# Best Endpoint Detection & Response (EDR) Software for Medium-Sized Businesses *By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)* Products classified in the overall Endpoint Detection & Response (EDR) category are similar in many regards and help companies of all sizes solve their business problems. However, medium-sized business features, pricing, setup, and installation differ from businesses of other sizes, which is why we match buyers to the right Medium-Sized Business Endpoint Detection & Response (EDR) to fit their needs. Compare product ratings based on reviews from enterprise users or connect with one of G2's buying advisors to find the right solutions within the Medium-Sized Business Endpoint Detection & Response (EDR) category. In addition to qualifying for inclusion in the Endpoint Detection & Response (EDR) Software category, to qualify for inclusion in the Medium-Sized Business Endpoint Detection & Response (EDR) Software category, a product must have at least 10 reviews left by a reviewer from a medium-sized business. ## How Many Endpoint Detection & Response (EDR) Software Products Does G2 Track? **Total Products under this Category:** 123 ## How Does G2 Rank Endpoint Detection & Response (EDR) Software Products? **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 12,700+ Authentic Reviews - 123+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. --- **Sponsored** ### Deepwatch Deepwatch is the leader in Precision MDR powered by AI and humans. We amplify human expertise with AI insights to reduce the risks that matter most to your business. Unlike one-size-fits-all MDR, Deepwatch delivers protection that is comprehensive, custom, clear, and ceaseless—stopping threats before and after they emerge with tailored responses at every step. Deepwatch is tuned to each customer’s environment, trained on their priorities and the stack they’ve invested in to strengthen defenses and focus on what matters most. There are no black boxes—customers get clarity on every detection, decision, and data source, along with the name of the analyst behind it. Around-the-clock protection is delivered by security experts who act on real-time threats, powered by AI. Visit Deepwatch.com. Always Watching. Always Protecting. Deepwatch is: - Named to CRNs 2025 Security 100 List - Global INFOSEC Awards Winner 2024 - Splunk AMER Marketing Partner of the Year 2023 - CRN Tech Innovators Winner 2023 - Great Place to Work® Certified 2020-2025 - Forbes 2023-2024 Best Startup Employers - Equity Investments and Strategic Financing from Springcoast Capital Partners, Splunk Ventures and Vista Credit Partners: $180 million in 2023 - Goldman Sachs portfolio company: $53m Series B investment 2020 [Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&secure%5Bad_slot%5D=category_product_list&secure%5Bcategory_id%5D=1159&secure%5Bdisplayable_resource_id%5D=1797&secure%5Bdisplayable_resource_type%5D=Category&secure%5Bmedium%5D=sponsored&secure%5Bplacement_reason%5D=neighbor_category&secure%5Bplacement_resource_ids%5D%5B%5D=1797&secure%5Bprioritized%5D=false&secure%5Bproduct_id%5D=108062&secure%5Bresource_id%5D=1159&secure%5Bresource_type%5D=Category&secure%5Bsource_type%5D=category_page&secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fendpoint-detection-response-edr%2Fmid-market&secure%5Btoken%5D=caf94bdd52ad8694f7981180a6ee468f104e234e714062ca19b7625f1bd0f02d&secure%5Burl%5D=https%3A%2F%2Fwww.deepwatch.com%2Fplatform%2Fg2&secure%5Burl_type%5D=book_demo) --- ## What Are the Top-Rated Endpoint Detection & Response (EDR) Software Products in 2026? ### 1. [Sophos Endpoint](https://www.g2.com/products/sophos-endpoint/reviews) Sophos Endpoint is the world’s most comprehensive endpoint protection solution. Built to stop the widest range of attacks, Sophos Endpoint has been proven to prevent even the most advanced ransomware and malware by leveraging a unique combination of next-generation techniques. This includes the ability to detect never-before-seen malware with deep learning, stop ransomware with Sophos anti-ransomware technology, and deny attacker tools with signatureless exploit prevention. Sophos Endpoint also includes root cause analysis to provide insight into threats, and instant malware removal to ensure no attack remnants remain. **Average Rating:** 4.7/5.0 **Total Reviews:** 783 **How Do G2 Users Rate Sophos Endpoint?** - **Ease of Admin:** 9.3/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.0/10) - **Quality of Support:** 9.0/10 (Category avg: 8.7/10) - **Ease of Use:** 9.3/10 (Category avg: 8.7/10) **Who Is the Company Behind Sophos Endpoint?** - **Seller:** [Sophos](https://www.g2.com/sellers/sophos) - **Company Website:** https://www.sophos.com/ - **Year Founded:** 1985 - **HQ Location:** Oxfordshire - **Twitter:** @Sophos (36,753 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/5053/ (5,561 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** IT Manager, System Administrator - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 59% Mid-Market, 18% Small-Business #### What Are Sophos Endpoint's Pros and Cons? **Pros:** - Ease of Use (191 reviews) - Protection (180 reviews) - Security (165 reviews) - Threat Detection (129 reviews) - Easy Management (124 reviews) **Cons:** - Slow Performance (73 reviews) - High Resource Usage (52 reviews) - Learning Curve (50 reviews) - Difficult Configuration (36 reviews) - High CPU Usage (34 reviews) ### 2. [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) Organizations today face a serious challenge: managing numerous security vendors and tools while confronting an ever-evolving threat landscape. Sophisticated adversaries are becoming smarter, faster, and more evasive, launching complex attacks that can strike in minutes or even seconds. Traditional security approaches struggle to keep pace, leaving businesses vulnerable. The CrowdStrike Falcon Platform addresses this by offering a unified, cloud-native solution. It consolidates previously siloed security solutions and incorporates third-party data into a single platform with one efficient and resource-conscious agent, leveraging advanced AI and real-time threat intelligence. This approach simplifies security operations, speeds analyst decision making, and enhances protection to stop the breach, allowing organizations to reduce risk with less complexity and lower costs. CrowdStrike's Falcon Platform includes: - Endpoint Security: Secure the endpoint, stop the breach - Identify Protection: Identity is the front line, defend it - Next-Gen SIEM: The future of SIEM, today - Data Protection: Real-time data protection from endpoint to cloud - Exposure Management: Understand risk to stop breaches - Charlotte AI: Powering the next evolution of the SOC **Average Rating:** 4.7/5.0 **Total Reviews:** 374 **How Do G2 Users Rate CrowdStrike Falcon Endpoint Protection Platform?** - **Ease of Admin:** 9.0/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10) - **Quality of Support:** 8.9/10 (Category avg: 8.7/10) - **Ease of Use:** 9.0/10 (Category avg: 8.7/10) **Who Is the Company Behind CrowdStrike Falcon Endpoint Protection Platform?** - **Seller:** [CrowdStrike](https://www.g2.com/sellers/crowdstrike) - **Company Website:** https://www.crowdstrike.com - **Year Founded:** 2011 - **HQ Location:** Sunnyvale, CA - **Twitter:** @CrowdStrike (110,386 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2497653/ (11,258 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Security Analyst, Cyber Security Analyst - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 46% Enterprise, 42% Mid-Market #### What Are CrowdStrike Falcon Endpoint Protection Platform's Pros and Cons? **Pros:** - Features (113 reviews) - Threat Detection (103 reviews) - Ease of Use (98 reviews) - Security (97 reviews) - Detection (86 reviews) **Cons:** - Expensive (54 reviews) - Complexity (39 reviews) - Learning Curve (35 reviews) - Limited Features (31 reviews) - Pricing Issues (29 reviews) ### 3. [Check Point Harmony Endpoint](https://www.g2.com/products/check-point-harmony-endpoint/reviews) Harmony Endpoint is a complete endpoint security solution offering a fleet of advanced endpoint threat prevention capabilities so you can safely navigate today’s menacing threat landscape. It provides a comprehensive system to proactively prevent, detect, and remediate evasive malware attacks. **Average Rating:** 4.5/5.0 **Total Reviews:** 254 **How Do G2 Users Rate Check Point Harmony Endpoint?** - **Ease of Admin:** 8.7/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.0/10) - **Quality of Support:** 8.7/10 (Category avg: 8.7/10) - **Ease of Use:** 8.9/10 (Category avg: 8.7/10) **Who Is the Company Behind Check Point Harmony Endpoint?** - **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies) - **Year Founded:** 1993 - **HQ Location:** Redwood City, CA - **Twitter:** @CheckPointSW (70,991 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,356 employees on LinkedIn®) - **Ownership:** NASDAQ:CHKP **Who Uses This Product?** - **Who Uses This:** Network Engineer, Cyber Security Engineer - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 54% Mid-Market, 27% Enterprise #### What Are Check Point Harmony Endpoint's Pros and Cons? **Pros:** - Security (73 reviews) - Features (57 reviews) - Threat Detection (51 reviews) - Protection (50 reviews) - Ease of Use (46 reviews) **Cons:** - Slow Performance (27 reviews) - High Resource Usage (25 reviews) - Difficult Configuration (21 reviews) - Expensive (21 reviews) - Learning Curve (21 reviews) ### 4. [Acronis Cyber Protect Cloud](https://www.g2.com/products/acronis-cyber-protect-cloud/reviews) Acronis delivers the world’s most complete cyber resilience platform, combining backup, disaster recovery, cybersecurity, RMM, and business operations tools into a single, natively integrated solution. Built specifically for Managed Service Providers (MSPs) and IT teams, Acronis simplifies operations with one agent, one console, and one license model. Automation, AI-driven insights, and multi-tenant management ensure that fewer technicians can manage more clients at lower cost. With predictable pricing and transparent billing, Acronis enables partners and IT teams to scale efficiently, comply with regulations, and deliver unmatched resilience. No other vendor delivers this level of integration, efficiency, and MSP alignment. Acronis Cyber Protect Cloud unites backup and next-generation, AI-based anti-malware, antivirus, and endpoint protection management in one solution. Integration and automation provide unmatched ease for service providers — reducing complexity while increasing productivity and decreasing operating costs. Acronis Cyber Protect Cloud is the single service provider solution that combines backup, anti-malware (including anti-virus, anti-ransomware, and anti-cryptojacking) and security and management capabilities such as vulnerability assessments, patch management, URL filtering and more. Now, service providers can eliminate complexity and make security a centerpiece of their offerings while increasing SLAs, decreasing churn, and generating more recurring revenue. Get upgraded security with integrated AI-based defenses that protect clients from modern threats, make smarter use of resources so your team can focus on clients, and earn new recurring revenue and higher margins that strengthen your business. Enriched with next-gen, full-stack anti-malware protection and comprehensive yet simple management tools, built on top of our industry-leading backup and data recovery solution, Acronis Cyber Protect Cloud simplifies onboarding, daily operations, and reporting, and combats advanced attacks with new use cases enabled by integration. Acronis Cyber Protect Cloud makes it easy to deliver the modern cyber protection your clients seek. Acronis is majority-owned by EQT. **Average Rating:** 4.7/5.0 **Total Reviews:** 1,263 **How Do G2 Users Rate Acronis Cyber Protect Cloud?** - **Ease of Admin:** 9.1/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.0/10) - **Quality of Support:** 8.8/10 (Category avg: 8.7/10) - **Ease of Use:** 9.1/10 (Category avg: 8.7/10) **Who Is the Company Behind Acronis Cyber Protect Cloud?** - **Seller:** [Acronis](https://www.g2.com/sellers/acronis) - **Company Website:** https://www.acronis.com/ - **Year Founded:** 2003 - **HQ Location:** Schaffhausen - **Twitter:** @acronis (94,736 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/13179/ (1,917 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CEO, Director - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 68% Small-Business, 28% Mid-Market #### What Are Acronis Cyber Protect Cloud's Pros and Cons? **Pros:** - Ease of Use (217 reviews) - Backup Solutions (213 reviews) - Backup Ease (169 reviews) - Protection (159 reviews) - Security (158 reviews) **Cons:** - Slow Performance (77 reviews) - Expensive (65 reviews) - Complexity (53 reviews) - Poor Customer Support (50 reviews) - Backup Issues (41 reviews) ### 5. [Arctic Wolf](https://www.g2.com/products/arctic-wolf/reviews) Arctic Wolf® is the market leader in security operations. Using the cloud-native Arctic Wolf® Platform, we help organizations end cyber risk by providing security operations as a concierge service. Arctic Wolf solutions include Arctic Wolf® Managed Detection and Response (MDR), Managed Risk, and Managed Security Awareness —each delivered by the industry’s original Concierge Security® Team. Highly-trained Concierge Security experts work as an extension of internal teams to provide 24x7 monitoring, detection, and response, as well as ongoing risk management to give organizations the protection, resilience and guidance they need to defend against cyber threats. Visit arcticwolf.com to get the latest industry resources and learn more about our solutions. **Average Rating:** 4.7/5.0 **Total Reviews:** 275 **How Do G2 Users Rate Arctic Wolf?** - **Ease of Admin:** 9.1/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.0/10) - **Quality of Support:** 9.4/10 (Category avg: 8.7/10) - **Ease of Use:** 9.2/10 (Category avg: 8.7/10) **Who Is the Company Behind Arctic Wolf?** - **Seller:** [Arctic Wolf Networks](https://www.g2.com/sellers/arctic-wolf-networks) - **Company Website:** https://www.arcticwolf.com - **Year Founded:** 2012 - **HQ Location:** Eden Prairie, MN - **Twitter:** @AWNetworks (4,497 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2760138/ (3,382 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** IT Manager, IT Director - **Top Industries:** Hospital & Health Care, Information Technology and Services - **Company Size:** 71% Mid-Market, 20% Enterprise #### What Are Arctic Wolf's Pros and Cons? **Pros:** - Customer Support (58 reviews) - Threat Detection (47 reviews) - Cybersecurity (28 reviews) - Ease of Use (27 reviews) - Alerts (22 reviews) **Cons:** - Expensive (10 reviews) - False Positives (7 reviews) - Learning Curve (7 reviews) - Cybersecurity Risks (6 reviews) - Dashboard Issues (5 reviews) ### 6. [ESET PROTECT](https://www.g2.com/products/eset-protect/reviews) Stay one step ahead of known and emerging cyber threats with our AI-native, prevention-first approach. ESET combines the power of AI and human expertise to make protection easy and effective. Experience best-in-class protection thanks to our in-house global cyber threat intelligence, compiled and examined for over 30 years, which drives our extensive R&D network led by industry-acclaimed researchers. ESET PROTECT, our cloud-first XDR cybersecurity platform combines next-gen prevention, detection, and proactive threat hunting capabilities. ESET's highly customizable solutions include local support and have minimal impact on performance, identify and neutralize known and emerging threats before they can be executed, support business continuity, and reduce the cost of implementation and management. HOW YOUR ORGANIZATION WILL BENEFIT - Improved protection against ransomware and zero-day threats via cloud-based sandboxing technology. - Helps comply with data regulations thanks to full disk encryption capabilities on Windows and macOS. - Easily accessible ESET PROTECT console improves TCO of security management. - Single-pane-of-glass remote management for visibility of threats, users, and quarantined items. - Company endpoints and mobiles are protected via advanced multilayered technology, now with brute-force attack protection. **Average Rating:** 4.6/5.0 **Total Reviews:** 934 **How Do G2 Users Rate ESET PROTECT?** - **Ease of Admin:** 8.5/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.9/10 (Category avg: 9.0/10) - **Quality of Support:** 8.9/10 (Category avg: 8.7/10) - **Ease of Use:** 9.0/10 (Category avg: 8.7/10) **Who Is the Company Behind ESET PROTECT?** - **Seller:** [ESET](https://www.g2.com/sellers/eset) - **Company Website:** https://www.eset.com - **Year Founded:** 1992 - **HQ Location:** Bratislava, Slovak Republic - **Twitter:** @ESET (276,293 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/28967/ (1,983 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** IT Manager, Network Administrator - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 46% Mid-Market, 46% Small-Business #### What Are ESET PROTECT's Pros and Cons? **Pros:** - Ease of Use (95 reviews) - Protection (79 reviews) - Reliability (71 reviews) - Security (64 reviews) - Centralized Management (58 reviews) **Cons:** - Learning Curve (32 reviews) - Difficult Configuration (31 reviews) - Not User-Friendly (25 reviews) - Lack of Clarity (23 reviews) - Difficult Navigation (20 reviews) ### 7. [ThreatDown](https://www.g2.com/products/threatdown/reviews) ThreatDown is an all-in-one cybersecurity platform that delivers enterprise-grade protection without the complexity. Built to make advanced cybersecurity accessible without adding headcount. ThreatDown MDR monitors your environment around the clock, investigates alerts on your behalf, and takes action to contain threats before they spread— delivering the protection of an in-house SOC without the cost. One lightweight agent. One cloud-based console. ThreatDown brings endpoint and identity security together with patch management, vulnerability assessment, DNS filtering, and email security—eliminating tool sprawl and reducing operational overhead. Native EDR and ITDR telemetry connects user activity with endpoint behavior, giving teams the full attack story so they can detect and respond faster. Backed by nearly two decades of Malwarebytes expertise, ThreatDown pairs award-winning detection with a patented remediation engine that removes every trace of malware to prevent reinfection. It stops ransomware, credential theft, zero-day exploits, phishing, and human-operated attacks—and goes further with built-in ransomware rollback to help organizations recover quickly. Deploy in minutes. See value fast. Recognized as an MRG Effitas Product of the Year and a G2 Leader, ThreatDown is consistently rated for ease of use, rapid deployment, and high-quality support. ThreatDown Solutions ThreatDown MDR (Managed Detection and Response) delivers 24/7/365 human-led threat monitoring, investigation, and remediation powered by Malwarebytes detection and AI-driven engines—closing the security resource gap and reducing risk from unknown threats. ThreatDown EDR (Endpoint Detection and Response) protects against ransomware, zero-day exploits, phishing, and human-operated attacks that bypass prevention layers, with the tools to detect, investigate, and contain threats. ThreatDown ITDR (Identity Threat Detection and Response) stops identity-based attacks by continuously monitoring credential, privilege, and access behavior across Active Directory, Microsoft Entra ID, and Okta. Native correlation with EDR delivers unified endpoint-to-identity visibility and response—closing the post-authentication gap that IAM and MFA leave open. For Partners Our multi-tenant ThreatDown OneView platform enables MSPs and IT admins to streamline operations with centralized management of customer endpoints, license subscriptions, reporting, and global policies. With products and services like Endpoint Detection and Response (EDR), Managed Detection and Response (MDR) and the rest of our technologies in our portfolio, partners can offer the right product or service to each customer, tailored to their specific needs. Find out more about our partner program at https://www.threatdown.com/partner-program. **Average Rating:** 4.6/5.0 **Total Reviews:** 1,040 **How Do G2 Users Rate ThreatDown?** - **Ease of Admin:** 9.1/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10) - **Quality of Support:** 8.8/10 (Category avg: 8.7/10) - **Ease of Use:** 9.2/10 (Category avg: 8.7/10) **Who Is the Company Behind ThreatDown?** - **Seller:** [Malwarebytes](https://www.g2.com/sellers/malwarebytes) - **Company Website:** https://www.malwarebytes.com - **Year Founded:** 2008 - **HQ Location:** Santa Clara, CA - **Twitter:** @Malwarebytes (88,489 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/malwarebytes/ (613 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** IT Manager, Owner - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 48% Small-Business, 41% Mid-Market #### What Are ThreatDown's Pros and Cons? **Pros:** - Ease of Use (99 reviews) - Features (68 reviews) - Security (59 reviews) - Threat Detection (56 reviews) - Customer Support (54 reviews) **Cons:** - Poor Customer Support (23 reviews) - Lack of Clarity (22 reviews) - Missing Features (20 reviews) - False Positives (18 reviews) - Communication Issues (16 reviews) ### 8. [Iru](https://www.g2.com/products/iru/reviews) Iru is an AI-powered IT and security platform designed to help organizations secure their users, applications, and devices in an increasingly complex digital landscape. Tailored for the AI era, Iru integrates identity and access management, endpoint security, and compliance automation into a single cohesive solution. This unification streamlines operations, allowing IT and security teams to regain control and allocate their time more effectively. Targeted at fast-growing companies, Iru addresses the challenges faced by IT and security professionals who often juggle multiple tools and systems. The platform is particularly beneficial for organizations that require robust security measures while maintaining agility and efficiency. Use cases include managing user access across various applications, ensuring device security, and automating compliance processes, all of which are critical in today’s fast-paced business environment. At the heart of Iru is the Iru Context Model, which provides a dynamic overview of the organization’s environment by continuously monitoring users, devices, and applications in real-time. Complementing this model is Iru AI, an intelligent layer that transforms live data signals into actionable insights, orchestrates necessary actions, and maintains a comprehensive audit trail. This integration enhances policy enforcement, automates response mechanisms, and simplifies compliance, making it easier for organizations to adhere to regulatory requirements. One of Iru's standout features is its single endpoint agent, which manages and secures every device within an organization’s fleet. By implementing passwordless access through device-bound passkeys linked to device posture, Iru creates a trust fabric that strengthens security between users and devices. Additionally, compliance is continuously monitored with customized controls and an Adaptive Evidence Map that updates automatically, reducing the burden on IT teams and minimizing the risk of oversight. Iru aims to bring clarity and control back to overwhelmed IT and security teams by consolidating disparate tools into one unified platform. This shift allows teams to transition from reactive firefighting to proactive strategic initiatives that drive business success. The result is a more robust security posture, simplified workflows, and outcomes that align with organizational goals, ultimately fostering a safer and more efficient operational environment. **Average Rating:** 4.7/5.0 **Total Reviews:** 785 **How Do G2 Users Rate Iru?** - **Ease of Admin:** 9.4/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.0/10) - **Quality of Support:** 9.5/10 (Category avg: 8.7/10) - **Ease of Use:** 9.4/10 (Category avg: 8.7/10) **Who Is the Company Behind Iru?** - **Seller:** [Iru](https://www.g2.com/sellers/iru) - **Company Website:** https://www.iru.com/ - **Year Founded:** 2018 - **HQ Location:** Miami, FL - **Twitter:** @officiallyiru (2,027 Twitter followers) - **LinkedIn® Page:** https://linkedin.com/company/officiallyiru (356 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** IT Manager, CTO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 71% Mid-Market, 23% Small-Business #### What Are Iru's Pros and Cons? **Pros:** - Ease of Use (345 reviews) - Customer Support (254 reviews) - Device Management (174 reviews) - Easy Setup (152 reviews) - Apple Device Management (148 reviews) **Cons:** - Missing Features (71 reviews) - Lacking Features (56 reviews) - Device Management (53 reviews) - Limited Compatibility (51 reviews) - Expensive (46 reviews) ### 9. [Huntress Managed EDR](https://www.g2.com/products/huntress-managed-edr/reviews) At Huntress, we believe that enterprise-grade endpoint security shouldn’t just be for big security teams with the most resources. When basic defenses don't cut it, Huntress Managed EDR levels the cybersecurity playing field with a solution for ALL businesses. Our comprehensive platform combines fully-owned technology with expert oversight, including 24/7 monitoring by a team of expert hunters specializing in wrecking hackers day in and day out. Our focus is on hitting hackers when and where it matters most, so we filter out the noise of false positives and only alert you on real threats. And if hackers breach your defenses, we isolate and eliminate those threats for you with speed and precision. With Huntress, you’re not just keeping pace—you’re leveling up to world-class endpoint security. Huntress gives organizations of all sizes a top EDR solution with the ease of use security teams actually need so they can sleep at night knowing they're protected. **Average Rating:** 4.9/5.0 **Total Reviews:** 877 **How Do G2 Users Rate Huntress Managed EDR?** - **Ease of Admin:** 9.6/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.0/10) - **Quality of Support:** 9.7/10 (Category avg: 8.7/10) - **Ease of Use:** 9.5/10 (Category avg: 8.7/10) **Who Is the Company Behind Huntress Managed EDR?** - **Seller:** [Huntress Labs](https://www.g2.com/sellers/huntress-labs) - **Company Website:** https://huntress.com - **Year Founded:** 2015 - **HQ Location:** Ellicott City, US - **Twitter:** @HuntressLabs (40,164 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/10172550/ (916 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Owner, President - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 78% Small-Business, 17% Mid-Market #### What Are Huntress Managed EDR's Pros and Cons? **Pros:** - Customer Support (158 reviews) - Ease of Use (125 reviews) - Threat Detection (92 reviews) - Protection (75 reviews) - Continuous Monitoring (70 reviews) **Cons:** - Improvements Needed (20 reviews) - Lack of Customization (17 reviews) - Poor Reporting (17 reviews) - Alert Issues (15 reviews) - Integration Issues (15 reviews) ### 10. [Cynet](https://www.g2.com/products/cynet/reviews) Cynet is the unified, AI-powered cybersecurity platform that delivers robust and comprehensive protection for security teams while maximizing operational efficiency for managed service providers (MSPs). This platform consolidates a wide array of security capabilities into a single, user-friendly interface, ensuring that organizations can effectively safeguard their digital assets without the complexity often associated with multi-solution environments. Cynet’s platform simplifies security management by integrating various functionalities, such as endpoint protection, threat detection, and incident response, into one cohesive system. This integration not only streamlines operations but also allows organizations to allocate their resources more effectively, ultimately enhancing their overall security posture. One of the standout features of Cynet’s platform is its remarkable performance in the MITRE ATT&CK Evaluations. Cynet delivered 100% visibility and 100% analytic coverage without requiring any configuration changes three years in a row. This capability ensures that organizations can monitor their environments comprehensively and respond to threats with precision. The platform’s built-in analytics and reporting tools provide actionable insights, enabling users to make informed decisions about their cybersecurity strategies. Additionally, Cynet offers 24/7 expert support, which is crucial for organizations that may not have in-house cybersecurity expertise. This round-the-clock assistance ensures that users can quickly address any security incidents or concerns, minimizing potential downtime and damage. The combination of advanced technology and dedicated support positions Cynet as a valuable partner for SMEs and service providers looking to enhance their cybersecurity measures. In summary, Cynet’s unified, AI-powered cybersecurity platform stands out in the crowded cybersecurity market by offering a unified solution tailored to the needs of MSPs. Its comprehensive features, exceptional performance in industry evaluations, and continuous expert support make it a compelling choice for organizations seeking to bolster their cybersecurity defenses while maintaining operational efficiency. **Average Rating:** 4.7/5.0 **Total Reviews:** 208 **How Do G2 Users Rate Cynet?** - **Ease of Admin:** 9.2/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.0/10) - **Quality of Support:** 9.3/10 (Category avg: 8.7/10) - **Ease of Use:** 9.1/10 (Category avg: 8.7/10) **Who Is the Company Behind Cynet?** - **Seller:** [Cynet](https://www.g2.com/sellers/cynet) - **Company Website:** https://www.cynet.com/ - **Year Founded:** 2014 - **HQ Location:** Boston, MA - **LinkedIn® Page:** https://www.linkedin.com/company/cynet-security/ (329 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** SOC Analyst, Technical Engineer - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 58% Mid-Market, 30% Small-Business #### What Are Cynet's Pros and Cons? **Pros:** - Ease of Use (48 reviews) - Features (36 reviews) - Threat Detection (34 reviews) - Customer Support (32 reviews) - Security (31 reviews) **Cons:** - Limited Customization (11 reviews) - Feature Limitations (10 reviews) - Lack of Customization (10 reviews) - Limited Features (10 reviews) - Missing Features (10 reviews) ### 11. [SentinelOne Singularity Endpoint](https://www.g2.com/products/sentinelone-singularity-endpoint/reviews) SentinelOne (NYSE:S) is pioneering autonomous cybersecurity to prevent, detect, and respond to cyber attacks faster and with higher accuracy than ever before. The Singularity Platform protects and empowers leading global enterprises with real-time visibility, cross-platform correlation, and AI-powered response across endpoints, cloud workloads and containers, network-connected (IoT) devices and identity-centric attack surfaces. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, on LinkedIn or Facebook. Over 9,250 customers, including 4 of the Fortune 10, hundreds of the Global 2000, prominent governments, healthcare providers, and educational institutions, trust SentinelOne to bring their defenses into the future, gaining more capability with less complexity. SentinelOne is a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms, and is a go-to platform across all customer profiles, as highlighted in Gartner’s Critical Capabilities report. SentinelOne continues to prove its industry-leading capabilities in the MITRE Engenuity ATT&CK® Evaluation, with 100% protection detection, 88% less noise, and zero delays in the 2024 MITRE ATT&CK Engenuity evaluations, demonstrating our dedication to keeping our customers ahead of threats from every vector. **Average Rating:** 4.7/5.0 **Total Reviews:** 195 **How Do G2 Users Rate SentinelOne Singularity Endpoint?** - **Ease of Admin:** 8.9/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.0/10) - **Quality of Support:** 8.9/10 (Category avg: 8.7/10) - **Ease of Use:** 8.9/10 (Category avg: 8.7/10) **Who Is the Company Behind SentinelOne Singularity Endpoint?** - **Seller:** [SentinelOne](https://www.g2.com/sellers/sentinelone) - **Company Website:** https://www.sentinelone.com - **Year Founded:** 2013 - **HQ Location:** Mountain View, CA - **Twitter:** @SentinelOne (57,750 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2886771/ (3,197 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 45% Mid-Market, 36% Enterprise #### What Are SentinelOne Singularity Endpoint's Pros and Cons? **Pros:** - Ease of Use (16 reviews) - Features (11 reviews) - Threat Detection (11 reviews) - Customer Support (10 reviews) - Security (7 reviews) **Cons:** - Learning Curve (4 reviews) - Not User-Friendly (4 reviews) - Slow Performance (4 reviews) - Complexity (3 reviews) - Difficult Configuration (3 reviews) ### 12. [IBM MaaS360](https://www.g2.com/products/ibm-maas360/reviews) IBM MaaS360 is an easy to use, unified endpoint management (UEM) solution that transforms the way that organizations support users, apps, content, and data across essentially every type of device. Its open, cloud-based platform integrates with preferred security and productivity tools. You can protect your workforce with evolved Threat Management, Mobile Security, Device management features and your analytics will be powered by watsonx AI capabilities, helping you to set up a good security posture. IBM MaaS360 is available for purchase on ibm.com and AWS Marketplace. **Average Rating:** 4.2/5.0 **Total Reviews:** 183 **How Do G2 Users Rate IBM MaaS360?** - **Ease of Admin:** 8.0/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.0/10 (Category avg: 9.0/10) - **Quality of Support:** 8.1/10 (Category avg: 8.7/10) - **Ease of Use:** 8.2/10 (Category avg: 8.7/10) **Who Is the Company Behind IBM MaaS360?** - **Seller:** [IBM](https://www.g2.com/sellers/ibm) - **Company Website:** https://www.ibm.com/us-en - **Year Founded:** 1911 - **HQ Location:** Armonk, NY - **Twitter:** @IBM (709,298 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1009/ (324,553 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** IT Manager, Software Engineer - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 45% Mid-Market, 34% Enterprise #### What Are IBM MaaS360's Pros and Cons? **Pros:** - Features (48 reviews) - Security (46 reviews) - Device Management (38 reviews) - Ease of Use (37 reviews) - Protection (24 reviews) **Cons:** - Learning Curve (24 reviews) - Poor Interface Design (17 reviews) - Poor UI (17 reviews) - Slow Performance (17 reviews) - Outdated Interface (13 reviews) ### 13. [ThreatLocker Platform](https://www.g2.com/products/threatlocker-platform/reviews) ThreatLocker is a global leading Zero Trust Platform designed to empower organizations by providing them with the ability to control which applications are permitted to run on their networks. This suite of security tools is tailored for a wide range of users, including businesses, government agencies, and academic institutions, all of whom face the increasing threat of cybercrime. By enabling users to manage application execution, ThreatLocker aims to create a secure environment where organizations can operate without the looming fear of malware and other cyber threats. The ThreatLocker suite stands out in the cybersecurity landscape due to its focus on application whitelisting, a proactive approach that allows organizations to define and enforce policies on what software can be executed. This feature is particularly beneficial for organizations that require stringent security measures, as it minimizes the risk of unauthorized applications compromising sensitive data. The solution is designed for IT administrators who seek to enhance their network security posture while maintaining operational efficiency. One of the key features of ThreatLocker is its ability to provide real-time visibility and control over application behavior. This allows organizations to monitor application usage and detect any suspicious activities that may indicate a potential threat. Additionally, ThreatLocker offers customizable policies that can be tailored to meet the specific needs of different departments or user groups within an organization, ensuring that security measures align with operational requirements. Another significant benefit of ThreatLocker is its user-friendly interface, which simplifies the management of security policies. This accessibility enables IT teams to implement and adjust security measures without extensive training or expertise in cybersecurity. Furthermore, ThreatLocker is backed by a team of experienced cybersecurity professionals who continuously update and enhance the platform to address emerging threats and vulnerabilities. In essence, ThreatLocker provides organizations with the tools they need to take control of their cybersecurity strategy. By focusing on application control and offering robust monitoring capabilities, ThreatLocker helps organizations mitigate risks associated with cyber threats while fostering a secure environment for their operations. This innovative approach to cybersecurity empowers users to navigate their digital landscape confidently, free from the influence of cybercriminals. **Average Rating:** 4.8/5.0 **Total Reviews:** 473 **How Do G2 Users Rate ThreatLocker Platform?** - **Ease of Admin:** 8.6/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.0/10) - **Quality of Support:** 9.7/10 (Category avg: 8.7/10) - **Ease of Use:** 8.4/10 (Category avg: 8.7/10) **Who Is the Company Behind ThreatLocker Platform?** - **Seller:** [Threatlocker Inc](https://www.g2.com/sellers/threatlocker-inc) - **Company Website:** https://www.threatlocker.com - **Year Founded:** 2017 - **HQ Location:** Orlando, Florida, United States - **Twitter:** @ThreatLocker (2,738 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/65512111/ (700 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** President, CEO - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 54% Small-Business, 33% Mid-Market #### What Are ThreatLocker Platform's Pros and Cons? **Pros:** - Customer Support (92 reviews) - Threat Detection (87 reviews) - Ease of Use (75 reviews) - Security (71 reviews) - Protection (69 reviews) **Cons:** - Learning Curve (44 reviews) - Difficult Learning Curve (30 reviews) - Difficult Configuration (16 reviews) - Difficult Navigation (14 reviews) - Training Required (13 reviews) ### 14. [Coro Cybersecurity](https://www.g2.com/products/coro-cybersecurity/reviews) Coro is the easy cybersecurity company. We designed an all-in-one platform that every lean IT team will master. While other solutions scare people into buying complicated, confusing products, we lead with elegant simplicity. Coro is fast to deploy, easy to use, and designed not to waste your time. Once you install Coro, you’ll hardly think about us. That’s the point. Coro automatically detects and fixes security problems, so IT teams don’t have to spend time investigating or troubleshooting. We’re also one of the fastest-growing tech companies in North America, just ask Deloitte. Designed primarily for lean IT teams, Coro’s platform is particularly beneficial for organizations that may lack extensive IT resources or dedicated cybersecurity teams. With the increasing complexity of cyber threats, these businesses often find it challenging to maintain adequate security measures. Coro addresses this gap by automating the detection and remediation of security threats, allowing businesses to focus on their core operations without the constant worry of potential breaches or security incidents. One of Coro's key benefits is its intuitive, user-friendly interface, which simplifies the management of cybersecurity protocols. This ease of use is particularly advantageous for organizations with limited IT expertise, as it minimizes the need for extensive training or technical knowledge. Additionally, Coro’s continuous monitoring and reporting features provide businesses with valuable insights into their security posture, enabling them to make informed decisions about their cybersecurity strategies. Another impressive features is how comprehensive, yet powerful, it's all-in-one platform is. Using advanced AI technology, it detects and remediates over 92% of threats automatically, ensuring potential vulnerabilities are identified and addressed in real-time, significantly reducing the risk of data breaches and other cyber incidents. Their impressive performance has been recognised by G2 with a 94% approval rating from users and SE Labs, who awarded them three AAA ratings for their EDR, Email and Cloud modules. Overall, Coro’s cybersecurity platform represents a significant advancement in the field of cybersecurity. By automating threat detection and remediation, offering customizable solutions, and providing a user-friendly experience, Coro empowers organizations to effectively defend against the evolving landscape of cyber threats. Its recognition as one of the fastest-growing cybersecurity companies in North America further underscores its commitment to delivering innovative and effective security solutions. **Average Rating:** 4.7/5.0 **Total Reviews:** 231 **How Do G2 Users Rate Coro Cybersecurity?** - **Ease of Admin:** 9.5/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.0/10) - **Quality of Support:** 9.5/10 (Category avg: 8.7/10) - **Ease of Use:** 9.5/10 (Category avg: 8.7/10) **Who Is the Company Behind Coro Cybersecurity?** - **Seller:** [Coronet](https://www.g2.com/sellers/coronet) - **Company Website:** https://www.coro.net - **Year Founded:** 2014 - **HQ Location:** Chicago, IL - **Twitter:** @coro_cyber (1,891 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/coronet (295 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** IT Manager, IT Director - **Top Industries:** Non-Profit Organization Management, Financial Services - **Company Size:** 57% Mid-Market, 36% Small-Business #### What Are Coro Cybersecurity's Pros and Cons? **Pros:** - Ease of Use (99 reviews) - Security (68 reviews) - Customer Support (67 reviews) - Protection (55 reviews) - Easy Setup (49 reviews) **Cons:** - Performance Issues (32 reviews) - Improvements Needed (20 reviews) - False Positives (19 reviews) - Inaccuracy (19 reviews) - Limited Features (16 reviews) ### 15. [TrendAI Vision One](https://www.g2.com/products/trendai-vision-one/reviews) TrendAI Vision One is a cloud-native security operations platform, serving cloud, hybrid, and on-premises environments. It combines ASM and XDR in a single console to effectively manage cyber risk across your organization. The platform provides powerful risk insights, earlier threat detection, and automated risk and threat response options. Utilize the platform’s predictive machine learning and advanced security analytics for a broader perspective and advanced context. TrendAI Vision One integrates with its own expansive protection platform portfolio and industry-leading global threat intelligence, in addition to a broad ecosystem of purpose-built and API-driven third-party integrations. **Average Rating:** 4.7/5.0 **Total Reviews:** 246 **How Do G2 Users Rate TrendAI Vision One?** - **Ease of Admin:** 8.7/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.0/10) - **Quality of Support:** 8.7/10 (Category avg: 8.7/10) - **Ease of Use:** 8.6/10 (Category avg: 8.7/10) **Who Is the Company Behind TrendAI Vision One?** - **Seller:** [Trend Micro](https://www.g2.com/sellers/trend-micro) - **Company Website:** https://www.trendmicro.com/ - **Year Founded:** 1988 - **HQ Location:** Tokyo - **LinkedIn® Page:** https://www.linkedin.com/company/4312/ (8,090 employees on LinkedIn®) - **Ownership:** OTCMKTS:TMICY **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 52% Enterprise, 33% Mid-Market #### What Are TrendAI Vision One's Pros and Cons? **Pros:** - Visibility (38 reviews) - Security (33 reviews) - Ease of Use (32 reviews) - Features (31 reviews) - Threat Detection (27 reviews) **Cons:** - Complex Interface (12 reviews) - Integration Issues (12 reviews) - Learning Curve (11 reviews) - Expensive (10 reviews) - Limited Features (10 reviews) ### 16. [Carbon Black EDR](https://www.g2.com/products/carbon-black-edr/reviews) Carbon Black EDR is a market-leading incident response and threat hunting solution designed to provide responders with the most information possible, accompanied by expert threat analysis and armed with real-time response capabilities to stop attacks, minimize damage and close security gaps. Carbon Black EDR makes these teams more efficient, reducing investigations from days to hours, and more effective, enabling them to discover threats before attacks can exploit them. Carbon Black EDR also allows teams to connect to and isolate infected machines to prevent lateral movement and remediate devices without costly IT involvement. Continuous and Centralized Recording Centralized access to continuously recorded endpoint data means that security professionals have the information they need to hunt threats in real time as well as conduct in-depth investigations after a breach has occurred. Live Response for Remote Remediation With Live Response, incident responders can create a secure connection to infected hosts to pull or push files, kill processes, perform memory dumps and quickly remediate from anywhere in the world. Attack Chain Visualization and Search Carbon Black EDR provides intuitive attack chain visualization to make identifying root cause fast and easy. Analysts can quickly jump through each stage of an attack to gain insight into the attacker’s behavior, close security gaps and learn from every new attack technique to avoid falling victim to the same attack twice. Automation via Integrations and Open APIs Carbon Black boasts a robust partner ecosystem and open platform that allows security teams to integrate products like Carbon Black EDR into their existing security stack. **Average Rating:** 4.4/5.0 **Total Reviews:** 82 **How Do G2 Users Rate Carbon Black EDR?** - **Ease of Admin:** 7.9/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.3/10 (Category avg: 9.0/10) - **Quality of Support:** 8.6/10 (Category avg: 8.7/10) - **Ease of Use:** 8.4/10 (Category avg: 8.7/10) **Who Is the Company Behind Carbon Black EDR?** - **Seller:** [Broadcom](https://www.g2.com/sellers/broadcom-ab3091cd-4724-46a8-ac89-219d6bc8e166) - **Year Founded:** 1991 - **HQ Location:** San Jose, CA - **Twitter:** @broadcom (63,400 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/broadcom/ (55,707 employees on LinkedIn®) - **Ownership:** NASDAQ: CA **Who Uses This Product?** - **Who Uses This:** IT Manager - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 64% Mid-Market, 41% Enterprise #### What Are Carbon Black EDR's Pros and Cons? **Pros:** - Protection (5 reviews) - Automation (2 reviews) - Incident Response (2 reviews) - Threat Detection (2 reviews) - AI (1 reviews) **Cons:** - Expensive (3 reviews) - High Resource Usage (2 reviews) - Alert Issues (1 reviews) - False Positives (1 reviews) - Inefficient Search Functionality (1 reviews) ### 17. [Microsoft Defender for Endpoint](https://www.g2.com/products/microsoft-defender-for-endpoint/reviews) Microsoft Defender for Endpoint is a complete endpoint security solution that delivers preventative protection, post-breach detection, automated investigation, and response. With Defender for Endpoint, you have: Agentless, cloud powered - No additional deployment or infrastructure. No delays or update compatibility issues. Always up to date. Unparalleled optics - Built on the industry’s deepest insight into Windows threats and shared signals across devices, identities, and information. Automated security - Take your security to a new level by going from alert to remediation in minutes—at scale. **Average Rating:** 4.4/5.0 **Total Reviews:** 300 **How Do G2 Users Rate Microsoft Defender for Endpoint?** - **Ease of Admin:** 8.6/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.0/10) - **Quality of Support:** 8.5/10 (Category avg: 8.7/10) - **Ease of Use:** 8.6/10 (Category avg: 8.7/10) **Who Is the Company Behind Microsoft Defender for Endpoint?** - **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft) - **Year Founded:** 1975 - **HQ Location:** Redmond, Washington - **Twitter:** @microsoft (13,105,638 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (227,697 employees on LinkedIn®) - **Ownership:** MSFT **Who Uses This Product?** - **Who Uses This:** Software Engineer, Security Analyst - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 39% Enterprise, 35% Mid-Market #### What Are Microsoft Defender for Endpoint's Pros and Cons? **Pros:** - Ease of Use (20 reviews) - Threat Detection (18 reviews) - Security (17 reviews) - Protection (15 reviews) - Cybersecurity Protection (14 reviews) **Cons:** - Compatibility Issues (8 reviews) - Complexity (8 reviews) - Difficult Configuration (7 reviews) - Improvements Needed (7 reviews) - Lack of Clarity (7 reviews) ### 18. [N-able N-central](https://www.g2.com/products/n-able-n-central/reviews) Join the thousands of MSPs and IT professionals who use N-able™ N-central® to remotely monitor and manage devices and complex networks. Built with security in mind, N-central provides the visibility and efficiency you need to monitor more, provide great customer service, and scale your business. Key features include: • Monitor almost any device, including support for Windows, Linux, and macOS • Gain complete insight across your network and cloud services without the need for extra network monitoring software • Create automated patch management policies to ensure devices are up to date • Streamline your workflow with drag-and-drop scripting in automation manager—no need to write a line of code • Provide remote support across devices and platforms with the integrated Take Control feature • Integrate your existing PSA software or use N-able MSP Manager to manage tickets and billing • Manage security with integrated backup, EDR, AV, and disk encryption • Available as an on-premises or hosted cloud solution to fit your business N-central is designed to help you run your managed services business or internal IT department more efficiently, so you can focus on scaling operations. **Average Rating:** 4.4/5.0 **Total Reviews:** 531 **How Do G2 Users Rate N-able N-central?** - **Ease of Admin:** 7.9/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.0/10) - **Quality of Support:** 7.9/10 (Category avg: 8.7/10) - **Ease of Use:** 7.9/10 (Category avg: 8.7/10) **Who Is the Company Behind N-able N-central?** - **Seller:** [N-able](https://www.g2.com/sellers/n-able) - **Company Website:** https://www.n-able.com - **HQ Location:** Morrisville, North Carolina - **Twitter:** @Nable (15,883 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/n-able (2,224 employees on LinkedIn®) - **Ownership:** NYSE: NABL **Who Uses This Product?** - **Who Uses This:** Owner, Director - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 60% Small-Business, 33% Mid-Market #### What Are N-able N-central's Pros and Cons? **Pros:** - Ease of Use (188 reviews) - Automation (116 reviews) - Features (112 reviews) - Remote Access (89 reviews) - Monitoring (80 reviews) **Cons:** - Missing Features (87 reviews) - Feature Issues (65 reviews) - Needs Improvement (61 reviews) - Learning Curve (47 reviews) - Not User-Friendly (47 reviews) ### 19. [Bitdefender GravityZone XDR](https://www.g2.com/products/bitdefender-gravityzone-xdr/reviews) GravityZone is a business security solution built from ground-up for virtualization and cloud to deliver security services to physical endpoints, mobile devices, virtual machines in public cloud and Exchange mail servers. GravityZone is one product with a unified management console available in the cloud, hosted by Bitdefender, or as one virtual appliance to be installed on company's premises, and it provides a single point for deploying, enforcing and managing security policies for any number of endpoints and of any type, in any location. GravityZone delivers multiple layers of security for endpoints and for Microsoft Exchange mail servers: antimalware with behavioral monitoring, zero day threat protection, application control and sandboxing, firewall, device control, content control, anti-phishing and antispam. **Average Rating:** 4.0/5.0 **Total Reviews:** 84 **How Do G2 Users Rate Bitdefender GravityZone XDR?** - **Ease of Admin:** 7.9/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.1/10 (Category avg: 9.0/10) - **Quality of Support:** 8.2/10 (Category avg: 8.7/10) - **Ease of Use:** 8.1/10 (Category avg: 8.7/10) **Who Is the Company Behind Bitdefender GravityZone XDR?** - **Seller:** [Bitdefender](https://www.g2.com/sellers/bitdefender) - **Company Website:** https://www.bitdefender.com/?cid=soc%7Cc%7clkdn%7CLkdnAbout - **Year Founded:** 2001 - **HQ Location:** Bucuresti, Romania - **Twitter:** @Bitdefender (114,011 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/6825/ (2,317 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 53% Small-Business, 40% Mid-Market #### What Are Bitdefender GravityZone XDR's Pros and Cons? **Pros:** - Features (11 reviews) - Ease of Use (10 reviews) - Customer Support (8 reviews) - Efficiency (8 reviews) - Security (8 reviews) **Cons:** - Not User-Friendly (5 reviews) - Complex Interface (4 reviews) - Complexity (4 reviews) - Configuration Issues (4 reviews) - Difficult Configuration (4 reviews) ### 20. [Kaspersky Next EDR Expert](https://www.g2.com/products/kaspersky-next-edr-expert/reviews) Kaspersky Next EDR Expert is a powerful Endpoint Detection and Response solution that works together with Endpoint Protection Platform to block mass attacks, detect complex cyberthreats, proactively investigate incidents and equip IT security specialists with comprehensive response tools. The solution provides a comprehensive view of endpoints across your corporate infrastructure, along with clear visualization of every stage of an investigation. With a powerful set of detection engines and root cause analysis tools, our EDR ensures effective threat detection and investigation. Powerful EDR solution with best-in-class endpoint protection: • Built on best-in-class endpoint protection proven by numerous independent tests • Trusted by 600+ enterprise customers, protecting over 2.5 million endpoints worldwide • 1,900+ detection rules developed and maintained by Kaspersky’s global SOC team • Nearly 30 years of proven experience defending against advanced cyberthreats • Built on the Open Single Management Platform with an open architecture and broad integration capabilities • Integrates with Kaspersky SIEM, Endpoint Security, Security Network Threat Lookup, MDR and third-party AV/API workflows • Embedded sandbox for in-depth analysis of suspicious files • AI-enhanced components that significantly improve detection accuracy **Average Rating:** 4.3/5.0 **Total Reviews:** 31 **How Do G2 Users Rate Kaspersky Next EDR Expert?** - **Ease of Admin:** 9.4/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.0/10) - **Quality of Support:** 8.3/10 (Category avg: 8.7/10) - **Ease of Use:** 9.3/10 (Category avg: 8.7/10) **Who Is the Company Behind Kaspersky Next EDR Expert?** - **Seller:** [Kaspersky](https://www.g2.com/sellers/kaspersky-bce2dc7f-2586-4e87-96da-114de2c40584) - **Year Founded:** 1997 - **HQ Location:** Moscow - **Twitter:** @kasperskylabind (1,294 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/kaspersky/ (4,494 employees on LinkedIn®) - **Phone:** 1-866-328-5700 **Who Uses This Product?** - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 39% Mid-Market, 32% Small-Business #### What Are Kaspersky Next EDR Expert's Pros and Cons? **Pros:** - Easy Deployment (1 reviews) - Expertise (1 reviews) - Threat Detection (1 reviews) **Cons:** - Limited Features (1 reviews) - Poor Reporting (1 reviews) - UX Improvement (1 reviews) ### 21. [WithSecure Elements Extended Detection and Response (XDR)](https://www.g2.com/products/withsecure-elements-extended-detection-and-response-xdr/reviews) WithSecure Elements Extended Detection and Response (XDR) is a unified solution, designed to protect modern IT estates. It minimizes the impact of attacks by using automated and advanced preventative controls that keep incident volumes and lower-level attacks at bay. AI-powered tooling enables fast detection, investigation, and response to threats. Luminen GenAI assistant is automatically included with Elements XDR, further empowering your analyst. Secure your digital environment: - Endpoints (laptops and workstations, mobiles, servers) - Digital identities and their user credentials (Microsoft Entra ID) - Cloud resources (Microsoft Azure) - Emails and cloud-based collaboration services (Microsoft 365 including Exchange, SharePoint sites, OneDrive, and Microsoft Teams) **Average Rating:** 4.4/5.0 **Total Reviews:** 117 **How Do G2 Users Rate WithSecure Elements Extended Detection and Response (XDR)?** - **Ease of Admin:** 8.5/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.0/10) - **Quality of Support:** 8.8/10 (Category avg: 8.7/10) - **Ease of Use:** 9.1/10 (Category avg: 8.7/10) **Who Is the Company Behind WithSecure Elements Extended Detection and Response (XDR)?** - **Seller:** [WithSecure](https://www.g2.com/sellers/withsecure) - **Year Founded:** 1988 - **HQ Location:** Helsinki, Finland - **Twitter:** @WithSecure (66,598 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/6219/ (1,746 employees on LinkedIn®) - **Ownership:** FSOYF **Who Uses This Product?** - **Company Size:** 45% Mid-Market, 40% Small-Business #### What Are WithSecure Elements Extended Detection and Response (XDR)'s Pros and Cons? **Pros:** - Ease of Use (2 reviews) - Efficiency (2 reviews) - Alerting (1 reviews) - Cloud Management (1 reviews) - Easy Management (1 reviews) **Cons:** - Not User-Friendly (2 reviews) - Alert Issues (1 reviews) - Console Issues (1 reviews) - Delay Issues (1 reviews) - False Positives (1 reviews) ### 22. [Acronis Cyber Protect](https://www.g2.com/products/acronis-acronis-cyber-protect/reviews) Acronis Cyber Protect delivers robust protection against cyberthreats, unparalleled backup and recovery capabilities and simplified management and visibility through a single pane of glass, for the entire environment. Key features of Acronis Cyber Protect include: · Cyberthreat protection: Using artificial intelligence (AI) and machine learning (ML), proactively secures data, applications and systems, from advanced cyberattacks, including ransomware and other forms of malware. · Rapid Recovery: Reduced dependency on central IT support empowers users to initiate one-click recovery of distributed endpoints, including bare-metal recovery of physical workloads. · Reduced TCO: Broad, multigenerational OS support, enables vendor consolidation while ensuring comprehensive protection. · Simplified management: Centralized management includes local autonomy and seamless integration with existing third-party tools to provide a unified view of backup and recovery operations along with broad, multigenerational OS support. · Data sovereignty: With the use of Acronis’ extensive network of global data centers, users can ensure compliance and master regional data sovereignty laws, offering peace of mind and regulatory compliance. Acronis is majority-owned by EQT. **Average Rating:** 4.3/5.0 **Total Reviews:** 657 **How Do G2 Users Rate Acronis Cyber Protect?** - **Ease of Admin:** 8.4/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 8.4/10 (Category avg: 9.0/10) - **Quality of Support:** 8.3/10 (Category avg: 8.7/10) - **Ease of Use:** 8.6/10 (Category avg: 8.7/10) **Who Is the Company Behind Acronis Cyber Protect?** - **Seller:** [Acronis](https://www.g2.com/sellers/acronis) - **Year Founded:** 2003 - **HQ Location:** Schaffhausen - **Twitter:** @acronis (94,736 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/13179/ (1,917 employees on LinkedIn®) - **Ownership:** Acronis is majority-owned by EQT **Who Uses This Product?** - **Who Uses This:** Support Analyst, IT Manager - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 45% Small-Business, 40% Mid-Market #### What Are Acronis Cyber Protect's Pros and Cons? **Pros:** - Backup Solutions (10 reviews) - Ease of Use (8 reviews) - Features (8 reviews) - Data Recovery (5 reviews) - Security (5 reviews) **Cons:** - Expensive (6 reviews) - Complexity (4 reviews) - Difficult Learning (4 reviews) - Poor Customer Support (4 reviews) - Slow Performance (4 reviews) ### 23. [Cortex XDR](https://www.g2.com/products/palo-alto-networks-cortex-xdr/reviews) Cortex XDR is the industry’s first extended detection and response platform that stops modern attacks by integrating data from any source. With Cortex XDR, you can harness the power of AI, analytics and rich data to detect stealthy threats. Your SOC team can cut through the noise and focus on what matters most with intelligent alert grouping and incident scoring. Cross-data insights accelerate investigations, so you can streamline incident response and recovery. Cortex XDR delivers peace of mind with best-in-class endpoint protection that achieved the highest combined protection and detection scores in the MITRE ATT&CK® round 3 evaluation. The Cortex XDR platform collects and analyzes all data, so you can gain complete visibility and holistic protection to secure what’s next. **Average Rating:** 4.6/5.0 **Total Reviews:** 50 **How Do G2 Users Rate Cortex XDR?** - **Ease of Admin:** 8.9/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10) - **Quality of Support:** 9.0/10 (Category avg: 8.7/10) - **Ease of Use:** 9.0/10 (Category avg: 8.7/10) **Who Is the Company Behind Cortex XDR?** - **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks) - **Year Founded:** 2005 - **HQ Location:** Santa Clara, CA - **Twitter:** @PaloAltoNtwks (128,825 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (21,355 employees on LinkedIn®) - **Ownership:** NYSE: PANW **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 45% Enterprise, 38% Mid-Market #### What Are Cortex XDR's Pros and Cons? **Pros:** - Ease of Use (2 reviews) - Threat Detection (2 reviews) - XDR Capabilities (2 reviews) - Alert Notifications (1 reviews) - Antivirus Protection (1 reviews) **Cons:** - Compatibility Issues (1 reviews) - Complexity (1 reviews) - Complex Management (1 reviews) - Difficult Learning (1 reviews) - Expensive (1 reviews) ### 24. [DefenseStorm](https://www.g2.com/products/defensestorm/reviews) DefenseStorm is a comprehensive cybersecurity platform specifically designed for financial institutions, focusing on cyber risk assessment, governance, security, and fraud prevention. This integrated solution addresses the unique challenges that banks and other financial entities face in maintaining cyber risk readiness amidst a complex landscape of regulations and technological demands. The platform is tailored to meet the stringent requirements of the banking sector, making it a vital resource for organizations seeking to enhance their cybersecurity posture. DefenseStorm's intelligent data engine, known as GRID ACTIVE, plays a crucial role in this process by providing real-time access to critical threat data. This capability allows financial institutions to analyze and respond to potential threats swiftly, ensuring they remain vigilant against evolving cyber risks. Targeted at banks and financial service providers, DefenseStorm offers a range of use cases that are essential for maintaining compliance and safeguarding sensitive data. The platform not only helps institutions assess their current cyber risk levels but also provides governance tools that facilitate adherence to regulatory requirements. By integrating security measures with fraud detection capabilities, DefenseStorm enables organizations to create a robust defense against both internal and external threats. One of the standout features of DefenseStorm is its Cyber Threat Surveillance Operations (CTS Ops) team, which provides round-the-clock support. This managed service ensures that financial institutions have access to expert resources at all times, allowing them to leverage specialized knowledge and experience in combating cyber threats. The continuous monitoring and proactive threat management offered by the CTS Ops team enhance the overall security framework of the institution, providing peace of mind to stakeholders. Overall, DefenseStorm's unique focus on the banking sector, combined with its advanced data analytics and dedicated support services, positions it as a critical tool for financial institutions aiming to navigate the complexities of cybersecurity. By equipping organizations with the necessary tools and expertise, DefenseStorm helps them not only to meet regulatory obligations but also to foster a culture of security that is essential in today's digital landscape. **Average Rating:** 4.8/5.0 **Total Reviews:** 29 **How Do G2 Users Rate DefenseStorm?** - **Ease of Admin:** 8.8/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.0/10) - **Quality of Support:** 9.8/10 (Category avg: 8.7/10) - **Ease of Use:** 8.6/10 (Category avg: 8.7/10) **Who Is the Company Behind DefenseStorm?** - **Seller:** [DEFENSESTORM](https://www.g2.com/sellers/defensestorm) - **Company Website:** https://www.defensestorm.com - **Year Founded:** 2014 - **HQ Location:** Alpharetta, Georgia - **LinkedIn® Page:** https://www.linkedin.com/company/defensestorm/ (89 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Banking, Financial Services - **Company Size:** 79% Mid-Market, 21% Small-Business #### What Are DefenseStorm's Pros and Cons? **Pros:** - Customer Support (19 reviews) - Team Quality (12 reviews) - Ease of Use (10 reviews) - Staff Expertise (8 reviews) - Alert Notifications (5 reviews) **Cons:** - Difficult Navigation (3 reviews) - Training Required (3 reviews) - Asset Management (2 reviews) - Difficult Organization (2 reviews) - Inadequate Reporting (2 reviews) ### 25. [Heimdal](https://www.g2.com/products/heimdal/reviews) Accommodate all your cybersecurity needs under one convenient roof with the Heimdal® Unified Cybersecurity Platform. Our cybersecurity solutions can be used as standalone products or integrated into one another as part of a cohesive and unified XDR platform. Whether you’re a reseller, distributor, MSSP, or an organization committed to bolstering your online security, we provide an array of cutting-edge products to make your mission smoother. Heimdal® is a fast-growing cybersecurity company focused on continuous technological innovation. Since its establishment in 2014 in Copenhagen, based on the winning idea of CTF World Champions, Heimdal has experienced spectacular growth by proactively building products that anticipate threatscape trends. The company offers a multi-layeredand unified security suite that combines threat prevention, patch and asset management, endpoint rights management, antivirus and mail security which together secure customers against cyberattacks and keep critical information and intellectual property safe. Heimdal has been recognized as a thought leader in the industry and has won multiple international awards both for its solutions and for its educational content creation. The Heimdal line of products currently consists of 10 products and 2 services. The former category encompasses DNS Security for Endpoints & Network, Patch & Asset Management, Privileged Access Management, Application Control, Next-Gen Endpoint Antivirus, Ransomware Encryption Protection, Email Security, Email Fraud Prevention, and Remote Desktop. The latter is represented by Endpoint Detection & Response, as well as eXtended Detection & Response, or EDR and XDR for short. Currently, Heimdal’s cybersecurity solutions are deployed in more than 45 countries and supported regionally from offices in 15+ countries, by 175+ highly qualified specialists. Heimdal is ISAE 3000 certified and secures more than 2 million endpoints for over 10,000 companies. The company supports its partners without concessions on the basis of predictability and scalability. The common goal is to create a sustainable ecosystem and a strategic partnership. **Average Rating:** 4.3/5.0 **Total Reviews:** 61 **How Do G2 Users Rate Heimdal?** - **Ease of Admin:** 8.3/10 (Category avg: 8.8/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.0/10) - **Quality of Support:** 9.5/10 (Category avg: 8.7/10) - **Ease of Use:** 8.6/10 (Category avg: 8.7/10) **Who Is the Company Behind Heimdal?** - **Seller:** [Heimdal®](https://www.g2.com/sellers/heimdal) - **Company Website:** https://heimdalsecurity.com/ - **Year Founded:** 2014 - **HQ Location:** Copenhagen, Denmark - **Twitter:** @HeimdalSecurity (5,109 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/heimdal-security/ (264 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer & Network Security, Construction - **Company Size:** 61% Mid-Market, 26% Small-Business #### What Are Heimdal's Pros and Cons? **Pros:** - Product Quality (2 reviews) - Reliability (2 reviews) - Security (2 reviews) - 24/7 Availability (1 reviews) - Customer Support (1 reviews) **Cons:** - Complex Interface (2 reviews) - Not User-Friendly (2 reviews) - Poor Interface Design (2 reviews) - User Difficulty (2 reviews) - User Interface (2 reviews) ## What Is Endpoint Detection & Response (EDR) Software? [Endpoint Protection Software](https://www.g2.com/categories/endpoint-protection) ## What Software Categories Are Similar to Endpoint Detection & Response (EDR) Software? - [Antivirus Software](https://www.g2.com/categories/antivirus) - [Endpoint Protection Platforms](https://www.g2.com/categories/endpoint-protection-platforms) - [Managed Detection and Response (MDR) Software](https://www.g2.com/categories/managed-detection-and-response-mdr) --- ## How Do You Choose the Right Endpoint Detection & Response (EDR) Software? ### What You Should Know About Endpoint Detection & Response (EDR) Software ### What is endpoint detection and response (EDR) software? EDR software is used to help companies identify and remediate threats related to network-connected endpoints. EDR solutions inform security professionals of vulnerable or infected endpoints and guide them through the remediation process. After incidents have been resolved, EDR tools help teams investigate issues and the vulnerable components that allow an endpoint to become compromised. Continuous monitoring is one of the core capabilities of endpoint detection technologies. These monitoring features provide complete and continuous visibility across a company’s network-connected endpoints. Individuals can monitor behaviors, vulnerabilities, and activity for abnormalities. When abnormalities are identified, the detection portion of EDR technology transitions to the response portion. Endpoint response begins with alerting and containment. Security professionals are alerted of threats present to their systems and isolate potentially compromised endpoints from further network access; this helps prevent one infected endpoint from becoming hundreds. Once systems are properly organized to contain malware and threat actors, security teams can work to remove malware and prevent future access from actors to endpoint devices. EDR platforms store threat data related to security incidents, improving a team's ability to defend against threats in the future by helping them identify root causes and threat actors. Additionally, zero-day exploits may be identified, and other vulnerabilities may be remediated as a result. This will help prevent third-party privilege escalation, malware injection, and unapproved endpoint control from occurring in the future. Some EDR products provide machine learning capabilities to analyze events, improve threat hunting, and reduce false positives by automating protection and remediation processes. ### Key benefits of EDR software - Monitor endpoints and detect issues or security incidents - Remediate present threats to endpoints - Investigate incidents to identify causes - Contain threats and restrict access to other endpoints or networks ### Why use endpoint detection and response solutions? Endpoints are some of the most vulnerable components of a business' network structure. One vulnerable endpoint could cause a company’s entire network, databases, and sensitive information to become exposed or stolen. EDR systems will help secure individual endpoints, detect issues as they arise, and contain threats that make their way beyond traditional security structures. Endpoint protection is even more relevant considering the growing popularity of bring-your-own-device (BYOD) policies. When employees are in complete control over downloads, applications, and updates, security must be a priority. Every day professionals are not the most security-savvy individuals and may unintentionally compromise their devices or put business information at risk. **Zero-day threats—** While traditional prevention tools such as antivirus software or firewall technology are helpful as the first line of defense, zero-day threats are bound to occur. The nature of these threats means they have yet to be discovered and, therefore, cannot be defended against. EDR solutions will help identify new threats as they arise and remediate them before damage occurs. **Visibility and control—** Continuous monitoring and endpoint visibility help defend against traditional malware and sophisticated threats. Monitoring can help identify known threats as they arise and detect minute details that indicate the presence of advanced threats. Hackers are always developing new ways to enter networks undetected through fileless malware or malicious code injection. Monitoring capabilities will improve a team’s ability to detect anomalies caused by outside actors and threats. **Analysis and deterrence —** EDR software improves a security organization’s ability to review the data associated with security events, data breaches, and network attacks. The data collected from these events can be reviewed back to the initial onset and used to identify the vulnerability or exploit used. Once identified, security teams and software developers can work collectively to resolve flaws and prevent similar attacks from occurring in the future. ### What are the common features of EDR products? **Detection—** Detection capabilities result from monitoring practices. Monitoring collects information about properly functioning systems and can be applied to identify abnormal behavior or functionality. Once identified, IT and security professionals are alerted and directed through the review and resolution processes. **Containment —** Once threats are present within an endpoint device, access must be restricted from the greater network and additional endpoints. Often referred to as quarantine features, these capabilities can help protect a network when a threat is detected. **Remediation—** As threats are discovered, they must be dealt with. EDR software allows individuals and security teams to track incidents back to their onset and identify suspicious actors or malware. **Investigation—** After incidents occur, EDR tools collect large amounts of data associated with the endpoint device and provide a historical record of activities. This information can be used to quickly identify the cause of an incident and prevent its reoccurrence in the future. #### Additional EDR features **Behavioral analysis—** Behavior analysis capabilities allow administrators to gain valuable insights into end-user behavior. This data can be used as a reference for monitoring features to compare against and detect anomalies. **Real-time monitoring —** Real-time and continuous monitoring capabilities allow security professionals to constantly monitor systems and detect anomalies in real time. **Threat data documentation—** Event data recording capabilities automate the collection and curation of incident data. This information can alert security teams of the performance and health of a company's endpoint-enabled devices. **Data exploration —** Data exploration features allow security teams to review data associated with security incidents. These data points can be cross-referenced and analyzed to provide insights on better protecting endpoints in the future. ### Potential issues with EDR solutions **Endpoint variety—** Endpoints come in many shapes and sizes, from laptops and servers to tablets and smartphones. A business should ensure that all types of endpoints connected to its network are compatible with a chosen EDR solution. This is especially important for businesses with a large number of BYOD devices that run different operating systems and applications. **Scalability —** Scale refers to the size and scope of your network of connected endpoints. It’s a major consideration because some EDR tools may only facilitate monitoring on a specific number of devices or limit the number of concurrent investigations or remediations. Companies with large pools of endpoints should be sure the solutions they consider can handle the number of endpoints and provide adequate monitoring for the scale of their business and projected growth. **Efficacy —** Efficacy refers to the actual functional benefit of using a software solution. Companies may be wasting their time if security teams are inundated with false positives or conflicting results. This is a key identifier in user reviews and third-party evaluations that buyers should consider when evaluating a product. **Administration and Management —** Companies adopting EDR for the first time should be sure they have sufficient staff equipped with skills relevant to using EDR software. Smaller, growing businesses may not be best suited for adopting complex security systems and may be better served using managed services until the need for security matches their ability to deliver. ### Software and services related to EDR software EDR software is one member of the endpoint protection and security family. These tools provide the remediation component of the endpoint protection process but not all of the prevention and management components in other endpoint security software. [**Endpoint protection suites**](https://www.g2crowd.com/categories/endpoint-protection-suites? __hstc=171774463.81494f0ac47c15794fea57ed705405f2.1607315526284.1610948873867.1611035647295.58&__ hssc=171774463.13.1611035647295&__hsfp=669407890) **—** Endpoint protection suites are sophisticated platforms containing capabilities across all segments of the endpoint security technology world. They include virus and malware protection as well as the administration and management of endpoint devices. [**Endpoint antivirus software**](https://www.g2.com/categories/antivirus) **—** Antivirus technologies are some of the oldest solutions for endpoint security. These tools help prevent malware, computer viruses, and other threats from compromising an endpoint device. These capabilities are present in many security technologies, but antivirus software is specifically dedicated to this kind of protection. [**Endpoint management software**](https://www.g2.com/categories/endpoint-management) **—** Endpoint management software documents, monitors, and manages endpoints connected to a network. These tools ensure that only approved devices access a company’s network and require connected devices to pass specific security requirements before gaining access. This may mean implementing software updates, security scans, or user authentication processes. [**Endpoint security services**](https://www.g2.com/categories/endpoint-security-services) **—** Endpoint security services are a form of managed security services that are often the go-to for organizations without dedicated security staff. These solution providers deliver services surrounding the entire endpoint security stack to reduce a business’s need to manage day-to-day tasks and resolve issues directly. These services will not provide the same level of customization or control but will provide a business with peace of mind until they are capable of handling security issues in-house. **Incident response software—** Incident response software is a term for general security incident management and threat remediation tools. These products are designed to facilitate incident investigation and solve them at the point of attack. These tools may provide some similar forensic analysis capabilities but often do not provide the same endpoint monitoring and control functionality.