Endpoint Detection and Response (EDR) Solutions Reviews and Ratings

We use Sentinel One for Endpoint Detection and Response (EDR). It satisfies all of our Key Performance Indicators for our EDR needs to detect security incidents, containment of incidents at the endpoint, help us investigate security incidents, and provide us with steps for remediation after blocking malicious activity or after having detected suspicious behavior.

The Overall Experience of CrowdStrike is very good, it is a good cybersecurity platform which helps your computer to protect itself from malware and Cyber attacks by Monitoring and Responding to Threats. One great thing about Falcon CrowdStrike is that it works offline or online and will analyze files as they try to run on a computer even when you are offline. CrowdStrike has different tools to give EDR security just like you have to install Sensor agent then it will give the Security on the server premises also it gives Security.

Seamless integration and implementation to our existing CP products and experience. By talking with our TAM, we were able to find and identify gaps in our environment where a managed solution such as Harmony Endpoint to fill. Since then, we feel very confident with our usage of Harmony Endpoint and the feel more comfortable with our security posture.

I have used Trend Micro XDR as a Security Analyst at Bestseller during the PoC and afterwards to monitor endpoint traffic. It is a great system and has that flexibility aspect where you can integrate more and more data streams, so it helps to get that total overview of your company's traffic. Their support is nice and I highly recommend trying this product.

Defender for endpoint catches some flack for not always being on the cutting/bleeding edge of EDR's or antivirus solutions. However, it has proven to be more than sufficient for our needs.

Cortex XDR is an example of next generation advanced endpoint protection, detection and response solution. It comes as a single agent and unified console unifies key functions including NGAV, EDR, XDR, UEBA, Forensic, Identity Analytics, Threat hunting, Vulnerability Assessment and visibility. It collects a very rich amount of telemetry from endpoints to create the best ever endpoint detection and response story for admins.

The ThreatDown Endpoint Detection and Response product has exceeded my expectations.

I very much enjoy the user interface of the program. I like how it detects virus's and notifies us via email. You can log into the console and check the notification and see if its been cleared already which most of the time it has or see what device the virus was detected on and remedy it.

I like the product because it blocks all viruses and I am using the console report to show my clients how to improve their security.

Deploying CB EDR is a complex process that requires careful planning, especially with the setting of the RHEL server. Once done correctly, sensor deployment is straightforward.

Symantec ATP is easy to set-up and use. The GUI is clear and fast. Updates can be done with one click. Has a lot of options to remediate threats from various sources. You can remediate complex attacks with one click of a button and delete malicious files on all endpoints. Which is helpfull in case of a e-mail or virus is found and you are afraid it spread to the whole IT infrastructure. You can block websites, ip-adresses, hashes, e-mails and domains. ATP is stable and fast. We have not seen any problems after 2 years of use.

The overall experience is truly exceptional as the product is very user friendly and gives a detailed information from overall perspective be it related to system info or security status, incase its vulnerable, it will mitigate and ensure the environment is secured.

Carbon Black overall experience has been great. The ease of deployment was one of the the reasons we are highly satisfied with this product.

We are using the Sophos Intercept X advanced with EDR application to protect our Data center and high capacity endpoints. Its platform independent approach allows us to use the product with all flavours of Operating systems like WIndows Server OS, Ubuntu / Cent OS/ Macbook and Debian, Team is able to manage all systems and services from single platform Sophos central and able to retrive all kinds of reports, alerts and incident summary. This product agent is single click & easy to install and does not take much system resources which help our endpoint to use resources with other components. The base configured policies and processes are designed as per global customer need and morethan 90% are work in our environment with changes. Agent deployment is easy and integrates with other available tools as well. EDR logs are in easy format and even L1-L2 engineers can read them without much external help.

Cynet has not only improved our overall security but also streamlined our operations, allowing us to focus on proactive threat management. i highly reccomend Cynet to any organization looking to bolster their cybersecurity with a reliable solution

We switched to Cisco Secure Endpoint because we need EDR and more the ability to isolate a machine in the event of an attack

Absolute is the best in Endpoint security and visibility. It gives you a 365 overview of your endpoints in the IT estate.

Just like their PROTECT platform, Cylance OPTICS is another great tool to help keep our environment secure. In my opinion, what sets Cylance apart is their fantastic customer service. We have quarterly working sessions w/ our Guard team where they will address any questions or concerns we may have.

Sales engineering made it very simple for us to deploy and evaluate.

We have been using ESET Inspect since the first version was released in summer 2018. We did the initial implementation together with ESET. In the first few weeks there was a huge amount of false positives. Thats because ESET Inspect comes with a predefined ruleset. In some scenarios regular operations or applications has triggered a specific rule. For example, if a known self programmed application which wasn't signed was executed, an event was triggered. For this type of applications we had to create some exclusions or customize the triggered rule. However, it's necessary to create exclusions not only during implementation but also during normal operation, because IT-infrastructures change frequently, e.g. due to new application versions or maintenaince like replacement of servers, etc.. such things can cause new alarms. One must allways consider whether an alarm is a real incident or its a false postive and a exclusion should be created. By the way, the rules are written in YARA. You're able to create your own specific rules fitting to your environment. ESET Inspect is managed vis a web based management console, which provides a nice overview about the whole infrastructure. There is a very huge amount of information about specific computers, events, applications and scripts. In combination with ESET PROTECT it provides a high level of details, not only regarding security but also inventory information for example. To further increase our security level, we decided to extend ESET Inspect with ESET Managed Detection and Response Service in 2021. That means that ESET experts are always checking our infrastructure, analyze alarms, create exclusions and give us information about recent alarms, malware campaigns, best practices and version updates.