# Best Endpoint Detection & Response (EDR) Software Solutions - Page 3 *By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)* Endpoint detection and response (EDR) software is the newest member of the endpoint security family. EDR tools combine elements of both [endpoint antivirus](https://www.g2.com/categories/endpoint-antivirus) and [endpoint management](https://www.g2.com/categories/endpoint-management) solutions to detect, investigate, and remove any malicious software that penetrates a network’s devices. EDR solutions give greater visibility of a system’s overall health including each specific device’s state. Companies use these tools to mitigate endpoint penetrations quickly and prevent data loss, theft, or system failures. They are typically used as a complement to larger security systems such as [security information and event management (SIEM)](https://www.g2.com/categories/security-information-and-event-management-siem), [vulnerability management](https://www.g2.com/categories/vulnerability-management), and [incident response](https://www.g2.com/categories/incident-response) tools. The [best EDR software solutions](https://learn.g2.com/best-edr-software) record and store system behaviors, employing various data analytics techniques to identify suspicious activities. They also provide contextual information, block malicious actions, and offer remediation suggestions to restore affected systems. To qualify for inclusion in the Endpoint Detection and Response (EDR) category, a product must: - Alert administrators when devices have been compromised - Search data and systems for the presence of malware - Possess analytics and anomaly detection features - Possess malware removal features ## How Many Endpoint Detection & Response (EDR) Software Products Does G2 Track? **Total Products under this Category:** 123 ### Category Stats (May 2026) - **Average Rating**: 4.43/5 (↓0.01 vs Apr 2026) - **New Reviews This Quarter**: 141 - **Buyer Segments**: Mid-Market 42% │ Small-Business 41% │ Enterprise 18% - **Top Trending Product**: SentinelOne Purple AI (+0.25) *Last updated: May 18, 2026* ## How Does G2 Rank Endpoint Detection & Response (EDR) Software Products? **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 12,200+ Authentic Reviews - 123+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. ## Which Endpoint Detection & Response (EDR) Software Is Best for Your Use Case? - **Leader:** [Sophos Endpoint](https://www.g2.com/products/sophos-endpoint/reviews) - **Highest Performer:** [Guardz](https://www.g2.com/products/guardz/reviews) - **Easiest to Use:** [Huntress Managed EDR](https://www.g2.com/products/huntress-managed-edr/reviews) - **Top Trending:** [Guardz](https://www.g2.com/products/guardz/reviews) - **Best Free Software:** [Huntress Managed EDR](https://www.g2.com/products/huntress-managed-edr/reviews) --- **Sponsored** ### Deepwatch Deepwatch is the leader in Precision MDR powered by AI and humans. We amplify human expertise with AI insights to reduce the risks that matter most to your business. Unlike one-size-fits-all MDR, Deepwatch delivers protection that is comprehensive, custom, clear, and ceaseless—stopping threats before and after they emerge with tailored responses at every step. Deepwatch is tuned to each customer’s environment, trained on their priorities and the stack they’ve invested in to strengthen defenses and focus on what matters most. There are no black boxes—customers get clarity on every detection, decision, and data source, along with the name of the analyst behind it. Around-the-clock protection is delivered by security experts who act on real-time threats, powered by AI. Visit Deepwatch.com. Always Watching. Always Protecting. Deepwatch is: - Named to CRNs 2025 Security 100 List - Global INFOSEC Awards Winner 2024 - Splunk AMER Marketing Partner of the Year 2023 - CRN Tech Innovators Winner 2023 - Great Place to Work® Certified 2020-2025 - Forbes 2023-2024 Best Startup Employers - Equity Investments and Strategic Financing from Springcoast Capital Partners, Splunk Ventures and Vista Credit Partners: $180 million in 2023 - Goldman Sachs portfolio company: $53m Series B investment 2020 [Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&secure%5Bad_slot%5D=category_product_list&secure%5Bcategory_id%5D=1159&secure%5Bdisplayable_resource_id%5D=1797&secure%5Bdisplayable_resource_type%5D=Category&secure%5Bmedium%5D=sponsored&secure%5Bplacement_reason%5D=neighbor_category&secure%5Bplacement_resource_ids%5D%5B%5D=1797&secure%5Bprioritized%5D=false&secure%5Bproduct_id%5D=108062&secure%5Bresource_id%5D=1159&secure%5Bresource_type%5D=Category&secure%5Bsource_type%5D=category_page&secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fendpoint-detection-response-edr%2Fmid-market&secure%5Btoken%5D=caf94bdd52ad8694f7981180a6ee468f104e234e714062ca19b7625f1bd0f02d&secure%5Burl%5D=https%3A%2F%2Fwww.deepwatch.com%2Fplatform%2Fg2&secure%5Burl_type%5D=book_demo) --- ## What Are the Top-Rated Endpoint Detection & Response (EDR) Software Products in 2026? ### 1. [Xcitium](https://www.g2.com/products/xcitium/reviews) Endpoint security management is all about adequately securing such endpoints and thereby securing a network by blocking access attempts and such risky activities at endpoints. **Average Rating:** 4.2/5.0 **Total Reviews:** 27 **How Do G2 Users Rate Xcitium?** - **Ease of Admin:** 9.0/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.0/10) - **Quality of Support:** 8.5/10 (Category avg: 8.7/10) - **Ease of Use:** 8.2/10 (Category avg: 8.7/10) **Who Is the Company Behind Xcitium?** - **Seller:** [Xcitium](https://www.g2.com/sellers/xcitium) - **Year Founded:** 2018 - **HQ Location:** Clifton, NJ - **LinkedIn® Page:** https://www.linkedin.com/company/163167/ (677 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 41% Mid-Market, 33% Small-Business #### What Are Xcitium's Pros and Cons? **Pros:** - Affordable (1 reviews) - Affordable Pricing (1 reviews) - Customer Support (1 reviews) - Easy Implementation (1 reviews) - Features (1 reviews) **Cons:** - Billing Issues (1 reviews) - Communication Issues (1 reviews) - Complexity (1 reviews) - Expensive (1 reviews) - Insufficient Training (1 reviews) ### 2. [Elastic Security](https://www.g2.com/products/elastic-elastic-security/reviews) Modernize your SOC with AI Security is a data problem. Your team needs to detect, investigate, and respond to threats quickly. Elastic Security unifies next-gen SIEM and XDR with native automation, with AI built into every step. Built on Elasticsearch, the open-source search platform trusted by millions, Elastic provides complete visibility across your environment. Our data mesh architecture streamlines analysis to raise team productivity and reduce attacker dwell time. Bolster your defenses - Detect threats faster by analyzing data from across your attack surface - Stop attacks with the industry's best-rated XDR protection - Close the loop faster with Elastic Workflows, blending scripted automation with agentic AI reasoning - Get more accurate AI assistance, grounded in your data using Elasticsearch's leading relevance capabilities With Elastic Security, your SOC team can use generative AI to distill alerts, automate repetitive tasks, and get tailored guidance, all with your choice of LLM and full transparency into reasoning and sources. SOC leaders choose Elastic Security when they need a unified, open platform ready to run on any cloud, on-prem, or air-gapped. **Average Rating:** 4.5/5.0 **Total Reviews:** 23 **How Do G2 Users Rate Elastic Security?** - **Ease of Admin:** 7.7/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.0/10) - **Quality of Support:** 8.9/10 (Category avg: 8.7/10) - **Ease of Use:** 8.8/10 (Category avg: 8.7/10) **Who Is the Company Behind Elastic Security?** - **Seller:** [Elastic](https://www.g2.com/sellers/elastic) - **Company Website:** https://www.elastic.co - **Year Founded:** 2012 - **HQ Location:** San Francisco, CA - **Twitter:** @elastic (64,608 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/814025/ (4,986 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services - **Company Size:** 61% Mid-Market, 52% Small-Business #### What Are Elastic Security's Pros and Cons? **Pros:** - Integrations (7 reviews) - Ease of Use (5 reviews) - Features (5 reviews) - Easy Integrations (4 reviews) - Efficiency Improvement (3 reviews) **Cons:** - Limitations (4 reviews) - Complex Implementation (3 reviews) - Complexity (3 reviews) - Complex Setup (3 reviews) - Integration Issues (3 reviews) ### 3. [LMNTRIX](https://www.g2.com/products/lmntrix/reviews) LMNTRIX has reimagined cybersecurity, turning the tables in favor of the defenders once again. We have cut out the bloat of SIEM, log analysis and false positives resulting in alert fatigue, and we created new methods for confounding even the most advanced attackers. We believe that in a time of continuous compromise you need continuous response – not incident response. Our approach turns inward and assumes that you’re already breached and that you’re continually going to be breached, so we take a pro-active, offensive, hunting, and adversarial pursuit stance as opposed to a reactive, defensive, legacy stance with analysts staring at a SIEM console wishing they could detect an APT. LMNTRIX Active Defense is a best in class Managed Detection & Response (MDR) service that detects and responds to advanced threats that bypass perimeter controls. We combine deep expertise with cutting-edge technology, leading intelligence, and advanced analytics to detect and investigate threats with great speed, accuracy, and focus. The outcomes we deliver clients are validated breaches that are investigated, contained and remediated. All incidents are aligned to the kill chain and Mitre ATT&CK frameworks and contain detailed investigative actions and recommendations that your organisation follows to protect against the unknown, insider threat and malicious attacker. Active Defense is made up of 3 elements: LMNTRIX GRID (XDR) – This is our cyber defence SaaS platform that provides a new utility model for enterprise security, delivering pervasive visibility, automated threat detection & prevention, threat hunting, investigation, validation and unlimited forensic exploration on-demand and entirely from the cloud. It is a single investigative platform for insights into threats on enterprise, cloud, hybrid, and industrial control systems (ICS) networks. The LMNTRIX Grid delivers unique advantages over current network security solutions. It is a holistic and multi-vector platform with unlimited retention window of full-fidelity network traffic, innovative security visualizations, and the ease and cost-savings of an on-demand deployment model. LMNTRIX Technology Stack –This is our powerful proprietary threat detection stack that is deployed onsite, behind existing controls. It combines multiple threat detection systems, with deceptions everywhere, machine learning, threat intel, correlation, static file analysis, heuristics, and behavior and anomaly detection techniques to find threats in real-time. It decreases alarm fatigue by automatically determining which alerts should be elevated to security events, and reduces false positives by requiring consensus across detection. LMNTRIX Cyber Defense Centers - While these technologies are without peer, what sets us apart from the pack is our team of cybersecurity professionals who continually monitor our clients environments 24x7 while simultaneously hunting threats internally as well as monitoring developments on the deep and dark web. Our CDC's are a global network of cyber defense centers with highly trained and certified intrusion analysts who provide constant vigilance and on-demand analysis of your networks. Our intrusion analysts monitor your networks and endpoints 24x7, applying the latest intelligence and proprietary methodologies to look for signs of compromise. When a potential compromise is detected, the team performs an in- depth analysis on affected systems to confirm the breach. When data theft or lateral movement is imminent, our automated perimeter containment blocks attackers in their tracks while endpoint containment feature makes immediate reaction possible by quarantining affected hosts, whether they are on or off your corporate network, significantly reducing or eliminating the consequences of a breach. **Average Rating:** 4.9/5.0 **Total Reviews:** 10 **How Do G2 Users Rate LMNTRIX?** - **Ease of Admin:** 10.0/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.0/10) - **Quality of Support:** 9.6/10 (Category avg: 8.7/10) - **Ease of Use:** 9.6/10 (Category avg: 8.7/10) **Who Is the Company Behind LMNTRIX?** - **Seller:** [LMNTRIX](https://www.g2.com/sellers/lmntrix) - **Year Founded:** 2015 - **HQ Location:** Orange, California - **Twitter:** @lmntrixlabs (75 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/lmntrix (54 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 60% Mid-Market, 20% Enterprise ### 4. [BluSapphire XDR Platform](https://www.g2.com/products/blusapphire-xdr-platform/reviews) BluSapphire is a comprehensive cyber defense platform crafted meticulously from the ground up by BluSapphire Labs. Each aspect of our platform embodies innovation without reliance on third-party tools. We redefine cybersecurity for enterprises, offering cutting-edge solutions at unmatched value and with flexible contract options. We offer Next Gen SIEM, Hybrid XDR, MDR Services along with Secure Data Lake, revolutionizing cybersecurity and data management.Our comprehensive suite of products and services empowers your organization's cyber resilience journey. **Average Rating:** 4.6/5.0 **Total Reviews:** 15 **How Do G2 Users Rate BluSapphire XDR Platform?** - **Ease of Admin:** 8.9/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.0/10) - **Quality of Support:** 9.0/10 (Category avg: 8.7/10) - **Ease of Use:** 8.8/10 (Category avg: 8.7/10) **Who Is the Company Behind BluSapphire XDR Platform?** - **Seller:** [BluSapphire](https://www.g2.com/sellers/blusapphire) - **Year Founded:** 2017 - **HQ Location:** Hyderabad, Telegana - **LinkedIn® Page:** https://www.linkedin.com/company/blusapphire/ (95 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 47% Mid-Market, 33% Enterprise #### What Are BluSapphire XDR Platform's Pros and Cons? **Pros:** - Threat Detection (7 reviews) - Customer Support (4 reviews) - Easy Integrations (4 reviews) - Implementation Ease (3 reviews) - Incident Response (3 reviews) **Cons:** - Complex Configuration (2 reviews) - Implementation Challenges (2 reviews) - Pricing Issues (2 reviews) - Cloud Dependency (1 reviews) - Communication Issues (1 reviews) ### 5. [OpenText EnCase Endpoint Security](https://www.g2.com/products/opentext-encase-endpoint-security/reviews) EnCase Endpoint Security is the most complete threat detection and response solution—eliminating the time it takes to detect, validate, triage, investigate, and remediate known and unknown threats lurking across the enterprise, unseen by perimeter and network solutions. An organization’s security is simply not complete without endpoint visibility. **Average Rating:** 4.2/5.0 **Total Reviews:** 8 **How Do G2 Users Rate OpenText EnCase Endpoint Security?** - **Ease of Admin:** 3.3/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 6.7/10 (Category avg: 9.0/10) - **Quality of Support:** 7.6/10 (Category avg: 8.7/10) - **Ease of Use:** 7.9/10 (Category avg: 8.7/10) **Who Is the Company Behind OpenText EnCase Endpoint Security?** - **Seller:** [OpenText](https://www.g2.com/sellers/opentext) - **Year Founded:** 1991 - **HQ Location:** Waterloo, ON - **Twitter:** @OpenText (21,564 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2709/ (23,339 employees on LinkedIn®) - **Ownership:** NASDAQ:OTEX **Who Uses This Product?** - **Company Size:** 38% Enterprise, 38% Small-Business ### 6. [Zip Security](https://www.g2.com/products/zip-security/reviews) Zip enables companies to manage all of their security tools in one easy-to-use platform. We’ve built automated workflows to simplify tasks while increasing security posture visibility. Our opinionated software and white-glove customer support ensures companies have comprehensive coverage. Because we’re a software company at heart, our customers pay a fraction of what they would for similar coverage from an MSP. **Average Rating:** 4.9/5.0 **Total Reviews:** 11 **How Do G2 Users Rate Zip Security?** - **Ease of Admin:** 9.2/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.0/10) - **Quality of Support:** 9.6/10 (Category avg: 8.7/10) - **Ease of Use:** 9.4/10 (Category avg: 8.7/10) **Who Is the Company Behind Zip Security?** - **Seller:** [Zip Security](https://www.g2.com/sellers/zip-security) - **HQ Location:** New York, US - **LinkedIn® Page:** https://www.linkedin.com/company/zipsec (24 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software - **Company Size:** 55% Small-Business, 18% Mid-Market #### What Are Zip Security's Pros and Cons? **Pros:** - Features (4 reviews) - Security (4 reviews) - Asset Management (3 reviews) - Customer Support (3 reviews) - Device Management (3 reviews) **Cons:** - Poor Customer Support (2 reviews) - Cloud Integration (1 reviews) - Configuration Issues (1 reviews) - Connection Issues (1 reviews) - Difficult Learning (1 reviews) ### 7. [FTK Enterprise](https://www.g2.com/products/ftk-enterprise/reviews) Today’s digital forensics teams face many challenges in a world filled with an overwhelming amount of data. From multiple office locations to massive employee pools and remote workers, AD Enterprise provides deep visibility into live data directly at the endpoint, helping you conduct faster, more targeted enterprise-wide post-breach, HR and compliance investigations in a single, robust solution. With AD Enterprise, you can respond quickly, remotely and covertly while maintaining chain of custody, and facilitate focused forensic investigations and post-breach analysis, without interruption to business operations. **Average Rating:** 4.2/5.0 **Total Reviews:** 10 **How Do G2 Users Rate FTK Enterprise?** - **Ease of Admin:** 8.3/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10) - **Quality of Support:** 8.1/10 (Category avg: 8.7/10) - **Ease of Use:** 8.1/10 (Category avg: 8.7/10) **Who Is the Company Behind FTK Enterprise?** - **Seller:** [Exterro](https://www.g2.com/sellers/exterro) - **Year Founded:** 2004 - **HQ Location:** Portland, OR - **Twitter:** @Exterro (3,568 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/135915/ (635 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 70% Enterprise, 30% Mid-Market ### 8. [Morphisec](https://www.g2.com/products/morphisec/reviews) Morphisec fortifies your organization by diminishing the blast radius of attacks, to preemptively reduce the organization’s exposure to cyber risk, pro-actively prevent advanced threats, and ensure optimal anti-ransomware defense. Powered by Automated Moving Target Defense (AMTD), this streamlined solution effortlessly integrates with your current endpoint protection array, enhancing existing protection capabilities or standing strong independently when necessary. **Average Rating:** 4.6/5.0 **Total Reviews:** 12 **How Do G2 Users Rate Morphisec?** - **Ease of Admin:** 9.7/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.0/10) - **Quality of Support:** 8.9/10 (Category avg: 8.7/10) - **Ease of Use:** 9.2/10 (Category avg: 8.7/10) **Who Is the Company Behind Morphisec?** - **Seller:** [Morphisec](https://www.g2.com/sellers/morphisec) - **Year Founded:** 2014 - **HQ Location:** Waltham, US - **Twitter:** @morphisec (2,294 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/morphisec/ (97 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services - **Company Size:** 75% Mid-Market, 17% Enterprise #### What Are Morphisec's Pros and Cons? **Pros:** - Protection (1 reviews) - Threat Detection (1 reviews) - Threat Protection (1 reviews) ### 9. [IBM Trusteer Rapport](https://www.g2.com/products/ibm-ibm-trusteer-rapport/reviews) Helps financial institutions detect and prevent malware infections and phishing attacks, maximizing protection for their customers. **Average Rating:** 3.7/5.0 **Total Reviews:** 5 **How Do G2 Users Rate IBM Trusteer Rapport?** - **Ease of Admin:** 10.0/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.0/10) - **Quality of Support:** 9.2/10 (Category avg: 8.7/10) - **Ease of Use:** 9.4/10 (Category avg: 8.7/10) **Who Is the Company Behind IBM Trusteer Rapport?** - **Seller:** [IBM](https://www.g2.com/sellers/ibm) - **Year Founded:** 1911 - **HQ Location:** Armonk, New York, United States - **Twitter:** @IBMSecurity (74,796 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1009/ (324,553 employees on LinkedIn®) - **Ownership:** SWX:IBM **Who Uses This Product?** - **Company Size:** 80% Small-Business, 20% Mid-Market ### 10. [Active Ransomware Prevention](https://www.g2.com/products/active-ransomware-prevention/reviews) In today’s rapidly evolving threat landscape, ransomware and advanced cyberattacks are becoming more stealthy and sophisticated, targeting vulnerabilities that traditional security tools often miss. Deceptive Bytes offers an innovative approach to endpoint security by turning ransomware’s own evasive tactics against itself. Through its preemptive and proactive defenses, the solution distorts ransomware perception of the environment, breaks ransomware logic and prevents attacks before they can even begin. This forward-thinking strategy not only reduces the risk of breaches but also ensures your business remains operational, resilient, and secure in the face of emerging threats - Never Let Your Business Down! Recognized as a Gartner Cool Vendor in Security Operations and Threat Intelligence. **Average Rating:** 5.0/5.0 **Total Reviews:** 4 **How Do G2 Users Rate Active Ransomware Prevention?** - **Ease of Admin:** 10.0/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.0/10) - **Quality of Support:** 10.0/10 (Category avg: 8.7/10) - **Ease of Use:** 9.6/10 (Category avg: 8.7/10) **Who Is the Company Behind Active Ransomware Prevention?** - **Seller:** [Deceptive Bytes](https://www.g2.com/sellers/deceptive-bytes) - **Year Founded:** 2016 - **HQ Location:** Holon, IL - **Twitter:** @DeceptiveBytes (241 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/deceptivebytes (6 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 50% Small-Business, 25% Enterprise #### What Are Active Ransomware Prevention's Pros and Cons? **Pros:** - Customer Support (1 reviews) - Dashboard Usability (1 reviews) - Ease of Use (1 reviews) - Experience Satisfaction (1 reviews) - Features (1 reviews) ### 11. [Proofpoint Enterprise Archive](https://www.g2.com/products/proofpoint-proofpoint-enterprise-archive/reviews) Proofpoint Enterprise Archive is a cloud-based archiving solution that simplifies legal discovery, regulatory compliance, and end-user information access without the headaches of managing an archive in-house. **Average Rating:** 4.0/5.0 **Total Reviews:** 11 **How Do G2 Users Rate Proofpoint Enterprise Archive?** - **Ease of Admin:** 8.3/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.1/10 (Category avg: 9.0/10) - **Quality of Support:** 7.3/10 (Category avg: 8.7/10) - **Ease of Use:** 8.5/10 (Category avg: 8.7/10) **Who Is the Company Behind Proofpoint Enterprise Archive?** - **Seller:** [Proofpoint](https://www.g2.com/sellers/proofpoint) - **Year Founded:** 2002 - **HQ Location:** Sunnyvale, CA - **Twitter:** @proofpoint (31,163 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/proofpoint (5,020 employees on LinkedIn®) - **Ownership:** NASDAQ: PFPT **Who Uses This Product?** - **Company Size:** 58% Enterprise, 42% Mid-Market ### 12. [Cisco XDR](https://www.g2.com/products/cisco-xdr-cisco-xdr/reviews) Cisco XDR is a cloud-based extended detection and response solution designed for security operations. Integrating with the broad Cisco security portfolio and many third-party offerings, Cisco XDR is the most comprehensive solution on the market today. With Cisco XDR, security analysts of all skill levels take advantage of correlated data from multiple sources to detect events sooner, streamline investigations, and prioritize and accelerate responses, to expose and remediate the most sophisticated threats, elevate productivity, and achieve security resilience. **Average Rating:** 4.7/5.0 **Total Reviews:** 3 **How Do G2 Users Rate Cisco XDR?** - **Ease of Admin:** 9.2/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 7.5/10 (Category avg: 9.0/10) - **Quality of Support:** 9.2/10 (Category avg: 8.7/10) - **Ease of Use:** 8.3/10 (Category avg: 8.7/10) **Who Is the Company Behind Cisco XDR?** - **Seller:** [Cisco](https://www.g2.com/sellers/cisco) - **Year Founded:** 1984 - **HQ Location:** San Jose, CA - **Twitter:** @Cisco (721,410 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/cisco/ (95,742 employees on LinkedIn®) - **Ownership:** NASDAQ:CSCO **Who Uses This Product?** - **Company Size:** 67% Enterprise, 33% Mid-Market #### What Are Cisco XDR's Pros and Cons? **Pros:** - Alert Notifications (1 reviews) - Easy Integrations (1 reviews) - Easy Management (1 reviews) - Integrations (1 reviews) - Platform Compatibility (1 reviews) **Cons:** - Complex Interface (1 reviews) - Improvements Needed (1 reviews) - Learning Curve (1 reviews) - Not User-Friendly (1 reviews) ### 13. [MetaDefender](https://www.g2.com/products/metadefender/reviews) MetaDefender Platform is an advanced threat prevention solution that lets organizations embed multi-layer file security into existing applications and security architectures, especially to protect common attack vectors like malicious file uploads, untrusted file transfers, and file-based supply chain risk. It’s designed for environments that need stronger protection against highly evasive malware, zero-day attacks, and APTs, including IT and OT/critical infrastructure use cases. MetaDefender easily integrates into your existing IT solutions and can be deployed on-premises (including air-gapped), in cloud/IaaS, or as SaaS. We offer flexible implementation options for ICAP enabled devices, containerized applications, AWS, Azure, NAS/Storage workflows and Rest API. Overview: Multi-engine malware scanning: Quickly scan files with 30+ antivirus engines and detect over 99% of known malware. Deep CDR (Content Disarm & Reconstruction): Recursively sanitize and rebuild 200+ file types to neutralize embedded threats while maintaining file usability, with extensive reconstruction and file conversion options. Proactive DLP: Remove, redact, or watermark sensitive data in files before content enters or leaves the organization; also supports AI-powered document classification. File-based Vulnerability Assessment: Identify vulnerabilities in installers, binaries, and applications before they are installed/executed and reduce exposure to known software flaws. Threat intelligence-driven detection: Identify malicious domains and IPs embedded in documents and support near real-time blocking using curated threat intelligence. Adaptive threat analysis (sandboxing): Detonate and analyze suspicious files in a controlled environment and improve zero-day detection. SBOM & software supply chain visibility: Generate SBOMs and identify vulnerabilities in source code and containers. Reputation Engine: Use file hash reputation (known good/known bad/unknown) and advanced analysis to remediate false positives faster. Visibility, reporting, and policy control: Gain operational visibility, use automated reports for remediation, and configure workflow/analysis rules based on user, business priority, file source, and file type. Free Training - OPSWAT Academy: https://www.opswat.com/academy **Average Rating:** 4.4/5.0 **Total Reviews:** 15 **How Do G2 Users Rate MetaDefender?** - **Ease of Admin:** 8.8/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.0/10) - **Quality of Support:** 8.8/10 (Category avg: 8.7/10) - **Ease of Use:** 9.0/10 (Category avg: 8.7/10) **Who Is the Company Behind MetaDefender?** - **Seller:** [OPSWAT](https://www.g2.com/sellers/opswat) - **Company Website:** https://www.opswat.com - **Year Founded:** 2002 - **HQ Location:** Tampa, Florida - **Twitter:** @OPSWAT (7,252 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/opswat/ (1,124 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 40% Mid-Market, 40% Small-Business #### What Are MetaDefender's Pros and Cons? **Pros:** - Ease of Use (12 reviews) - Security (11 reviews) - Protection (10 reviews) - Scanning Efficiency (10 reviews) - Scanning (9 reviews) **Cons:** - Complex Configuration (3 reviews) - Difficult Setup (3 reviews) - Excessive Blocking (3 reviews) - Overblocking (3 reviews) - Policy Management (3 reviews) ### 14. [TXHunter](https://www.g2.com/products/txhunter/reviews) TXHunter is one of the most advanced XDR/EDR solution for endpoint security protection and threat forensic investigation. It has built-in sandbox for behavior analysis, patent pending ransomware detection and data restoring technology, compliances auditing automation, APT blocking, network traffic analysis and isolation, fast incidence responding, SOC automation, AV integration, IOC query and IOD analysis, proactive threat hunting, vulnerability scanning, and remote threat mitigation. It supports Windows, Linux, and Mac. **Average Rating:** 4.6/5.0 **Total Reviews:** 4 **How Do G2 Users Rate TXHunter?** - **Ease of Admin:** 10.0/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.0/10) - **Quality of Support:** 10.0/10 (Category avg: 8.7/10) - **Ease of Use:** 10.0/10 (Category avg: 8.7/10) **Who Is the Company Behind TXHunter?** - **Seller:** [TriagingX](https://www.g2.com/sellers/triagingx) - **Year Founded:** 2016 - **HQ Location:** San Jose, US - **Twitter:** @triagingx (20 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/18205611 (8 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 40% Small-Business, 20% Mid-Market ### 15. [CySight](https://www.g2.com/products/cysight/reviews) CySight’s revolutionary Actionable Intelligence, trusted by Fortune 500 globally, enables organizations with the most cost-effective and secure way to tackle the increasing density, complexity, and expanse of modern physical and cloud networking. Deploying cyber network intelligence, CySight empowers network and security teams to substantially accelerate incident response by eliminating blindspots, analyzing network telemetry to discover anomalies, uncover cyber-threats, and quantifying asset usage and performance. CySight's Dropless Collection method enables unsurpassed visibility of network big-data which is retained in the smallest footprint, accelerating machine learning, artificial intelligence and automation to fully utilize all metadata no matter the amount, size, or type. **Average Rating:** 4.3/5.0 **Total Reviews:** 2 **How Do G2 Users Rate CySight?** - **Quality of Support:** 6.7/10 (Category avg: 8.7/10) - **Ease of Use:** 10.0/10 (Category avg: 8.7/10) **Who Is the Company Behind CySight?** - **Seller:** [NetFlow Auditor](https://www.g2.com/sellers/netflow-auditor) - **Year Founded:** 2023 - **HQ Location:** Raanana, IL - **LinkedIn® Page:** http://www.linkedin.com/company/385874 (6 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 100% Mid-Market #### What Are CySight's Pros and Cons? **Pros:** - Analysis (1 reviews) - Comprehensive Monitoring (1 reviews) - Detailed Analysis (1 reviews) - Monitoring (1 reviews) - Reliability (1 reviews) **Cons:** - Alerting Issues (1 reviews) - Alert Issues (1 reviews) - Configuration Issues (1 reviews) - Connection Issues (1 reviews) - Inadequate Reporting (1 reviews) ### 16. [Deep Instinct Data Security X](https://www.g2.com/products/deep-instinct-data-security-x/reviews) Deep Instinct is the only preemptive data security solution that PREVENTS \>99% of UNKNOWN and ZERO-DAY threats, including ransomware and AI generated malware before they breach your environment, while providing world-class malware explainability with DIANNA, the DSX Companion. Leveraging the world's only deep learning framework trained for cybersecurity, we prevent threats in \<20ms, faster than even the most advanced malware can encrypt. Our streamlined model scales to the needs of the enterprise without introducing operational bottlenecks or vulnerabilities while our lightning-quick scan speeds enable greater throughput than legacy tools can provide. We do it all while maintaining the industry’s lowest false positive rate of \<0.1%. After a threat is detected and quarantined, DIANNA, the DSX Companion provides insights and explainability about unknown and zero-day threats in human language to your security teams, augmenting their capabilities and accelerating the investigation and remediation process. DIANNA's unique capabilities save security teams time and money while helping to close vulnerabilities faster and more effectively. Deep Instinct Data Security X (DSX) combines industry-leading static analysis based on the only deep learning framework dedicated to cybersecurity and includes several deployments: \* DSX for Applications is a flexible, containerized and highly scalable solution, deployed via API or ICAP, to scan millions of files per day and prevent malicious files from entering storage environments. \* DSX for NAS is purpose built for NAS solutions. It scans files at rest or in motion and prevents malicious files from entering your storage. Additionally, the speed of the DSX Brain allows full storage scans, identifying any malicious files that may be waiting to deploy. \*DSX for Cloud is purpose built for Cloud storage solutions. It is natively integrated with cloud storage providers to prevent threats before they infiltrate your cloud storage. **Average Rating:** 4.3/5.0 **Total Reviews:** 2 **How Do G2 Users Rate Deep Instinct Data Security X?** - **Ease of Admin:** 10.0/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.0/10) - **Quality of Support:** 9.2/10 (Category avg: 8.7/10) - **Ease of Use:** 9.2/10 (Category avg: 8.7/10) **Who Is the Company Behind Deep Instinct Data Security X?** - **Seller:** [Deep Instinct](https://www.g2.com/sellers/deep-instinct) - **Year Founded:** 2015 - **HQ Location:** New York, New York, United States - **Twitter:** @DeepInstinctSec (8,751 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/deep-instinct (210 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 100% Mid-Market ### 17. [Dell Security](https://www.g2.com/products/dell-security/reviews) Customer-inspired, future-ready technology goes into every PowerEdge server, offering exceptional performance for small-business offices to enterprise hyperscale environments. **Average Rating:** 4.3/5.0 **Total Reviews:** 2 **How Do G2 Users Rate Dell Security?** - **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.0/10) - **Quality of Support:** 8.3/10 (Category avg: 8.7/10) **Who Is the Company Behind Dell Security?** - **Seller:** [Dell Technologies](https://www.g2.com/sellers/dell-technologies-decced23-0884-427d-88d4-718c9d1d4ea6) - **Year Founded:** 1984 - **HQ Location:** Round Rock, TX - **Twitter:** @Dell (798,205 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/delltechnologies/ (123,563 employees on LinkedIn®) - **Ownership:** NYSE: DELL ### 18. [G Data Endpoint Protection](https://www.g2.com/products/g-data-endpoint-protection/reviews) G Data Endpoint Protection helps protect clients directly from threats and exploiting vulnerabilities, including proactive protection against malware, including an effective client firewall and efficient patch management to prevent vulnerabilities in installed programs from becoming an attacker's gateway. **Average Rating:** 3.5/5.0 **Total Reviews:** 2 **How Do G2 Users Rate G Data Endpoint Protection?** - **Ease of Admin:** 6.7/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 6.7/10 (Category avg: 9.0/10) - **Quality of Support:** 6.7/10 (Category avg: 8.7/10) - **Ease of Use:** 6.7/10 (Category avg: 8.7/10) **Who Is the Company Behind G Data Endpoint Protection?** - **Seller:** [G Data Software](https://www.g2.com/sellers/g-data-software) - **Year Founded:** 1985 - **HQ Location:** Bochum, DE - **Twitter:** @GDataSoftwareAG (14 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/g-data-cyberdefense/ (393 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 50% Mid-Market, 50% Small-Business #### What Are G Data Endpoint Protection's Pros and Cons? **Pros:** - Centralized Management (1 reviews) - Incident Response (1 reviews) - Protection (1 reviews) - Threat Detection (1 reviews) **Cons:** - Not User-Friendly (1 reviews) - System Instability (1 reviews) ### 19. [Gradient Cyber](https://www.g2.com/products/gradient-cyber/reviews) ​Gradient Cyber’s Managed Extended Detection and Response (MXDR) service offers mid-market organizations comprehensive, 24/7/365 protection across their entire IT environment, including networks, endpoints, cloud infrastructures, Software as a Service (SaaS) applications, and business process applications. By integrating advanced AI/ML-driven analytics with human expertise through our proprietary XDR platform, Quorum™, we ensure rapid detection and neutralization of threats before they can impact operations. ​ Key Features of Gradient Cyber's MXDR Service: - Comprehensive Coverage: Our MXDR solution provides unified detection and response across all critical components of your IT ecosystem, ensuring no blind spots for attackers to exploit. ​ - Proactive Threat Detection: Utilizing a combination of automated tools and human analysis, we identify and mitigate threats in near real-time, significantly reducing the risk of breaches. ​ - Expert-Led Response: With a 10:1 client-to-analyst ratio, our dedicated team of security professionals offers personalized service, acting as an extension of your in-house team to swiftly address and remediate threats. ​ - High Accuracy: Our approach achieves a 99% false positive elimination rate, allowing your IT staff to focus on genuine threats without the distraction of unnecessary alerts. ​ - Scalability Across Industries: Serving clients in over 35 verticals, our MXDR service is tailored to meet the unique security challenges of various industries, ensuring relevant and effective protection. ​ - Robust Infrastructure: Operating from four in-house Security Operations Centers (SOCs) worldwide, we provide continuous monitoring and rapid response capabilities, ensuring global coverage and resilience. ​ - Integrated Compliance Tracking: Our service includes compliance tracking and detailed Situation Reports (SitReps), offering transparency and aiding in regulatory adherence. ​ By choosing Gradient Cyber’s MXDR service, organizations benefit from a seamless blend of technology and human expertise, transforming their cybersecurity posture from reactive to proactive. **Average Rating:** 4.8/5.0 **Total Reviews:** 4 **How Do G2 Users Rate Gradient Cyber?** - **Ease of Admin:** 10.0/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.0/10) - **Quality of Support:** 10.0/10 (Category avg: 8.7/10) - **Ease of Use:** 9.2/10 (Category avg: 8.7/10) **Who Is the Company Behind Gradient Cyber?** - **Seller:** [Gradient Cyber](https://www.g2.com/sellers/gradient-cyber) - **Year Founded:** 2017 - **HQ Location:** Southlake, US - **Twitter:** @GradientCyber (126 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/gradientcyber/ (52 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 50% Small-Business, 25% Mid-Market #### What Are Gradient Cyber's Pros and Cons? **Pros:** - Automation (1 reviews) - Continuous Monitoring (1 reviews) - Customer Support (1 reviews) - Customization (1 reviews) - Dashboard Customization (1 reviews) ### 20. [SentinelOne Purple AI](https://www.g2.com/products/sentinelone-purple-ai/reviews) SentinelOne Purple AI is an advanced AI cybersecurity analyst designed to enhance security operations by automating and accelerating threat detection, investigation, and response. By integrating generative AI, Purple AI empowers security teams to manage complex threats more efficiently, reducing response times and improving overall security posture. Key Features and Functionality: - Automated Threat Detection: Utilizes AI-driven analysis to identify and assess potential security threats in real-time. - Accelerated Incident Investigation: Streamlines the investigation process by providing comprehensive insights and context for detected threats. - Enhanced Response Capabilities: Facilitates rapid and informed decision-making to mitigate risks effectively. - Integration with SentinelOne Platform: Seamlessly works within the SentinelOne ecosystem, ensuring cohesive security management. Primary Value and User Benefits: Purple AI addresses the challenges of modern cybersecurity by automating routine tasks, allowing security teams to focus on strategic initiatives. It reduces the time and effort required for threat detection and response, thereby minimizing potential damage from cyber incidents. By leveraging generative AI, Purple AI enhances the efficiency and effectiveness of security operations, providing organizations with a robust defense against evolving cyber threats. **Average Rating:** 4.8/5.0 **Total Reviews:** 2 **How Do G2 Users Rate SentinelOne Purple AI?** - **Quality of Support:** 9.2/10 (Category avg: 8.7/10) - **Ease of Use:** 8.3/10 (Category avg: 8.7/10) **Who Is the Company Behind SentinelOne Purple AI?** - **Seller:** [SentinelOne](https://www.g2.com/sellers/sentinelone) - **Year Founded:** 2013 - **HQ Location:** Mountain View, CA - **Twitter:** @SentinelOne (57,822 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2886771/ (3,197 employees on LinkedIn®) - **Ownership:** NASDAQ: S **Who Uses This Product?** - **Company Size:** 50% Enterprise, 50% Small-Business ### 21. [AhnLab EDR](https://www.g2.com/products/ahnlab-edr/reviews) AhnLab EDR delivers robust threat detection, investigation, response, and hunting at the endpoint level to help users stay on top of advanced cyber threats. Why AhnLab EDR • Detection and Analysis with Precision AhnLab EDR, powered by our EDR-dedicated proprietary engine, fuels users to achieve a greater understanding of full attack stories by delivering laser-accurate detection and graphical visualization of the result. It enables us to fully deconstruct malicious operations and provide contextualized response measures. • Expert-led Analytics and Response Our managed detection and response (MDR) complements AhnLab EDR by offering full coverage of expert-led threat investigation and response. It accelerates users to streamline the entire detection & response process and make context-aware security decisions with confidence. • Dedicated Console for Proactive Security AhnLab EDR Analyzer, the dedicated console of AhnLab EDR, empowers users to perform instant detection, in-depth analysis, and powerful response to active and potential cyber threats. It underpins users to take a proactive security approach without laboriously chasing alerts. Key Features • State-of-the-Art Visualization AhnLab EDR intuitively visualizes the full picture of cyber threats, including types, paths, behaviors, correlations, severities, and further details aligned with MITRE ATT&CK Framework via diagram, timeline, and other graphics to ensure users stay context-aware and response-ready. • Behavioral Analytics AhnLab EDR cross-examines behaviors across endpoint vectors and provides extensive information on the type, severity, and detail of each behavior with mapping to the standardized MITRE ATT&CK knowledge base. • User-defined Behavior Rule Sets AhnLab EDR lets users deploy pre-defined static and dynamic rules on endpoint behaviors to sharpen threat detection and automate the response process. It plays a pivotal role in preventing adversaries from slipping through the cracks with nuanced techniques. • Proactive Threat Response AhnLab EDR offers optimal response features spanning artifact and file aggregation, network quarantine, rollback, process killing, and more to help users achieve successful threat response with a proactive approach. • Seamless Integration AhnLab EDR amplifies its threat detection and response capabilities by seamlessly integrating with diverse security controls of our endpoint protection platform (AhnLab EPP), threat intelligence platform (AhnLab TIP), and sandbox solution (AhnLab MDS). **Average Rating:** 3.5/5.0 **Total Reviews:** 1 **How Do G2 Users Rate AhnLab EDR?** - **Quality of Support:** 6.7/10 (Category avg: 8.7/10) - **Ease of Use:** 6.7/10 (Category avg: 8.7/10) **Who Is the Company Behind AhnLab EDR?** - **Seller:** [AhnLab](https://www.g2.com/sellers/ahnlab-7be65c0f-4030-4ddd-9d2c-8413df0f9f71) - **Year Founded:** 1995 - **HQ Location:** Seongnam-si, KR - **Twitter:** @AhnLab_SecuInfo (2,949 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/ahnlab-inc./ (639 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 100% Enterprise ### 22. [Arcadia SNOW](https://www.g2.com/products/arcadia-snow/reviews) SNOW is an endpoint detection/response solution in the form of a lightweight cross platform sensor. Operating on a host based managed system, it proactively searches through networks 24/7 to provide the ultimate protection against todays most sophisticated cyber security threats. **Average Rating:** 3.0/5.0 **Total Reviews:** 1 **How Do G2 Users Rate Arcadia SNOW?** - **Quality of Support:** 5.0/10 (Category avg: 8.7/10) - **Ease of Use:** 5.0/10 (Category avg: 8.7/10) **Who Is the Company Behind Arcadia SNOW?** - **Seller:** [Arcadia Labs](https://www.g2.com/sellers/arcadia-labs) - **Year Founded:** 2010 - **HQ Location:** Montreal, CA - **Twitter:** @ARC4DIA (1,142 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/arcadia-labs (4 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 100% Small-Business #### What Are Arcadia SNOW's Pros and Cons? **Cons:** - Learning Curve (1 reviews) ### 23. [Cylerian Unified Cybersecurity Platform](https://www.g2.com/products/cylerian-unified-cybersecurity-platform/reviews) Cylerian is the Intelligence Engineering Platform for the modern SOC, designed to bridge the gap between Security, Observability, and Operations. Traditional security operations are bogged down by fragmented tools—separate agents for EDR, SIEM, and RMM that don’t talk to each other. Cylerian solves this by providing a unified cloud-native platform that orchestrates the entire lifecycle of an incident, from detection to remediation. Built on a high-performance, AI-native architecture, Cylerian empowers security teams to: See Everything: Achieve ultimate observability with a unified data fabric that ingests logs, flows, and telemetry across endpoints, cloud, and networks. Act Instantly: Move beyond passive alerting. Cylerian’s agent provides the "hands" to fix what it finds, enabling automated patching, software deployment, and threat remediation without complex scripting. Simplify Operations: Replace costly, disjointed stacks (SIEM + EDR + RMM + SOAR) with one cohesive solution. Whether you are an MSP looking to scale efficiently or an enterprise seeking robust cyber resilience, Cylerian delivers enterprise-grade security and compliance tools (like File Integrity Monitoring and Compliance Tracking) with the ease of use of a modern SaaS platform. **Average Rating:** 5.0/5.0 **Total Reviews:** 2 **How Do G2 Users Rate Cylerian Unified Cybersecurity Platform?** - **Ease of Admin:** 7.5/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.0/10) - **Quality of Support:** 10.0/10 (Category avg: 8.7/10) - **Ease of Use:** 6.7/10 (Category avg: 8.7/10) **Who Is the Company Behind Cylerian Unified Cybersecurity Platform?** - **Seller:** [Cylerian](https://www.g2.com/sellers/cylerian) - **Year Founded:** 2018 - **HQ Location:** Jersey City, US - **LinkedIn® Page:** https://www.linkedin.com/company/cylerian/ (17 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 50% Mid-Market, 50% Small-Business #### What Are Cylerian Unified Cybersecurity Platform's Pros and Cons? **Pros:** - Integrations (1 reviews) - Remediation Automation (1 reviews) - Risk Management (1 reviews) - Vulnerability Detection (1 reviews) **Cons:** - Learning Curve (1 reviews) - Training Issues (1 reviews) ### 24. [GFI EndPointSecurity](https://www.g2.com/products/gfi-software-gfi-endpointsecurity/reviews) GFI EndPointSecurity could save your business. It gives you control of all your portable devices from one central control panel. Data theft is prevented, and harmful new software and files are blocked from your network. GFI EndPointSecurity is packed with features that protect and secure your data. Access Control allows you to grant or deny access to any known device on your network. You control which devices are blocked by class, physical port or device ID. You control access duration. Grant devices access for two hours, one week, or any time period. And Access Control can block unknown devices automatically. So your data is always fully secured. **Average Rating:** 3.5/5.0 **Total Reviews:** 1 **How Do G2 Users Rate GFI EndPointSecurity?** - **Quality of Support:** 6.7/10 (Category avg: 8.7/10) - **Ease of Use:** 5.0/10 (Category avg: 8.7/10) **Who Is the Company Behind GFI EndPointSecurity?** - **Seller:** [Aurea SMB Solutions](https://www.g2.com/sellers/aurea-smb-solutions) - **Year Founded:** 1992 - **HQ Location:** Austin, US - **Twitter:** @GFISoftware (29,654 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/gfi-software (194 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 100% Mid-Market ### 25. [Hoplon](https://www.g2.com/products/hoplon/reviews) Hoplon is a comprehensive Cyber Security SaaS platform with Agentic AI capabilities that delivers enterprise-grade security through your existing communication channels. The platform uniquely integrates with Slack, Teams, and WhatsApp, allowing clients to receive security updates and interact with their virtual security team directly within their preferred communication tools - eliminating the need to login to separate security platforms. The solution provides a complete all-in-one cybersecurity suite covering Endpoint Detection & Response (EDR), Vulnerability Management, Email Security, Browser Security, Web Assets Security (websites, web apps, APIs), Human Risk Management, and ISO27001 readiness toolkit with security policies. What sets Hoplon apart is its AI-powered virtual security analyst that feeds from the platform's comprehensive data and proactively communicates with clients through familiar messaging channels. Hoplon's plug-and-play architecture allows seamless integration with existing security vendors and tools, creating a unified security ecosystem. The platform can be fully deployed in less than 15 minutes, making enterprise-level cybersecurity accessible to organizations without dedicated security teams. By combining advanced AI automation with human-friendly communication interfaces, Hoplon effectively extends client teams with a virtual security department at a fraction of traditional security operation costs. This approach enables small and medium businesses to maintain continuous security monitoring and response capabilities while working within their existing workflows and communication preferences. **Average Rating:** 5.0/5.0 **Total Reviews:** 1 **How Do G2 Users Rate Hoplon?** - **Ease of Admin:** 10.0/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.0/10) - **Quality of Support:** 10.0/10 (Category avg: 8.7/10) - **Ease of Use:** 10.0/10 (Category avg: 8.7/10) **Who Is the Company Behind Hoplon?** - **Seller:** [Hoplon-ai](https://www.g2.com/sellers/hoplon-ai) - **Year Founded:** 2020 - **HQ Location:** London, GB - **LinkedIn® Page:** https://www.linkedin.com/company/leo-cybsec/ (16 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 100% Small-Business #### What Are Hoplon's Pros and Cons? **Pros:** - AI (1 reviews) - Alert Notifications (1 reviews) - Automation (1 reviews) - Ease of Use (1 reviews) - Protection (1 reviews) ## What Is Endpoint Detection & Response (EDR) Software? [Endpoint Protection Software](https://www.g2.com/categories/endpoint-protection) ## What Software Categories Are Similar to Endpoint Detection & Response (EDR) Software? - [Antivirus Software](https://www.g2.com/categories/antivirus) - [Endpoint Protection Platforms](https://www.g2.com/categories/endpoint-protection-platforms) - [Managed Detection and Response (MDR) Software](https://www.g2.com/categories/managed-detection-and-response-mdr) --- ## How Do You Choose the Right Endpoint Detection & Response (EDR) Software? ### What You Should Know About Endpoint Detection & Response (EDR) Software ### What is endpoint detection and response (EDR) software? EDR software is used to help companies identify and remediate threats related to network-connected endpoints. EDR solutions inform security professionals of vulnerable or infected endpoints and guide them through the remediation process. After incidents have been resolved, EDR tools help teams investigate issues and the vulnerable components that allow an endpoint to become compromised. Continuous monitoring is one of the core capabilities of endpoint detection technologies. These monitoring features provide complete and continuous visibility across a company’s network-connected endpoints. Individuals can monitor behaviors, vulnerabilities, and activity for abnormalities. When abnormalities are identified, the detection portion of EDR technology transitions to the response portion. Endpoint response begins with alerting and containment. Security professionals are alerted of threats present to their systems and isolate potentially compromised endpoints from further network access; this helps prevent one infected endpoint from becoming hundreds. Once systems are properly organized to contain malware and threat actors, security teams can work to remove malware and prevent future access from actors to endpoint devices. EDR platforms store threat data related to security incidents, improving a team's ability to defend against threats in the future by helping them identify root causes and threat actors. Additionally, zero-day exploits may be identified, and other vulnerabilities may be remediated as a result. This will help prevent third-party privilege escalation, malware injection, and unapproved endpoint control from occurring in the future. Some EDR products provide machine learning capabilities to analyze events, improve threat hunting, and reduce false positives by automating protection and remediation processes. ### Key benefits of EDR software - Monitor endpoints and detect issues or security incidents - Remediate present threats to endpoints - Investigate incidents to identify causes - Contain threats and restrict access to other endpoints or networks ### Why use endpoint detection and response solutions? Endpoints are some of the most vulnerable components of a business' network structure. One vulnerable endpoint could cause a company’s entire network, databases, and sensitive information to become exposed or stolen. EDR systems will help secure individual endpoints, detect issues as they arise, and contain threats that make their way beyond traditional security structures. Endpoint protection is even more relevant considering the growing popularity of bring-your-own-device (BYOD) policies. When employees are in complete control over downloads, applications, and updates, security must be a priority. Every day professionals are not the most security-savvy individuals and may unintentionally compromise their devices or put business information at risk. **Zero-day threats—** While traditional prevention tools such as antivirus software or firewall technology are helpful as the first line of defense, zero-day threats are bound to occur. The nature of these threats means they have yet to be discovered and, therefore, cannot be defended against. EDR solutions will help identify new threats as they arise and remediate them before damage occurs. **Visibility and control—** Continuous monitoring and endpoint visibility help defend against traditional malware and sophisticated threats. Monitoring can help identify known threats as they arise and detect minute details that indicate the presence of advanced threats. Hackers are always developing new ways to enter networks undetected through fileless malware or malicious code injection. Monitoring capabilities will improve a team’s ability to detect anomalies caused by outside actors and threats. **Analysis and deterrence —** EDR software improves a security organization’s ability to review the data associated with security events, data breaches, and network attacks. The data collected from these events can be reviewed back to the initial onset and used to identify the vulnerability or exploit used. Once identified, security teams and software developers can work collectively to resolve flaws and prevent similar attacks from occurring in the future. ### What are the common features of EDR products? **Detection—** Detection capabilities result from monitoring practices. Monitoring collects information about properly functioning systems and can be applied to identify abnormal behavior or functionality. Once identified, IT and security professionals are alerted and directed through the review and resolution processes. **Containment —** Once threats are present within an endpoint device, access must be restricted from the greater network and additional endpoints. Often referred to as quarantine features, these capabilities can help protect a network when a threat is detected. **Remediation—** As threats are discovered, they must be dealt with. EDR software allows individuals and security teams to track incidents back to their onset and identify suspicious actors or malware. **Investigation—** After incidents occur, EDR tools&nbsp;collect large amounts of data associated with the endpoint device and provide a historical record of activities. This information can be used to quickly identify the cause of an incident and prevent its reoccurrence in the future. #### Additional EDR features **Behavioral analysis—** Behavior analysis capabilities allow administrators to gain valuable insights into end-user behavior. This data can be used as a reference for monitoring features to compare against and detect anomalies. **Real-time monitoring —** Real-time and continuous monitoring capabilities allow security professionals to constantly monitor systems and detect anomalies in real time. **Threat data documentation—** Event data recording capabilities automate the collection and curation of incident data. This information can alert security teams of the performance and health of a company's endpoint-enabled devices. **Data exploration —** Data exploration features allow security teams to review data associated with security incidents. These data points can be cross-referenced and analyzed to provide insights on better protecting endpoints in the future. ### Potential issues with EDR solutions **Endpoint variety—** Endpoints come in many shapes and sizes, from laptops and servers to tablets and smartphones. A business should ensure that all types of endpoints connected to its network are compatible with a chosen EDR solution. This is especially important for businesses with a large number of BYOD devices that run different operating systems and applications. **Scalability —** Scale refers to the size and scope of your network of connected endpoints. It’s a major consideration because some EDR tools may only facilitate monitoring on a specific number of devices or limit the number of concurrent investigations or remediations. Companies with large pools of endpoints should be sure the solutions they consider can handle the number of endpoints and provide adequate monitoring for the scale of their business and projected growth. **Efficacy —** Efficacy refers to the actual functional benefit of using a software solution. Companies may be wasting their time if security teams are inundated with false positives or conflicting results. This is a key identifier in user reviews and third-party evaluations that buyers should consider when evaluating a product. **Administration and Management —** Companies adopting EDR for the first time should be sure they have sufficient staff equipped with skills relevant to using EDR software. Smaller, growing businesses may not be best suited for adopting complex security systems and may be better served using managed services until the need for security matches their ability to deliver. ### Software and services related to EDR software EDR software is one member of the endpoint protection and security family. These tools provide the remediation component of the endpoint protection process but not all of the prevention and management components in other endpoint security software. [**Endpoint protection suites**](https://www.g2crowd.com/categories/endpoint-protection-suites? __hstc=171774463.81494f0ac47c15794fea57ed705405f2.1607315526284.1610948873867.1611035647295.58&__ hssc=171774463.13.1611035647295&__hsfp=669407890) **—** Endpoint protection suites are sophisticated platforms containing capabilities across all segments of the endpoint security technology world. They include virus and malware protection as well as the administration and management of endpoint devices. [**Endpoint antivirus software**](https://www.g2.com/categories/antivirus) **—** Antivirus technologies are some of the oldest solutions for endpoint security. These tools help prevent malware, computer viruses, and other threats from compromising an endpoint device. These capabilities are present in many security technologies, but antivirus software is specifically dedicated to this kind of protection. [**Endpoint management software**](https://www.g2.com/categories/endpoint-management) **—** Endpoint management software documents, monitors, and manages endpoints connected to a network. These tools ensure that only approved devices access a company’s network and require connected devices to pass specific security requirements before gaining access. This may mean implementing software updates, security scans, or user authentication processes. [**Endpoint security services**](https://www.g2.com/categories/endpoint-security-services) **—** Endpoint security services are a form of managed security services that are often the go-to for organizations without dedicated security staff. These solution providers deliver services surrounding the entire endpoint security stack to reduce a business’s need to manage day-to-day tasks and resolve issues directly. These services will not provide the same level of customization or control but will provide a business with peace of mind until they are capable of handling security issues in-house. **Incident response software—** Incident response software is a term for general security incident management and threat remediation tools. These products are designed to facilitate incident investigation and solve them at the point of attack. These tools may provide some similar forensic analysis capabilities but often do not provide the same endpoint monitoring and control functionality.