
User experience
Customer support
Why these ratings?
Cyberse perspective
Solution details
Integrations
Security automation
Cloud ecosystem partners
Amazon Web Services
Microsoft Azure Cloud
Google Cloud Platform
Deployment
Cloud-native
Cloud-hosted
Key features
Platform solution
Market segment
Enterprise
Target industry
Technology
Public sector
Industrials
Healthcare
Retail
Manufacturing
Financial services
Services support
In-house services
Managed services
Product features
Behavioral-based detection
Subcategory
Endpoint Detection & Response
Endpoint Protection Platform
Pricing
Free trial available
We use the following criteria to evaluate this product:
Cost considerations
Cybereason uses a mid-tier per-endpoint subscription that bundles AV and EDR while charging separate fees for XDR and managed detection options. Costs sit between budget tools and top-priced leaders, giving decent value for midsize budgets but not a clear bargain. Buyers see few surprise charges, yet the paid add-ons dilute overall cost efficiency.
Cost considerations
Cybereason uses a mid-tier per-endpoint subscription that bundles AV and EDR while charging separate fees for XDR and managed detection options. Costs sit between budget tools and top-priced leaders, giving decent value for midsize budgets but not a clear bargain. Buyers see few surprise charges, yet the paid add-ons dilute overall cost efficiency.
Functionality
Cybereason uses AI to stop attacks in real time and trigger automatic containment actions. Endpoint Controls add policy-based device and personal firewall management. A joint solution with Google Cloud brings cloud-scale correlations for SaaS XDR visibility.
Functionality
Cybereason uses AI to stop attacks in real time and trigger automatic containment actions. Endpoint Controls add policy-based device and personal firewall management. A joint solution with Google Cloud brings cloud-scale correlations for SaaS XDR visibility.
Compatibility
Cybereason installs on Windows, macOS and Linux endpoints and offers a separate mobile app for Android and iOS. Cybereason streams alerts to common SIEMs like Splunk and QRadar through documented APIs, preserving existing workflows. Coverage for legacy or niche operating systems is limited, so compatibility is high but not universal.
Compatibility
Cybereason installs on Windows, macOS and Linux endpoints and offers a separate mobile app for Android and iOS. Cybereason streams alerts to common SIEMs like Splunk and QRadar through documented APIs, preserving existing workflows. Coverage for legacy or niche operating systems is limited, so compatibility is high but not universal.
User experience
The cloud console lays out each malicious operation in a clear timeline, so analysts see the full story at a glance. Containment and rollback buttons sit next to every alert, letting staff stop an attack in one click. New users typically become productive after a short onboarding, which is quicker than with most competing endpoint tools.
User experience
The cloud console lays out each malicious operation in a clear timeline, so analysts see the full story at a glance. Containment and rollback buttons sit next to every alert, letting staff stop an attack in one click. New users typically become productive after a short onboarding, which is quicker than with most competing endpoint tools.
Customer support
Cybereason provides round-the-clock phone and chat access and can pull in its internal incident-response team, yet full 24 × 7 coverage is limited to MDR customers. Support interactions are described as prompt and knowledgeable, backed by an up-to-date knowledge base. Threat-intel updates come multiple times a week rather than daily, so the service sits a step below the highest tier.
Customer support
Cybereason provides round-the-clock phone and chat access and can pull in its internal incident-response team, yet full 24 × 7 coverage is limited to MDR customers. Support interactions are described as prompt and knowledgeable, backed by an up-to-date knowledge base. Threat-intel updates come multiple times a week rather than daily, so the service sits a step below the highest tier.