# Best Endpoint Detection & Response (EDR) Software Solutions *By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)* Endpoint detection and response (EDR) software is the newest member of the endpoint security family. EDR tools combine elements of both [endpoint antivirus](https://www.g2.com/categories/endpoint-antivirus) and [endpoint management](https://www.g2.com/categories/endpoint-management) solutions to detect, investigate, and remove any malicious software that penetrates a network’s devices. EDR solutions give greater visibility of a system’s overall health including each specific device’s state. Companies use these tools to mitigate endpoint penetrations quickly and prevent data loss, theft, or system failures. They are typically used as a complement to larger security systems such as [security information and event management (SIEM)](https://www.g2.com/categories/security-information-and-event-management-siem), [vulnerability management](https://www.g2.com/categories/vulnerability-management), and [incident response](https://www.g2.com/categories/incident-response) tools. The [best EDR software solutions](https://learn.g2.com/best-edr-software) record and store system behaviors, employing various data analytics techniques to identify suspicious activities. They also provide contextual information, block malicious actions, and offer remediation suggestions to restore affected systems. To qualify for inclusion in the Endpoint Detection and Response (EDR) category, a product must: - Alert administrators when devices have been compromised - Search data and systems for the presence of malware - Possess analytics and anomaly detection features - Possess malware removal features ## Category Overview **Total Products under this Category:** 121 ## Trust & Credibility Stats **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 12,500+ Authentic Reviews - 121+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. ## Best Endpoint Detection & Response (EDR) Software At A Glance - **Leader:** [Sophos Endpoint](https://www.g2.com/products/sophos-endpoint/reviews) - **Highest Performer:** [Todyl Security Platform](https://www.g2.com/products/todyl-security-platform/reviews) - **Easiest to Use:** [Huntress Managed EDR](https://www.g2.com/products/huntress-managed-edr/reviews) - **Top Trending:** [ThreatLocker Platform](https://www.g2.com/products/threatlocker-platform/reviews) - **Best Free Software:** [Huntress Managed EDR](https://www.g2.com/products/huntress-managed-edr/reviews) --- **Sponsored** ### Corsica Technologies Corsica Technologies is a strategic technology partner for midmarket and enterprise businesses that specializes in consulting and managed services, designed to assist businesses in navigating the complexities of the digital landscape. This solution encompasses a wide array of services, including cybersecurity, IT services, artificial intelligence (AI) solutions, digital transformation, electronic data interchange (EDI), and data integration. By offering a comprehensive suite of services under one roof, Corsica Technologies aims to streamline operations and enhance the technological capabilities of its clients. The target audience for Corsica Technologies includes businesses of all sizes and across various sectors that are seeking to improve their IT infrastructure and security posture. Organizations looking to optimize their technology utilization and protect their systems from emerging threats can benefit significantly from Corsica's offerings. The company provides both fully managed and co-managed service options, allowing clients to choose the level of support that best fits their operational needs. This flexibility is particularly valuable for companies that may not have extensive in-house IT resources or expertise. Key features of Corsica Technologies include its integrated team of experts, which is backed by over 300 industry certifications. This level of expertise ensures that clients receive informed guidance and support tailored to their specific challenges. Additionally, Corsica manages over 20,000 systems, demonstrating its capability to handle diverse technological environments. The company's emphasis on cybersecurity is particularly noteworthy, as it provides businesses with the necessary tools and strategies to safeguard their data and systems against cyber threats. Another significant benefit of partnering with Corsica Technologies is the predictable monthly pricing model. This approach allows businesses to budget effectively for their IT needs without the uncertainty of fluctuating costs. By offering unlimited service consumption, Corsica ensures that clients can access the support they require without worrying about additional fees. This model not only enhances cost efficiency but also fosters a collaborative relationship between Corsica and its clients, as both parties work together to achieve optimal technology utilization. Overall, Corsica Technologies stands out in the managed services category by providing a holistic approach to technology management. Its combination of expertise, comprehensive service offerings, and flexible pricing structure positions it as a valuable partner for businesses aiming to thrive in an increasingly digital environment. [Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&secure%5Bad_slot%5D=category_product_list&secure%5Bcategory_id%5D=1159&secure%5Bdisplayable_resource_id%5D=1159&secure%5Bdisplayable_resource_type%5D=Category&secure%5Bmedium%5D=sponsored&secure%5Bplacement_reason%5D=page_category&secure%5Bplacement_resource_ids%5D%5B%5D=1159&secure%5Bprioritized%5D=false&secure%5Bproduct_id%5D=146933&secure%5Bresource_id%5D=1159&secure%5Bresource_type%5D=Category&secure%5Bsource_type%5D=category_page&secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fendpoint-detection-response-edr%2Fmid-market&secure%5Btoken%5D=4373c8d3dfb4e8657b098f8b80fa19c6b5ced798615ea05b01e759f788309b21&secure%5Burl%5D=https%3A%2F%2Fcorsicatech.com%2Fmsp-that-bundles-all-technology-services%2F%3Futm_source%3DG2%26utm_medium%3Dcpc%26utm_campaign%3DG2_paid_clicks&secure%5Burl_type%5D=custom_url&secure%5Bvisitor_segment%5D=180) --- ## Top-Rated Products (Ranked by G2 Score) ### 1. [Sophos Endpoint](https://www.g2.com/products/sophos-endpoint/reviews) Sophos Endpoint is the world’s most comprehensive endpoint protection solution. Built to stop the widest range of attacks, Sophos Endpoint has been proven to prevent even the most advanced ransomware and malware by leveraging a unique combination of next-generation techniques. This includes the ability to detect never-before-seen malware with deep learning, stop ransomware with Sophos anti-ransomware technology, and deny attacker tools with signatureless exploit prevention. Sophos Endpoint also includes root cause analysis to provide insight into threats, and instant malware removal to ensure no attack remnants remain. **Average Rating:** 4.7/5.0 **Total Reviews:** 782 **User Satisfaction Scores:** - **Ease of Admin:** 9.3/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.0/10) - **Quality of Support:** 9.0/10 (Category avg: 8.7/10) - **Ease of Use:** 9.3/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Sophos](https://www.g2.com/sellers/sophos) - **Company Website:** https://www.sophos.com/ - **Year Founded:** 1985 - **HQ Location:** Oxfordshire - **Twitter:** @Sophos (36,757 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/5053/ (5,561 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** IT Manager, System Administrator - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 59% Mid-Market, 18% Small-Business #### Pros & Cons **Pros:** - Ease of Use (191 reviews) - Protection (180 reviews) - Security (165 reviews) - Threat Detection (129 reviews) - Easy Management (124 reviews) **Cons:** - Slow Performance (73 reviews) - High Resource Usage (52 reviews) - Learning Curve (50 reviews) - Difficult Configuration (36 reviews) - High CPU Usage (34 reviews) ### 2. [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) Organizations today face a serious challenge: managing numerous security vendors and tools while confronting an ever-evolving threat landscape. Sophisticated adversaries are becoming smarter, faster, and more evasive, launching complex attacks that can strike in minutes or even seconds. Traditional security approaches struggle to keep pace, leaving businesses vulnerable. The CrowdStrike Falcon Platform addresses this by offering a unified, cloud-native solution. It consolidates previously siloed security solutions and incorporates third-party data into a single platform with one efficient and resource-conscious agent, leveraging advanced AI and real-time threat intelligence. This approach simplifies security operations, speeds analyst decision making, and enhances protection to stop the breach, allowing organizations to reduce risk with less complexity and lower costs. CrowdStrike's Falcon Platform includes: - Endpoint Security: Secure the endpoint, stop the breach - Identify Protection: Identity is the front line, defend it - Next-Gen SIEM: The future of SIEM, today - Data Protection: Real-time data protection from endpoint to cloud - Exposure Management: Understand risk to stop breaches - Charlotte AI: Powering the next evolution of the SOC **Average Rating:** 4.7/5.0 **Total Reviews:** 368 **User Satisfaction Scores:** - **Ease of Admin:** 9.0/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10) - **Quality of Support:** 8.9/10 (Category avg: 8.7/10) - **Ease of Use:** 9.0/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [CrowdStrike](https://www.g2.com/sellers/crowdstrike) - **Company Website:** https://www.crowdstrike.com - **Year Founded:** 2011 - **HQ Location:** Sunnyvale, CA - **Twitter:** @CrowdStrike (110,324 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2497653/ (11,258 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Security Analyst, Cyber Security Analyst - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 47% Enterprise, 42% Mid-Market #### Pros & Cons **Pros:** - Features (113 reviews) - Threat Detection (103 reviews) - Ease of Use (98 reviews) - Security (97 reviews) - Detection (86 reviews) **Cons:** - Expensive (54 reviews) - Complexity (39 reviews) - Learning Curve (35 reviews) - Limited Features (31 reviews) - Pricing Issues (29 reviews) ### 3. [Acronis Cyber Protect Cloud](https://www.g2.com/products/acronis-cyber-protect-cloud/reviews) Acronis delivers the world’s most complete cyber resilience platform, combining backup, disaster recovery, cybersecurity, RMM, and business operations tools into a single, natively integrated solution. Built specifically for Managed Service Providers (MSPs) and IT teams, Acronis simplifies operations with one agent, one console, and one license model. Automation, AI-driven insights, and multi-tenant management ensure that fewer technicians can manage more clients at lower cost. With predictable pricing and transparent billing, Acronis enables partners and IT teams to scale efficiently, comply with regulations, and deliver unmatched resilience. No other vendor delivers this level of integration, efficiency, and MSP alignment. Acronis Cyber Protect Cloud unites backup and next-generation, AI-based anti-malware, antivirus, and endpoint protection management in one solution. Integration and automation provide unmatched ease for service providers — reducing complexity while increasing productivity and decreasing operating costs. Acronis Cyber Protect Cloud is the single service provider solution that combines backup, anti-malware (including anti-virus, anti-ransomware, and anti-cryptojacking) and security and management capabilities such as vulnerability assessments, patch management, URL filtering and more. Now, service providers can eliminate complexity and make security a centerpiece of their offerings while increasing SLAs, decreasing churn, and generating more recurring revenue. Get upgraded security with integrated AI-based defenses that protect clients from modern threats, make smarter use of resources so your team can focus on clients, and earn new recurring revenue and higher margins that strengthen your business. Enriched with next-gen, full-stack anti-malware protection and comprehensive yet simple management tools, built on top of our industry-leading backup and data recovery solution, Acronis Cyber Protect Cloud simplifies onboarding, daily operations, and reporting, and combats advanced attacks with new use cases enabled by integration. Acronis Cyber Protect Cloud makes it easy to deliver the modern cyber protection your clients seek. Acronis is majority-owned by EQT. **Average Rating:** 4.7/5.0 **Total Reviews:** 1,260 **User Satisfaction Scores:** - **Ease of Admin:** 9.1/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.0/10) - **Quality of Support:** 8.8/10 (Category avg: 8.7/10) - **Ease of Use:** 9.1/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Acronis](https://www.g2.com/sellers/acronis) - **Company Website:** https://www.acronis.com/ - **Year Founded:** 2003 - **HQ Location:** Schaffhausen - **Twitter:** @acronis (94,770 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/13179/ (1,917 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Director, CEO - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 68% Small-Business, 28% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (217 reviews) - Backup Solutions (213 reviews) - Backup Ease (169 reviews) - Protection (159 reviews) - Security (158 reviews) **Cons:** - Slow Performance (77 reviews) - Expensive (65 reviews) - Complexity (53 reviews) - Poor Customer Support (50 reviews) - Backup Issues (41 reviews) ### 4. [Huntress Managed EDR](https://www.g2.com/products/huntress-managed-edr/reviews) At Huntress, we believe that enterprise-grade endpoint security shouldn’t just be for big security teams with the most resources. When basic defenses don't cut it, Huntress Managed EDR levels the cybersecurity playing field with a solution for ALL businesses. Our comprehensive platform combines fully-owned technology with expert oversight, including 24/7 monitoring by a team of expert hunters specializing in wrecking hackers day in and day out. Our focus is on hitting hackers when and where it matters most, so we filter out the noise of false positives and only alert you on real threats. And if hackers breach your defenses, we isolate and eliminate those threats for you with speed and precision. With Huntress, you’re not just keeping pace—you’re leveling up to world-class endpoint security. Huntress gives organizations of all sizes a top EDR solution with the ease of use security teams actually need so they can sleep at night knowing they're protected. **Average Rating:** 4.9/5.0 **Total Reviews:** 871 **User Satisfaction Scores:** - **Ease of Admin:** 9.6/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.0/10) - **Quality of Support:** 9.7/10 (Category avg: 8.7/10) - **Ease of Use:** 9.5/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Huntress Labs](https://www.g2.com/sellers/huntress-labs) - **Company Website:** https://huntress.com - **Year Founded:** 2015 - **HQ Location:** Ellicott City, US - **Twitter:** @HuntressLabs (40,117 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/10172550/ (859 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Owner, President - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 79% Small-Business, 17% Mid-Market #### Pros & Cons **Pros:** - Customer Support (158 reviews) - Ease of Use (125 reviews) - Threat Detection (92 reviews) - Protection (75 reviews) - Continuous Monitoring (70 reviews) **Cons:** - Improvements Needed (20 reviews) - Lack of Customization (17 reviews) - Poor Reporting (17 reviews) - Alert Issues (15 reviews) - Integration Issues (15 reviews) ### 5. [ESET PROTECT](https://www.g2.com/products/eset-protect/reviews) Stay one step ahead of known and emerging cyber threats with our AI-native, prevention-first approach. ESET combines the power of AI and human expertise to make protection easy and effective. Experience best-in-class protection thanks to our in-house global cyber threat intelligence, compiled and examined for over 30 years, which drives our extensive R&D network led by industry-acclaimed researchers. ESET PROTECT, our cloud-first XDR cybersecurity platform combines next-gen prevention, detection, and proactive threat hunting capabilities. ESET's highly customizable solutions include local support and have minimal impact on performance, identify and neutralize known and emerging threats before they can be executed, support business continuity, and reduce the cost of implementation and management. HOW YOUR ORGANIZATION WILL BENEFIT - Improved protection against ransomware and zero-day threats via cloud-based sandboxing technology. - Helps comply with data regulations thanks to full disk encryption capabilities on Windows and macOS. - Easily accessible ESET PROTECT console improves TCO of security management. - Single-pane-of-glass remote management for visibility of threats, users, and quarantined items. - Company endpoints and mobiles are protected via advanced multilayered technology, now with brute-force attack protection. **Average Rating:** 4.6/5.0 **Total Reviews:** 941 **User Satisfaction Scores:** - **Ease of Admin:** 8.5/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.9/10 (Category avg: 9.0/10) - **Quality of Support:** 8.9/10 (Category avg: 8.7/10) - **Ease of Use:** 9.0/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [ESET](https://www.g2.com/sellers/eset) - **Company Website:** https://www.eset.com - **Year Founded:** 1992 - **HQ Location:** Bratislava, Slovak Republic - **Twitter:** @ESET (276,367 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/28967/ (1,944 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** IT Manager, Network Administrator - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 47% Mid-Market, 46% Small-Business #### Pros & Cons **Pros:** - Ease of Use (95 reviews) - Protection (79 reviews) - Reliability (71 reviews) - Security (64 reviews) - Centralized Management (58 reviews) **Cons:** - Learning Curve (32 reviews) - Difficult Configuration (31 reviews) - Not User-Friendly (25 reviews) - Lack of Clarity (23 reviews) - Difficult Navigation (20 reviews) ### 6. [ThreatDown](https://www.g2.com/products/threatdown/reviews) ThreatDown solutions simplify endpoint security by combining Malwarebytes’ award-winning detection and remediation with quick deployment in an easy user-interface – to protect people, devices, and data in minutes. The ThreatDown product line is enriched by Malwarebytes global threat intelligence, its patented remediation engine that removes every trace of malware to prevent reinfection, and its nearly two decades of experience detecting and remediating threats. With one agent and one console, ThreatDown solutions are purpose-built to simplify cybersecurity for organizations with limited IT resources. ThreatDown solutions bundle technology with services to streamline security and provide robust protection that’s efficient and cost-effective. With a channel-first mindset across the globe, we empower our partners to help resource-constrained IT organizations. ThreatDown Solutions: ThreatDown MDR (managed detection and response) combines Malwarebytes’ renowned detection, with AI-powered engines, and around-the-clock human intervention to streamline security and allow organizations to focus on business growth. ThreatDown MDR simply and effectively closes your security resources gap, reduces your risk of unknown threats, and increases your security efficiency exponentially. ThreatDown EDR (endpoint detection and response) is enriched by Malwarebytes global threat intelligence and its patented remediation engine that removes every trace of malware to prevent reinfection. It provides protection against a range of threats, including malware, ransomware, zero-day exploits, phishing, and other threats with a suite of tools to detect, investigate and contain even the stealthiest human-operated attacks that bypass prevention layers. Seven-day ransomware rollback ensures organizations can turn the clock back on attacks and restore systems. ThreatDown Security Advisor provides customers with a security score to illustrate their current level of protection, offers guidance on how to make improvements and enables them to take immediate action. ThreatDown Bundles: ThreatDown Core is a complete malware prevention solution with vulnerability assessment and application blocking. It features our award-winning prevention technologies, visibility to assess your risk for vulnerability exploits (one of the most common attack vectors), and the blocking of malicious and unwanted applications. ThreatDown Advanced includes award-winning technologies such as endpoint detection and response, ransomware rollback, patch management, and managed threat hunting to appreciably enhance endpoint security. ThreatDown Elite is purpose-built for organizations with small (to non-existent) security teams that lack the resources to address all security alerts. Beyond the Advanced bundle, Elite includes 24x7x365 expert-managed detection and response. ThreatDown Ultimate includes the technologies and human expertise you need for comprehensive protection wrapped up and delivered as a single, hassle-free solution. Ultimate also includes easy-to-use, website content filtering (DNS Filtering). For Partners Our multi-tenant ThreatDown OneView platform enables MSPs and IT admins to streamline operations with centralized management of customer endpoints, license subscriptions, reporting, and global policies. With products and services like Endpoint Detection and Response (EDR), Managed Detection and Response (MDR) and the rest of our technologies in our portfolio, partners can offer the right product or service to each customer, tailored to their specific needs. Find out more about our partner program at https://www.threatdown.com/partner-program. **Average Rating:** 4.6/5.0 **Total Reviews:** 1,040 **User Satisfaction Scores:** - **Ease of Admin:** 9.1/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10) - **Quality of Support:** 8.8/10 (Category avg: 8.7/10) - **Ease of Use:** 9.2/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Malwarebytes](https://www.g2.com/sellers/malwarebytes) - **Company Website:** https://www.malwarebytes.com - **Year Founded:** 2008 - **HQ Location:** Santa Clara, CA - **Twitter:** @Malwarebytes (87,639 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/malwarebytes/ (613 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** IT Manager, Owner - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 48% Small-Business, 41% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (99 reviews) - Features (68 reviews) - Security (59 reviews) - Threat Detection (56 reviews) - Customer Support (54 reviews) **Cons:** - Poor Customer Support (23 reviews) - Lack of Clarity (22 reviews) - Missing Features (20 reviews) - False Positives (18 reviews) - Communication Issues (16 reviews) ### 7. [Arctic Wolf](https://www.g2.com/products/arctic-wolf/reviews) Arctic Wolf® is the market leader in security operations. Using the cloud-native Arctic Wolf® Platform, we help organizations end cyber risk by providing security operations as a concierge service. Arctic Wolf solutions include Arctic Wolf® Managed Detection and Response (MDR), Managed Risk, and Managed Security Awareness —each delivered by the industry’s original Concierge Security® Team. Highly-trained Concierge Security experts work as an extension of internal teams to provide 24x7 monitoring, detection, and response, as well as ongoing risk management to give organizations the protection, resilience and guidance they need to defend against cyber threats. Visit arcticwolf.com to get the latest industry resources and learn more about our solutions. **Average Rating:** 4.7/5.0 **Total Reviews:** 275 **User Satisfaction Scores:** - **Ease of Admin:** 9.1/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.0/10) - **Quality of Support:** 9.4/10 (Category avg: 8.7/10) - **Ease of Use:** 9.2/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Arctic Wolf Networks](https://www.g2.com/sellers/arctic-wolf-networks) - **Company Website:** https://www.arcticwolf.com - **Year Founded:** 2012 - **HQ Location:** Eden Prairie, MN - **Twitter:** @AWNetworks (4,497 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2760138/ (3,382 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** IT Manager, IT Director - **Top Industries:** Hospital & Health Care, Information Technology and Services - **Company Size:** 71% Mid-Market, 20% Enterprise #### Pros & Cons **Pros:** - Customer Support (58 reviews) - Threat Detection (47 reviews) - Cybersecurity (28 reviews) - Ease of Use (27 reviews) - Alerts (22 reviews) **Cons:** - Expensive (10 reviews) - False Positives (7 reviews) - Learning Curve (7 reviews) - Cybersecurity Risks (6 reviews) - Dashboard Issues (5 reviews) ### 8. [Check Point Harmony Endpoint](https://www.g2.com/products/check-point-harmony-endpoint/reviews) Harmony Endpoint is a complete endpoint security solution offering a fleet of advanced endpoint threat prevention capabilities so you can safely navigate today’s menacing threat landscape. It provides a comprehensive system to proactively prevent, detect, and remediate evasive malware attacks. **Average Rating:** 4.5/5.0 **Total Reviews:** 254 **User Satisfaction Scores:** - **Ease of Admin:** 8.7/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.0/10) - **Quality of Support:** 8.7/10 (Category avg: 8.7/10) - **Ease of Use:** 8.9/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies) - **Year Founded:** 1993 - **HQ Location:** Redwood City, CA - **Twitter:** @CheckPointSW (70,998 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,356 employees on LinkedIn®) - **Ownership:** NASDAQ:CHKP **Reviewer Demographics:** - **Who Uses This:** Network Engineer, Cyber Security Engineer - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 53% Mid-Market, 27% Enterprise #### Pros & Cons **Pros:** - Security (73 reviews) - Features (57 reviews) - Threat Detection (51 reviews) - Protection (50 reviews) - Ease of Use (46 reviews) **Cons:** - Slow Performance (27 reviews) - High Resource Usage (25 reviews) - Difficult Configuration (21 reviews) - Expensive (21 reviews) - Learning Curve (21 reviews) ### 9. [Iru](https://www.g2.com/products/iru/reviews) Iru is an AI-powered IT and security platform designed to help organizations secure their users, applications, and devices in an increasingly complex digital landscape. Tailored for the AI era, Iru integrates identity and access management, endpoint security, and compliance automation into a single cohesive solution. This unification streamlines operations, allowing IT and security teams to regain control and allocate their time more effectively. Targeted at fast-growing companies, Iru addresses the challenges faced by IT and security professionals who often juggle multiple tools and systems. The platform is particularly beneficial for organizations that require robust security measures while maintaining agility and efficiency. Use cases include managing user access across various applications, ensuring device security, and automating compliance processes, all of which are critical in today’s fast-paced business environment. At the heart of Iru is the Iru Context Model, which provides a dynamic overview of the organization’s environment by continuously monitoring users, devices, and applications in real-time. Complementing this model is Iru AI, an intelligent layer that transforms live data signals into actionable insights, orchestrates necessary actions, and maintains a comprehensive audit trail. This integration enhances policy enforcement, automates response mechanisms, and simplifies compliance, making it easier for organizations to adhere to regulatory requirements. One of Iru's standout features is its single endpoint agent, which manages and secures every device within an organization’s fleet. By implementing passwordless access through device-bound passkeys linked to device posture, Iru creates a trust fabric that strengthens security between users and devices. Additionally, compliance is continuously monitored with customized controls and an Adaptive Evidence Map that updates automatically, reducing the burden on IT teams and minimizing the risk of oversight. Iru aims to bring clarity and control back to overwhelmed IT and security teams by consolidating disparate tools into one unified platform. This shift allows teams to transition from reactive firefighting to proactive strategic initiatives that drive business success. The result is a more robust security posture, simplified workflows, and outcomes that align with organizational goals, ultimately fostering a safer and more efficient operational environment. **Average Rating:** 4.7/5.0 **Total Reviews:** 774 **User Satisfaction Scores:** - **Ease of Admin:** 9.4/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.0/10) - **Quality of Support:** 9.5/10 (Category avg: 8.7/10) - **Ease of Use:** 9.4/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Iru](https://www.g2.com/sellers/iru) - **Company Website:** https://www.iru.com/ - **Year Founded:** 2018 - **HQ Location:** Miami, FL - **Twitter:** @officiallyiru (2,031 Twitter followers) - **LinkedIn® Page:** https://linkedin.com/company/officiallyiru (356 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** IT Manager, CTO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 72% Mid-Market, 23% Small-Business #### Pros & Cons **Pros:** - Ease of Use (345 reviews) - Customer Support (254 reviews) - Device Management (174 reviews) - Easy Setup (152 reviews) - Apple Device Management (148 reviews) **Cons:** - Missing Features (71 reviews) - Lacking Features (56 reviews) - Device Management (53 reviews) - Limited Compatibility (51 reviews) - Expensive (46 reviews) ### 10. [TrendAI Vision One](https://www.g2.com/products/trendai-vision-one/reviews) TrendAI Vision One is a cloud-native security operations platform, serving cloud, hybrid, and on-premises environments. It combines ASM and XDR in a single console to effectively manage cyber risk across your organization. The platform provides powerful risk insights, earlier threat detection, and automated risk and threat response options. Utilize the platform’s predictive machine learning and advanced security analytics for a broader perspective and advanced context. TrendAI Vision One integrates with its own expansive protection platform portfolio and industry-leading global threat intelligence, in addition to a broad ecosystem of purpose-built and API-driven third-party integrations. **Average Rating:** 4.7/5.0 **Total Reviews:** 227 **User Satisfaction Scores:** - **Ease of Admin:** 8.7/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.0/10) - **Quality of Support:** 8.7/10 (Category avg: 8.7/10) - **Ease of Use:** 8.6/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Trend Micro](https://www.g2.com/sellers/trend-micro) - **Company Website:** https://www.trendmicro.com/ - **Year Founded:** 1988 - **HQ Location:** Tokyo - **LinkedIn® Page:** https://www.linkedin.com/company/4312/ (8,090 employees on LinkedIn®) - **Ownership:** OTCMKTS:TMICY **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 51% Enterprise, 34% Mid-Market #### Pros & Cons **Pros:** - Visibility (38 reviews) - Security (33 reviews) - Ease of Use (32 reviews) - Features (31 reviews) - Threat Detection (27 reviews) **Cons:** - Complex Interface (12 reviews) - Integration Issues (12 reviews) - Learning Curve (11 reviews) - Expensive (10 reviews) - Limited Features (10 reviews) ### 11. [ThreatLocker Platform](https://www.g2.com/products/threatlocker-platform/reviews) ThreatLocker is a global leading Zero Trust Platform designed to empower organizations by providing them with the ability to control which applications are permitted to run on their networks. This suite of security tools is tailored for a wide range of users, including businesses, government agencies, and academic institutions, all of whom face the increasing threat of cybercrime. By enabling users to manage application execution, ThreatLocker aims to create a secure environment where organizations can operate without the looming fear of malware and other cyber threats. The ThreatLocker suite stands out in the cybersecurity landscape due to its focus on application whitelisting, a proactive approach that allows organizations to define and enforce policies on what software can be executed. This feature is particularly beneficial for organizations that require stringent security measures, as it minimizes the risk of unauthorized applications compromising sensitive data. The solution is designed for IT administrators who seek to enhance their network security posture while maintaining operational efficiency. One of the key features of ThreatLocker is its ability to provide real-time visibility and control over application behavior. This allows organizations to monitor application usage and detect any suspicious activities that may indicate a potential threat. Additionally, ThreatLocker offers customizable policies that can be tailored to meet the specific needs of different departments or user groups within an organization, ensuring that security measures align with operational requirements. Another significant benefit of ThreatLocker is its user-friendly interface, which simplifies the management of security policies. This accessibility enables IT teams to implement and adjust security measures without extensive training or expertise in cybersecurity. Furthermore, ThreatLocker is backed by a team of experienced cybersecurity professionals who continuously update and enhance the platform to address emerging threats and vulnerabilities. In essence, ThreatLocker provides organizations with the tools they need to take control of their cybersecurity strategy. By focusing on application control and offering robust monitoring capabilities, ThreatLocker helps organizations mitigate risks associated with cyber threats while fostering a secure environment for their operations. This innovative approach to cybersecurity empowers users to navigate their digital landscape confidently, free from the influence of cybercriminals. **Average Rating:** 4.8/5.0 **Total Reviews:** 471 **User Satisfaction Scores:** - **Ease of Admin:** 8.6/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.0/10) - **Quality of Support:** 9.7/10 (Category avg: 8.7/10) - **Ease of Use:** 8.3/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Threatlocker Inc](https://www.g2.com/sellers/threatlocker-inc) - **Company Website:** https://www.threatlocker.com - **Year Founded:** 2017 - **HQ Location:** Orlando, Florida, United States - **Twitter:** @ThreatLocker (2,735 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/65512111/ (686 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** President, CEO - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 54% Small-Business, 33% Mid-Market #### Pros & Cons **Pros:** - Customer Support (92 reviews) - Threat Detection (87 reviews) - Ease of Use (75 reviews) - Security (71 reviews) - Protection (69 reviews) **Cons:** - Learning Curve (44 reviews) - Difficult Learning Curve (30 reviews) - Difficult Configuration (16 reviews) - Difficult Navigation (14 reviews) - Training Required (13 reviews) ### 12. [Cynet](https://www.g2.com/products/cynet/reviews) Cynet is the unified, AI-powered cybersecurity platform that delivers robust and comprehensive protection for security teams while maximizing operational efficiency for managed service providers (MSPs). This platform consolidates a wide array of security capabilities into a single, user-friendly interface, ensuring that organizations can effectively safeguard their digital assets without the complexity often associated with multi-solution environments. Cynet’s platform simplifies security management by integrating various functionalities, such as endpoint protection, threat detection, and incident response, into one cohesive system. This integration not only streamlines operations but also allows organizations to allocate their resources more effectively, ultimately enhancing their overall security posture. One of the standout features of Cynet’s platform is its remarkable performance in the MITRE ATT&CK Evaluations. Cynet delivered 100% visibility and 100% analytic coverage without requiring any configuration changes three years in a row. This capability ensures that organizations can monitor their environments comprehensively and respond to threats with precision. The platform’s built-in analytics and reporting tools provide actionable insights, enabling users to make informed decisions about their cybersecurity strategies. Additionally, Cynet offers 24/7 expert support, which is crucial for organizations that may not have in-house cybersecurity expertise. This round-the-clock assistance ensures that users can quickly address any security incidents or concerns, minimizing potential downtime and damage. The combination of advanced technology and dedicated support positions Cynet as a valuable partner for SMEs and service providers looking to enhance their cybersecurity measures. In summary, Cynet’s unified, AI-powered cybersecurity platform stands out in the crowded cybersecurity market by offering a unified solution tailored to the needs of MSPs. Its comprehensive features, exceptional performance in industry evaluations, and continuous expert support make it a compelling choice for organizations seeking to bolster their cybersecurity defenses while maintaining operational efficiency. **Average Rating:** 4.7/5.0 **Total Reviews:** 208 **User Satisfaction Scores:** - **Ease of Admin:** 9.2/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.0/10) - **Quality of Support:** 9.3/10 (Category avg: 8.7/10) - **Ease of Use:** 9.1/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Cynet](https://www.g2.com/sellers/cynet) - **Company Website:** https://www.cynet.com/ - **Year Founded:** 2014 - **HQ Location:** Boston, MA - **LinkedIn® Page:** https://www.linkedin.com/company/cynet-security/ (329 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** SOC Analyst, Technical Engineer - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 58% Mid-Market, 30% Small-Business #### Pros & Cons **Pros:** - Ease of Use (48 reviews) - Features (36 reviews) - Threat Detection (34 reviews) - Customer Support (32 reviews) - Security (31 reviews) **Cons:** - Limited Customization (11 reviews) - Feature Limitations (10 reviews) - Lack of Customization (10 reviews) - Limited Features (10 reviews) - Missing Features (10 reviews) ### 13. [IBM MaaS360](https://www.g2.com/products/ibm-maas360/reviews) IBM MaaS360 is an easy to use, unified endpoint management (UEM) solution that transforms the way that organizations support users, apps, content, and data across essentially every type of device. Its open, cloud-based platform integrates with preferred security and productivity tools. You can protect your workforce with evolved Threat Management, Mobile Security, Device management features and your analytics will be powered by watsonx AI capabilities, helping you to set up a good security posture. IBM MaaS360 is available for purchase on ibm.com and AWS Marketplace. **Average Rating:** 4.2/5.0 **Total Reviews:** 183 **User Satisfaction Scores:** - **Ease of Admin:** 8.0/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.0/10 (Category avg: 9.0/10) - **Quality of Support:** 8.1/10 (Category avg: 8.7/10) - **Ease of Use:** 8.2/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [IBM](https://www.g2.com/sellers/ibm) - **Company Website:** https://www.ibm.com/us-en - **Year Founded:** 1911 - **HQ Location:** Armonk, NY - **Twitter:** @IBM (709,390 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1009/ (324,553 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** IT Manager, Software Engineer - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 45% Mid-Market, 34% Enterprise #### Pros & Cons **Pros:** - Features (48 reviews) - Security (46 reviews) - Device Management (38 reviews) - Ease of Use (37 reviews) - Protection (24 reviews) **Cons:** - Learning Curve (24 reviews) - Poor Interface Design (17 reviews) - Poor UI (17 reviews) - Slow Performance (17 reviews) - Outdated Interface (13 reviews) ### 14. [Coro Cybersecurity](https://www.g2.com/products/coro-cybersecurity/reviews) Coro is the easy cybersecurity company. We designed an all-in-one platform that every lean IT team will master. While other solutions scare people into buying complicated, confusing products, we lead with elegant simplicity. Coro is fast to deploy, easy to use, and designed not to waste your time. Once you install Coro, you’ll hardly think about us. That’s the point. Coro automatically detects and fixes security problems, so IT teams don’t have to spend time investigating or troubleshooting. We’re also one of the fastest-growing tech companies in North America, just ask Deloitte. Designed primarily for lean IT teams, Coro’s platform is particularly beneficial for organizations that may lack extensive IT resources or dedicated cybersecurity teams. With the increasing complexity of cyber threats, these businesses often find it challenging to maintain adequate security measures. Coro addresses this gap by automating the detection and remediation of security threats, allowing businesses to focus on their core operations without the constant worry of potential breaches or security incidents. One of Coro's key benefits is its intuitive, user-friendly interface, which simplifies the management of cybersecurity protocols. This ease of use is particularly advantageous for organizations with limited IT expertise, as it minimizes the need for extensive training or technical knowledge. Additionally, Coro’s continuous monitoring and reporting features provide businesses with valuable insights into their security posture, enabling them to make informed decisions about their cybersecurity strategies. Another impressive features is how comprehensive, yet powerful, it's all-in-one platform is. Using advanced AI technology, it detects and remediates over 92% of threats automatically, ensuring potential vulnerabilities are identified and addressed in real-time, significantly reducing the risk of data breaches and other cyber incidents. Their impressive performance has been recognised by G2 with a 94% approval rating from users and SE Labs, who awarded them three AAA ratings for their EDR, Email and Cloud modules. Overall, Coro’s cybersecurity platform represents a significant advancement in the field of cybersecurity. By automating threat detection and remediation, offering customizable solutions, and providing a user-friendly experience, Coro empowers organizations to effectively defend against the evolving landscape of cyber threats. Its recognition as one of the fastest-growing cybersecurity companies in North America further underscores its commitment to delivering innovative and effective security solutions. **Average Rating:** 4.7/5.0 **Total Reviews:** 231 **User Satisfaction Scores:** - **Ease of Admin:** 9.5/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.0/10) - **Quality of Support:** 9.5/10 (Category avg: 8.7/10) - **Ease of Use:** 9.5/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Coronet](https://www.g2.com/sellers/coronet) - **Company Website:** https://www.coro.net - **Year Founded:** 2014 - **HQ Location:** Chicago, IL - **Twitter:** @coro_cyber (1,889 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/coronet (295 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** IT Manager, IT Director - **Top Industries:** Non-Profit Organization Management, Financial Services - **Company Size:** 57% Mid-Market, 36% Small-Business #### Pros & Cons **Pros:** - Ease of Use (99 reviews) - Security (68 reviews) - Customer Support (67 reviews) - Protection (55 reviews) - Easy Setup (49 reviews) **Cons:** - Performance Issues (32 reviews) - Improvements Needed (20 reviews) - False Positives (19 reviews) - Inaccuracy (19 reviews) - Limited Features (16 reviews) ### 15. [Cortex XDR](https://www.g2.com/products/palo-alto-networks-cortex-xdr/reviews) Cortex XDR is the industry’s first extended detection and response platform that stops modern attacks by integrating data from any source. With Cortex XDR, you can harness the power of AI, analytics and rich data to detect stealthy threats. Your SOC team can cut through the noise and focus on what matters most with intelligent alert grouping and incident scoring. Cross-data insights accelerate investigations, so you can streamline incident response and recovery. Cortex XDR delivers peace of mind with best-in-class endpoint protection that achieved the highest combined protection and detection scores in the MITRE ATT&CK® round 3 evaluation. The Cortex XDR platform collects and analyzes all data, so you can gain complete visibility and holistic protection to secure what’s next. **Average Rating:** 4.6/5.0 **Total Reviews:** 49 **User Satisfaction Scores:** - **Ease of Admin:** 8.9/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10) - **Quality of Support:** 9.0/10 (Category avg: 8.7/10) - **Ease of Use:** 9.0/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks) - **Year Founded:** 2005 - **HQ Location:** Santa Clara, CA - **Twitter:** @PaloAltoNtwks (128,788 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (21,355 employees on LinkedIn®) - **Ownership:** NYSE: PANW **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 46% Enterprise, 37% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (2 reviews) - Threat Detection (2 reviews) - XDR Capabilities (2 reviews) - Alert Notifications (1 reviews) - Antivirus Protection (1 reviews) **Cons:** - Compatibility Issues (1 reviews) - Complexity (1 reviews) - Complex Management (1 reviews) - Difficult Learning (1 reviews) - Expensive (1 reviews) ### 16. [SentinelOne Singularity Endpoint](https://www.g2.com/products/sentinelone-singularity-endpoint/reviews) SentinelOne (NYSE:S) is pioneering autonomous cybersecurity to prevent, detect, and respond to cyber attacks faster and with higher accuracy than ever before. The Singularity Platform protects and empowers leading global enterprises with real-time visibility, cross-platform correlation, and AI-powered response across endpoints, cloud workloads and containers, network-connected (IoT) devices and identity-centric attack surfaces. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, on LinkedIn or Facebook. Over 9,250 customers, including 4 of the Fortune 10, hundreds of the Global 2000, prominent governments, healthcare providers, and educational institutions, trust SentinelOne to bring their defenses into the future, gaining more capability with less complexity. SentinelOne is a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms, and is a go-to platform across all customer profiles, as highlighted in Gartner’s Critical Capabilities report. SentinelOne continues to prove its industry-leading capabilities in the MITRE Engenuity ATT&CK® Evaluation, with 100% protection detection, 88% less noise, and zero delays in the 2024 MITRE ATT&CK Engenuity evaluations, demonstrating our dedication to keeping our customers ahead of threats from every vector. **Average Rating:** 4.7/5.0 **Total Reviews:** 194 **User Satisfaction Scores:** - **Ease of Admin:** 8.9/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.0/10) - **Quality of Support:** 8.9/10 (Category avg: 8.7/10) - **Ease of Use:** 8.9/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [SentinelOne](https://www.g2.com/sellers/sentinelone) - **Company Website:** https://www.sentinelone.com - **Year Founded:** 2013 - **HQ Location:** Mountain View, CA - **Twitter:** @SentinelOne (57,697 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2886771/ (3,183 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 45% Mid-Market, 36% Enterprise #### Pros & Cons **Pros:** - Ease of Use (16 reviews) - Features (11 reviews) - Threat Detection (11 reviews) - Customer Support (10 reviews) - Security (7 reviews) **Cons:** - Learning Curve (4 reviews) - Not User-Friendly (4 reviews) - Slow Performance (4 reviews) - Complexity (3 reviews) - Difficult Configuration (3 reviews) ### 17. [Cisco Secure Endpoints](https://www.g2.com/products/cisco-secure-endpoints/reviews) Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities. Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader. Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints. **Average Rating:** 4.5/5.0 **Total Reviews:** 27 **User Satisfaction Scores:** - **Ease of Admin:** 8.9/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.9/10 (Category avg: 9.0/10) - **Quality of Support:** 9.4/10 (Category avg: 8.7/10) - **Ease of Use:** 8.8/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Cisco](https://www.g2.com/sellers/cisco) - **Year Founded:** 1984 - **HQ Location:** San Jose, CA - **Twitter:** @Cisco (721,495 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/cisco/ (95,742 employees on LinkedIn®) - **Ownership:** NASDAQ:CSCO **Reviewer Demographics:** - **Company Size:** 37% Mid-Market, 33% Enterprise #### Pros & Cons **Pros:** - Features (6 reviews) - Threat Detection (6 reviews) - Ease of Use (5 reviews) - Integrations (5 reviews) - Protection (5 reviews) **Cons:** - Complexity (3 reviews) - Complex Interface (2 reviews) - Difficult Configuration (2 reviews) - Expensive (2 reviews) - Learning Curve (2 reviews) ### 18. [Microsoft Defender for Endpoint](https://www.g2.com/products/microsoft-defender-for-endpoint/reviews) Microsoft Defender for Endpoint is a complete endpoint security solution that delivers preventative protection, post-breach detection, automated investigation, and response. With Defender for Endpoint, you have: Agentless, cloud powered - No additional deployment or infrastructure. No delays or update compatibility issues. Always up to date. Unparalleled optics - Built on the industry’s deepest insight into Windows threats and shared signals across devices, identities, and information. Automated security - Take your security to a new level by going from alert to remediation in minutes—at scale. **Average Rating:** 4.4/5.0 **Total Reviews:** 299 **User Satisfaction Scores:** - **Ease of Admin:** 8.6/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.0/10) - **Quality of Support:** 8.5/10 (Category avg: 8.7/10) - **Ease of Use:** 8.6/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft) - **Year Founded:** 1975 - **HQ Location:** Redmond, Washington - **Twitter:** @microsoft (13,114,353 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (227,697 employees on LinkedIn®) - **Ownership:** MSFT **Reviewer Demographics:** - **Who Uses This:** Software Engineer, Security Analyst - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 39% Enterprise, 35% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (20 reviews) - Threat Detection (18 reviews) - Security (17 reviews) - Protection (15 reviews) - Cybersecurity Protection (14 reviews) **Cons:** - Compatibility Issues (8 reviews) - Complexity (8 reviews) - Difficult Configuration (7 reviews) - Improvements Needed (7 reviews) - Lack of Clarity (7 reviews) ### 19. [N-able N-central](https://www.g2.com/products/n-able-n-central/reviews) Join the thousands of MSPs and IT professionals who use N-able™ N-central® to remotely monitor and manage devices and complex networks. Built with security in mind, N-central provides the visibility and efficiency you need to monitor more, provide great customer service, and scale your business. Key features include: • Monitor almost any device, including support for Windows, Linux, and macOS • Gain complete insight across your network and cloud services without the need for extra network monitoring software • Create automated patch management policies to ensure devices are up to date • Streamline your workflow with drag-and-drop scripting in automation manager—no need to write a line of code • Provide remote support across devices and platforms with the integrated Take Control feature • Integrate your existing PSA software or use N-able MSP Manager to manage tickets and billing • Manage security with integrated backup, EDR, AV, and disk encryption • Available as an on-premises or hosted cloud solution to fit your business N-central is designed to help you run your managed services business or internal IT department more efficiently, so you can focus on scaling operations. **Average Rating:** 4.4/5.0 **Total Reviews:** 525 **User Satisfaction Scores:** - **Ease of Admin:** 7.9/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.0/10) - **Quality of Support:** 7.9/10 (Category avg: 8.7/10) - **Ease of Use:** 7.9/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [N-able](https://www.g2.com/sellers/n-able) - **Company Website:** https://www.n-able.com - **HQ Location:** Morrisville, North Carolina - **Twitter:** @Nable (15,888 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/n-able (2,224 employees on LinkedIn®) - **Ownership:** NYSE: NABL **Reviewer Demographics:** - **Who Uses This:** Director, Owner - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 60% Small-Business, 33% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (188 reviews) - Automation (116 reviews) - Features (112 reviews) - Remote Access (89 reviews) - Monitoring (80 reviews) **Cons:** - Missing Features (87 reviews) - Feature Issues (65 reviews) - Needs Improvement (61 reviews) - Learning Curve (47 reviews) - Not User-Friendly (47 reviews) ### 20. [Carbon Black EDR](https://www.g2.com/products/carbon-black-edr/reviews) Carbon Black EDR is a market-leading incident response and threat hunting solution designed to provide responders with the most information possible, accompanied by expert threat analysis and armed with real-time response capabilities to stop attacks, minimize damage and close security gaps. Carbon Black EDR makes these teams more efficient, reducing investigations from days to hours, and more effective, enabling them to discover threats before attacks can exploit them. Carbon Black EDR also allows teams to connect to and isolate infected machines to prevent lateral movement and remediate devices without costly IT involvement. Continuous and Centralized Recording Centralized access to continuously recorded endpoint data means that security professionals have the information they need to hunt threats in real time as well as conduct in-depth investigations after a breach has occurred. Live Response for Remote Remediation With Live Response, incident responders can create a secure connection to infected hosts to pull or push files, kill processes, perform memory dumps and quickly remediate from anywhere in the world. Attack Chain Visualization and Search Carbon Black EDR provides intuitive attack chain visualization to make identifying root cause fast and easy. Analysts can quickly jump through each stage of an attack to gain insight into the attacker’s behavior, close security gaps and learn from every new attack technique to avoid falling victim to the same attack twice. Automation via Integrations and Open APIs Carbon Black boasts a robust partner ecosystem and open platform that allows security teams to integrate products like Carbon Black EDR into their existing security stack. **Average Rating:** 4.4/5.0 **Total Reviews:** 82 **User Satisfaction Scores:** - **Ease of Admin:** 7.9/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.3/10 (Category avg: 9.0/10) - **Quality of Support:** 8.6/10 (Category avg: 8.7/10) - **Ease of Use:** 8.4/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Broadcom](https://www.g2.com/sellers/broadcom-ab3091cd-4724-46a8-ac89-219d6bc8e166) - **Year Founded:** 1991 - **HQ Location:** San Jose, CA - **Twitter:** @broadcom (63,196 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/broadcom/ (55,707 employees on LinkedIn®) - **Ownership:** NASDAQ: CA **Reviewer Demographics:** - **Who Uses This:** IT Manager - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 64% Mid-Market, 41% Enterprise #### Pros & Cons **Pros:** - Protection (5 reviews) - Automation (2 reviews) - Incident Response (2 reviews) - Threat Detection (2 reviews) - AI (1 reviews) **Cons:** - Expensive (3 reviews) - High Resource Usage (2 reviews) - Alert Issues (1 reviews) - False Positives (1 reviews) - Inefficient Search Functionality (1 reviews) ### 21. [WatchGuard Endpoint Security](https://www.g2.com/products/watchguard-endpoint-security/reviews) WatchGuard Endpoint Security solutions help you safeguard devices against cyber threats. WatchGuard EPDR and Advanced EPDR, our AI-powered flagship endpoint solutions, enhance your security posture by seamlessly integrating endpoint protection (EPP) with detection and response (EDR) capabilities alongside our Zero-Trust Application and Threat Hunting Services. All are tightly integrated within WatchGuard Cloud and ThreatSync, delivering valuable visibility and intelligence while fortifying cross-product detection and response (XDR). **Average Rating:** 4.4/5.0 **Total Reviews:** 116 **User Satisfaction Scores:** - **Ease of Admin:** 8.7/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.7/10 (Category avg: 9.0/10) - **Quality of Support:** 8.4/10 (Category avg: 8.7/10) - **Ease of Use:** 8.9/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [WatchGuard](https://www.g2.com/sellers/watchguard) - **Company Website:** https://www.watchguard.com - **Year Founded:** 1996 - **HQ Location:** Seatle, WA - **Twitter:** @watchguard (19,459 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/166878/ (1,218 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** IT Manager, Software Developer - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 55% Small-Business, 33% Mid-Market #### Pros & Cons **Pros:** - Features (3 reviews) - Protection (3 reviews) - Security (3 reviews) - Cybersecurity Protection (2 reviews) - Ease of Use (2 reviews) **Cons:** - Complex Interface (1 reviews) - Complexity (1 reviews) - Difficult Configuration (1 reviews) - Expensive (1 reviews) - Setup Complexity (1 reviews) ### 22. [N-able N-Sight RMM](https://www.g2.com/products/n-able-n-sight-rmm/reviews) N-able N-sight™ RMM combines remote monitoring and management, remote access, ticketing, and billing capabilities, into one powerful yet easy to use platform that streamlines day-to-operations, combats threats and drives operational efficiency. Key features include: • Manage all devices across Windows, Linux and Apple platforms • Get up in running rapidly with simple onboarding steps, built-in automation scripts and patching policies • Automated Microsoft patch management to help ensure compliance and security at all times • Integrated Endpoint Detection and Response for layered security • Drag and drop automation for efficient service delivery • Secure and instant remote access to desktop or mobile devices (Windows, macOS, iOS and Android) • Ticketing, including workflows, routing rules and automation to drive efficiency and collaboration across teams • Simple time tracking, including functionality for recurring tickets and appointments • Automated billing and invoicing that integrates with your existing accounting software • Best in class integrations, providing flexibility via APIs and open ecosystem N-sight RMM makes it easy for MSPs and IT Professionals to get started in minutes with a powerful all-in-one platform that delivers the perfect blend of capabilities and ease of use. **Average Rating:** 4.3/5.0 **Total Reviews:** 336 **User Satisfaction Scores:** - **Ease of Admin:** 8.2/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.3/10 (Category avg: 9.0/10) - **Quality of Support:** 8.2/10 (Category avg: 8.7/10) - **Ease of Use:** 8.3/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [N-able](https://www.g2.com/sellers/n-able) - **Company Website:** https://www.n-able.com - **HQ Location:** Morrisville, North Carolina - **Twitter:** @Nable (15,888 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/n-able (2,224 employees on LinkedIn®) - **Ownership:** NYSE: NABL **Reviewer Demographics:** - **Who Uses This:** Owner, President - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 76% Small-Business, 20% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (93 reviews) - Remote Access (57 reviews) - Automation (41 reviews) - Monitoring (34 reviews) - Features (33 reviews) **Cons:** - Feature Issues (26 reviews) - Laggy Performance (24 reviews) - Missing Features (22 reviews) - Not User-Friendly (21 reviews) - UX Improvement (19 reviews) ### 23. [Kaspersky Next EDR Expert](https://www.g2.com/products/kaspersky-next-edr-expert/reviews) Kaspersky Next EDR Expert is a powerful Endpoint Detection and Response solution that works together with Endpoint Protection Platform to block mass attacks, detect complex cyberthreats, proactively investigate incidents and equip IT security specialists with comprehensive response tools. The solution provides a comprehensive view of endpoints across your corporate infrastructure, along with clear visualization of every stage of an investigation. With a powerful set of detection engines and root cause analysis tools, our EDR ensures effective threat detection and investigation. Powerful EDR solution with best-in-class endpoint protection: • Built on best-in-class endpoint protection proven by numerous independent tests • Trusted by 600+ enterprise customers, protecting over 2.5 million endpoints worldwide • 1,900+ detection rules developed and maintained by Kaspersky’s global SOC team • Nearly 30 years of proven experience defending against advanced cyberthreats • Built on the Open Single Management Platform with an open architecture and broad integration capabilities • Integrates with Kaspersky SIEM, Endpoint Security, Security Network Threat Lookup, MDR and third-party AV/API workflows • Embedded sandbox for in-depth analysis of suspicious files • AI-enhanced components that significantly improve detection accuracy **Average Rating:** 4.3/5.0 **Total Reviews:** 31 **User Satisfaction Scores:** - **Ease of Admin:** 9.4/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.0/10) - **Quality of Support:** 8.3/10 (Category avg: 8.7/10) - **Ease of Use:** 9.3/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Kaspersky](https://www.g2.com/sellers/kaspersky-bce2dc7f-2586-4e87-96da-114de2c40584) - **Year Founded:** 1997 - **HQ Location:** Moscow - **Twitter:** @kasperskylabind (1,294 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/kaspersky/ (4,494 employees on LinkedIn®) - **Phone:** 1-866-328-5700 **Reviewer Demographics:** - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 39% Mid-Market, 32% Small-Business #### Pros & Cons **Pros:** - Easy Deployment (1 reviews) - Expertise (1 reviews) - Threat Detection (1 reviews) **Cons:** - Limited Features (1 reviews) - Poor Reporting (1 reviews) - UX Improvement (1 reviews) ### 24. [SonicWall Capture Client](https://www.g2.com/products/sonicwall-capture-client/reviews) SonicWall Capture Client is a unified client platform that delivers multiple Endpoint Detection & Response (EDR) capabilities, including behavior-based malware protection, advanced threat hunting and visibility into application vulnerabilities. **Average Rating:** 4.3/5.0 **Total Reviews:** 19 **User Satisfaction Scores:** - **Ease of Admin:** 9.0/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.0/10) - **Quality of Support:** 8.5/10 (Category avg: 8.7/10) - **Ease of Use:** 9.2/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [SonicWall](https://www.g2.com/sellers/sonicwall) - **Year Founded:** 1991 - **HQ Location:** Milpitas, CA - **Twitter:** @SonicWall (29,322 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/4926/ (1,951 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services - **Company Size:** 53% Small-Business, 32% Mid-Market #### Pros & Cons **Pros:** - Security (5 reviews) - Deployment Ease (2 reviews) - Easy Setup (2 reviews) - Features (2 reviews) - Automation (1 reviews) **Cons:** - False Positives (2 reviews) - Limitations (1 reviews) - Missing Features (1 reviews) - Missing Information (1 reviews) - Remote Access Issues (1 reviews) ### 25. [Todyl Security Platform](https://www.g2.com/products/todyl-security-platform/reviews) Todyl empowers businesses of any size with a complete, end-to-end security program. The Todyl Security Platform converges SASE, SIEM, Endpoint Security, GRC, MXDR, and more into a cloud-native, single-agent platform purpose-built for MSPs, MSSPs, and Mid-Market IT professionals. Each module is designed to be deployed in a targeted, agile approach to meet any use case. When all modules are combined, our platform becomes a comprehensive security solution that is cloud-first, globally accessible, and features a highly intuitive interface. With Todyl, your security stack becomes one comprehensive, consolidated, and customizable platform, making security more intuitive and streamlined to combat modern threats. Our platform helps to eliminate the complexity, cost, and operational overhead traditional approaches to cybersecurity require, empowering teams with the capabilities they need to protect, detect, and respond to cyberattacks. **Average Rating:** 4.6/5.0 **Total Reviews:** 96 **User Satisfaction Scores:** - **Ease of Admin:** 8.7/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.0/10) - **Quality of Support:** 9.4/10 (Category avg: 8.7/10) - **Ease of Use:** 8.6/10 (Category avg: 8.7/10) **Seller Details:** - **Seller:** [Todyl](https://www.g2.com/sellers/todyl) - **Company Website:** https://www.todyl.com/ - **Year Founded:** 2015 - **HQ Location:** Denver, CO - **LinkedIn® Page:** https://www.linkedin.com/company/todylprotection (125 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Owner, President - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 73% Small-Business, 8% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (64 reviews) - Customer Support (51 reviews) - Features (41 reviews) - Security (39 reviews) - Deployment Ease (35 reviews) **Cons:** - Improvements Needed (21 reviews) - Integration Issues (14 reviews) - Inadequate Reporting (12 reviews) - Limited Features (12 reviews) - Poor Reporting (12 reviews) ## Parent Category [Endpoint Protection Software](https://www.g2.com/categories/endpoint-protection) ## Related Categories - [Antivirus Software](https://www.g2.com/categories/antivirus) - [Endpoint Protection Platforms](https://www.g2.com/categories/endpoint-protection-platforms) - [Managed Detection and Response (MDR) Software](https://www.g2.com/categories/managed-detection-and-response-mdr) --- ## Buyer Guide ### What You Should Know About Endpoint Detection & Response (EDR) Software ### What is endpoint detection and response (EDR) software? EDR software is used to help companies identify and remediate threats related to network-connected endpoints. EDR solutions inform security professionals of vulnerable or infected endpoints and guide them through the remediation process. After incidents have been resolved, EDR tools help teams investigate issues and the vulnerable components that allow an endpoint to become compromised. Continuous monitoring is one of the core capabilities of endpoint detection technologies. These monitoring features provide complete and continuous visibility across a company’s network-connected endpoints. Individuals can monitor behaviors, vulnerabilities, and activity for abnormalities. When abnormalities are identified, the detection portion of EDR technology transitions to the response portion. Endpoint response begins with alerting and containment. Security professionals are alerted of threats present to their systems and isolate potentially compromised endpoints from further network access; this helps prevent one infected endpoint from becoming hundreds. Once systems are properly organized to contain malware and threat actors, security teams can work to remove malware and prevent future access from actors to endpoint devices. EDR platforms store threat data related to security incidents, improving a team's ability to defend against threats in the future by helping them identify root causes and threat actors. Additionally, zero-day exploits may be identified, and other vulnerabilities may be remediated as a result. This will help prevent third-party privilege escalation, malware injection, and unapproved endpoint control from occurring in the future. Some EDR products provide machine learning capabilities to analyze events, improve threat hunting, and reduce false positives by automating protection and remediation processes. ### Key benefits of EDR software - Monitor endpoints and detect issues or security incidents - Remediate present threats to endpoints - Investigate incidents to identify causes - Contain threats and restrict access to other endpoints or networks ### Why use endpoint detection and response solutions? Endpoints are some of the most vulnerable components of a business' network structure. One vulnerable endpoint could cause a company’s entire network, databases, and sensitive information to become exposed or stolen. EDR systems will help secure individual endpoints, detect issues as they arise, and contain threats that make their way beyond traditional security structures. Endpoint protection is even more relevant considering the growing popularity of bring-your-own-device (BYOD) policies. When employees are in complete control over downloads, applications, and updates, security must be a priority. Every day professionals are not the most security-savvy individuals and may unintentionally compromise their devices or put business information at risk. **Zero-day threats—** While traditional prevention tools such as antivirus software or firewall technology are helpful as the first line of defense, zero-day threats are bound to occur. The nature of these threats means they have yet to be discovered and, therefore, cannot be defended against. EDR solutions will help identify new threats as they arise and remediate them before damage occurs. **Visibility and control—** Continuous monitoring and endpoint visibility help defend against traditional malware and sophisticated threats. Monitoring can help identify known threats as they arise and detect minute details that indicate the presence of advanced threats. Hackers are always developing new ways to enter networks undetected through fileless malware or malicious code injection. Monitoring capabilities will improve a team’s ability to detect anomalies caused by outside actors and threats. **Analysis and deterrence —** EDR software improves a security organization’s ability to review the data associated with security events, data breaches, and network attacks. The data collected from these events can be reviewed back to the initial onset and used to identify the vulnerability or exploit used. Once identified, security teams and software developers can work collectively to resolve flaws and prevent similar attacks from occurring in the future. ### What are the common features of EDR products? **Detection—** Detection capabilities result from monitoring practices. Monitoring collects information about properly functioning systems and can be applied to identify abnormal behavior or functionality. Once identified, IT and security professionals are alerted and directed through the review and resolution processes. **Containment —** Once threats are present within an endpoint device, access must be restricted from the greater network and additional endpoints. Often referred to as quarantine features, these capabilities can help protect a network when a threat is detected. **Remediation—** As threats are discovered, they must be dealt with. EDR software allows individuals and security teams to track incidents back to their onset and identify suspicious actors or malware. **Investigation—** After incidents occur, EDR tools collect large amounts of data associated with the endpoint device and provide a historical record of activities. This information can be used to quickly identify the cause of an incident and prevent its reoccurrence in the future. #### Additional EDR features **Behavioral analysis—** Behavior analysis capabilities allow administrators to gain valuable insights into end-user behavior. This data can be used as a reference for monitoring features to compare against and detect anomalies. **Real-time monitoring —** Real-time and continuous monitoring capabilities allow security professionals to constantly monitor systems and detect anomalies in real time. **Threat data documentation—** Event data recording capabilities automate the collection and curation of incident data. This information can alert security teams of the performance and health of a company's endpoint-enabled devices. **Data exploration —** Data exploration features allow security teams to review data associated with security incidents. These data points can be cross-referenced and analyzed to provide insights on better protecting endpoints in the future. ### Potential issues with EDR solutions **Endpoint variety—** Endpoints come in many shapes and sizes, from laptops and servers to tablets and smartphones. A business should ensure that all types of endpoints connected to its network are compatible with a chosen EDR solution. This is especially important for businesses with a large number of BYOD devices that run different operating systems and applications. **Scalability —** Scale refers to the size and scope of your network of connected endpoints. It’s a major consideration because some EDR tools may only facilitate monitoring on a specific number of devices or limit the number of concurrent investigations or remediations. Companies with large pools of endpoints should be sure the solutions they consider can handle the number of endpoints and provide adequate monitoring for the scale of their business and projected growth. **Efficacy —** Efficacy refers to the actual functional benefit of using a software solution. Companies may be wasting their time if security teams are inundated with false positives or conflicting results. This is a key identifier in user reviews and third-party evaluations that buyers should consider when evaluating a product. **Administration and Management —** Companies adopting EDR for the first time should be sure they have sufficient staff equipped with skills relevant to using EDR software. Smaller, growing businesses may not be best suited for adopting complex security systems and may be better served using managed services until the need for security matches their ability to deliver. ### Software and services related to EDR software EDR software is one member of the endpoint protection and security family. These tools provide the remediation component of the endpoint protection process but not all of the prevention and management components in other endpoint security software. [**Endpoint protection suites**](https://www.g2crowd.com/categories/endpoint-protection-suites? __hstc=171774463.81494f0ac47c15794fea57ed705405f2.1607315526284.1610948873867.1611035647295.58&__ hssc=171774463.13.1611035647295&__hsfp=669407890) **—** Endpoint protection suites are sophisticated platforms containing capabilities across all segments of the endpoint security technology world. They include virus and malware protection as well as the administration and management of endpoint devices. [**Endpoint antivirus software**](https://www.g2.com/categories/antivirus) **—** Antivirus technologies are some of the oldest solutions for endpoint security. These tools help prevent malware, computer viruses, and other threats from compromising an endpoint device. These capabilities are present in many security technologies, but antivirus software is specifically dedicated to this kind of protection. [**Endpoint management software**](https://www.g2.com/categories/endpoint-management) **—** Endpoint management software documents, monitors, and manages endpoints connected to a network. These tools ensure that only approved devices access a company’s network and require connected devices to pass specific security requirements before gaining access. This may mean implementing software updates, security scans, or user authentication processes. [**Endpoint security services**](https://www.g2.com/categories/endpoint-security-services) **—** Endpoint security services are a form of managed security services that are often the go-to for organizations without dedicated security staff. These solution providers deliver services surrounding the entire endpoint security stack to reduce a business’s need to manage day-to-day tasks and resolve issues directly. These services will not provide the same level of customization or control but will provide a business with peace of mind until they are capable of handling security issues in-house. **Incident response software—** Incident response software is a term for general security incident management and threat remediation tools. These products are designed to facilitate incident investigation and solve them at the point of attack. These tools may provide some similar forensic analysis capabilities but often do not provide the same endpoint monitoring and control functionality.