Cybereason Defense Platform

Score10 out of 10

7 Reviews and Ratings

What is Cybereason Defense Platform?

Cybereason EDR consolidates intelligence about each attack into a Malop (malicious operation), a contextualized view of the full narrative of an attack. Each Malop organizes the relevant attack data into an easy-to-read, interactive graphical interface, providing a complete timeline, the flow of the attack in the network, and any malicious communications. Remediation actions can be automated or accomplished remotely with a click.

The Cybereason Defense Platform empowers analysts of all skill levels to dig into the details of an attack without crafting complicated queries and pivot directly from investigating a Malop to remediating affected machines. With Cybereason EDR, analysts can execute a full suite of remediation actions from machine isolation and process killing to removing persistence mechanisms, all from within a point and click interface.

Categories & Use Cases

Infection Remediation
Capability to quarantine infected endpoint and terminate malicious processes.
Category average: 8.8
Vulnerability Management
Vulnerability prioritization for fixes.
Category average: 8.3
Malware Detection
Detection and blocking of zero-day file and fileless malware.
Category average: 9

Centralized Management
Centralized management supporting multi-factor authentication, customized views, and role-based access control.
Category average: 8.5
Anti-Exploit Technology
In-memory and application layer attack blocking (e.g. ransomeware)
Category average: 8.6
Hybrid Deployment Support
Administrators should be able to choose endpoint security on-premise, cloud, or hybrid.
Category average: 8.3

Keith Barros View profile

Senior Director, Information Security in Information Technology at Seton Hall University (5001-10,000 employees employees)

Use Cases and Deployment Scope

We use Cybereason across all institution managed computers (desktops, laptops/tablets, servers and mobile devices). It is on physical, virtual and cloud instances. NGAV, Anti-ransomware, EDR and threat hunting are used. It is our primary end-point protection tool. We used Cybereason to replace traditional epp tools

Pros

EDR
Threat hunting
anti-malware
collecting telemetry

Cons

reporting

Most Important Features

ease of use
efficacy
threat hunting

Return on Investment

doesn't apply

Alternatives Considered

CrowdStrike Falcon Endpoint Protection and Microsoft Defender for Endpoint

Other Software Used

Splunk Enterprise Security (ES), Qualys VMDR, Palo Alto Panorama

Jarcy de Azevedo Junior View profile

Cyber Security Tech Lead in Information Technology at Zup Innovation (1001-5000 employees employees)

Use Cases and Deployment Scope

Cybereason is our anti-malware solution. It prevents our environment against threats and helps us to track those threats, like malware, advanced persistent threats, command and control, etc. Investigations are graphical and easy to do, saving time for our analysts. It has lots of bugs, with some false positives. Their support has space for improvement.

Pros

EDR
Forensics
Mitigation
Response

Cons

Slow support
Bugs on their interface
Log extraction

Most Important Features

EDR
Hunting
Response

Return on Investment

Helps on threat hunting
MalOps is very good
When we face a bug, it takes too much time for them to respond

Alternatives Considered

McAfee Total Protection

Other Software Used

Zscaler Internet Access, Zscaler Private Access, Tenable.io

SentinelOne Singularity

CrowdStrike Falcon

Cybereason Defense Platform

What is Cybereason Defense Platform?

Categories & Use Cases

Key Features

Top Performing Features

Infection Remediation

Vulnerability Management

Malware Detection

Areas for Improvement

Centralized Management

Anti-Exploit Technology

Hybrid Deployment Support

Reviews