# Best Extended Detection and Response (XDR) Platforms

  *By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)*

   Extended detection and response (XDR) platforms are tools used to automate the discovery and remediation of security issues across hybrid systems. These tools are capable of performing detection and response related to networks, endpoints, cloud services, and applications. Companies are adopting these technologies because most traditional detection and response solutions are limited to a single medium such as endpoint security or network security while XDR is capable of securing complex hybrid environments.

XDR solutions provide a single system for managing security issues as they arise regardless of the source within the organization. They can also be used to consolidate redundant, similar detection and response technologies and simplify detection and remediation for security teams.

[Endpoint detection &amp; response (EDR) software](https://www.g2.com/categories/endpoint-detection-response-edr) and [network detection and response (NDR) software](https://www.g2.com/categories/network-detection-and-response-ndr) operate similarly, but most are limited to their specific medium. For example, many NDR solutions can analyze and resolve issues on a local business network, but cannot support detection and response for cloud workloads or remote endpoints. While numerous families of detection and response solutions have emerged in recent years, XDR is capable of extending security across networks, endpoints, cloud services, and virtual environments.

To qualify for inclusion in the Extended Detection and Response (XDR) category, a product must:

- Analyze network, cloud, and endpoint activity continuously
- Utilize artificial intelligence (AI) or machine learning (ML) to develop baselines for system behaviors 
- Automate threat and anomaly detection across the hybrid environments
- Deploy forensics upon detection for investigation and remediation


## Category Overview

**Total Products under this Category:** 85


## Trust & Credibility Stats

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 5,800+ Authentic Reviews
- 85+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.


## Best Extended Detection and Response (XDR) Platforms At A Glance

- **Leader:** [Sophos Endpoint](https://www.g2.com/products/sophos-endpoint/reviews)
- **Highest Performer:** [aiXDR-PMAX](https://www.g2.com/products/aixdr-pmax/reviews)
- **Easiest to Use:** [Sophos Endpoint](https://www.g2.com/products/sophos-endpoint/reviews)
- **Top Trending:** [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews)
- **Best Free Software:** [ESET PROTECT](https://www.g2.com/products/eset-protect/reviews)


---

**Sponsored**

### Guardz

Guardz is a unified cybersecurity platform specifically designed for Managed Service Providers (MSPs). This innovative solution consolidates essential security controls, identity threat detection and response (ITDR), endpoint protection (EDR), email security, user awareness training and phishing simulations, and Managed Detection and Response (MDR) into a single AI-native framework. The platform aims to enhance operational efficiency by streamlining security processes and providing a comprehensive approach to cybersecurity. Targeting MSPs, Guardz addresses the unique challenges these providers face in managing multiple security tools that often operate in silos. By adopting an identity-centric approach, Guardz connects various security vectors, effectively reducing the gaps that can leave organizations vulnerable. This layered and holistic view enables MSPs to respond to user risks in real time, ensuring that security measures are not only reactive but also proactive in safeguarding client environments. Key features of Guardz include its 24/7 AI and human-led Managed Detection and Response (MDR) services. The platform employs agentic AI to triage threats at machine speed, allowing for rapid identification and prioritization of potential security incidents. This automated triage process is complemented by expert analysts who validate findings, mitigate risks, and guide response actions. As a result, MSPs can offer scalable protection to their clients without the need to expand their workforce, making it a cost-effective solution for growing cybersecurity demands. Guardz stands out in the cybersecurity landscape by providing a unified platform that integrates various security functions into one cohesive system. This integration not only simplifies the management of security tools but also enhances the overall effectiveness of security measures. By leveraging AI-driven insights and human expertise, Guardz empowers MSPs to deliver robust cybersecurity solutions that adapt to the evolving threat landscape, ensuring their clients remain protected against emerging risks.


[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=2448&amp;secure%5Bdisplayable_resource_id%5D=1797&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=neighbor_category&amp;secure%5Bplacement_resource_ids%5D%5B%5D=1797&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=1231537&amp;secure%5Bresource_id%5D=2448&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fextended-detection-and-response-xdr-platforms%2Ff%2Fmanaged-detection-response&amp;secure%5Btoken%5D=0adf1d05e29a630589b6bb968d4a96a6dabe30d4ca11646ffb1c1301c2d69a43&amp;secure%5Burl%5D=https%3A%2F%2Fguardz.com%2F%3Futm_source%3Dg2%26utm_medium%3Dcpc%26utm_campaign%3Dvisitwebsite&amp;secure%5Burl_type%5D=custom_url&amp;secure%5Bvisitor_segment%5D=180)

---

## Top-Rated Products (Ranked by G2 Score)
### 1. [Sophos Endpoint](https://www.g2.com/products/sophos-endpoint/reviews)
  Sophos Endpoint is the world’s most comprehensive endpoint protection solution. Built to stop the widest range of attacks, Sophos Endpoint has been proven to prevent even the most advanced ransomware and malware by leveraging a unique combination of next-generation techniques. This includes the ability to detect never-before-seen malware with deep learning, stop ransomware with Sophos anti-ransomware technology, and deny attacker tools with signatureless exploit prevention. Sophos Endpoint also includes root cause analysis to provide insight into threats, and instant malware removal to ensure no attack remnants remain.


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 782

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.1/10)
- **Unified Visibility:** 9.1/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.4/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 9.3/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Sophos](https://www.g2.com/sellers/sophos)
- **Company Website:** https://www.sophos.com/
- **Year Founded:** 1985
- **HQ Location:** Oxfordshire
- **Twitter:** @Sophos (36,759 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/5053/ (5,561 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** IT Manager, System Administrator
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 59% Mid-Market, 18% Small-Business


#### Pros & Cons

**Pros:**

- Ease of Use (191 reviews)
- Protection (180 reviews)
- Security (165 reviews)
- Threat Detection (129 reviews)
- Easy Management (124 reviews)

**Cons:**

- Slow Performance (73 reviews)
- High Resource Usage (52 reviews)
- Learning Curve (50 reviews)
- Difficult Configuration (36 reviews)
- High CPU Usage (34 reviews)

### 2. [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews)
  Organizations today face a serious challenge: managing numerous security vendors and tools while confronting an ever-evolving threat landscape. Sophisticated adversaries are becoming smarter, faster, and more evasive, launching complex attacks that can strike in minutes or even seconds. Traditional security approaches struggle to keep pace, leaving businesses vulnerable. The CrowdStrike Falcon Platform addresses this by offering a unified, cloud-native solution. It consolidates previously siloed security solutions and incorporates third-party data into a single platform with one efficient and resource-conscious agent, leveraging advanced AI and real-time threat intelligence. This approach simplifies security operations, speeds analyst decision making, and enhances protection to stop the breach, allowing organizations to reduce risk with less complexity and lower costs. CrowdStrike&#39;s Falcon Platform includes: - Endpoint Security: Secure the endpoint, stop the breach - Identify Protection: Identity is the front line, defend it - Next-Gen SIEM: The future of SIEM, today - Data Protection: Real-time data protection from endpoint to cloud - Exposure Management: Understand risk to stop breaches - Charlotte AI: Powering the next evolution of the SOC


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 368

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.1/10)
- **Unified Visibility:** 9.1/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.3/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 9.5/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [CrowdStrike](https://www.g2.com/sellers/crowdstrike)
- **Company Website:** https://www.crowdstrike.com
- **Year Founded:** 2011
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @CrowdStrike (110,215 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2497653/ (11,258 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** Security Analyst, Cyber Security Analyst
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 47% Enterprise, 42% Mid-Market


#### Pros & Cons

**Pros:**

- Features (113 reviews)
- Threat Detection (103 reviews)
- Ease of Use (98 reviews)
- Security (97 reviews)
- Detection (86 reviews)

**Cons:**

- Expensive (54 reviews)
- Complexity (39 reviews)
- Learning Curve (35 reviews)
- Limited Features (31 reviews)
- Pricing Issues (29 reviews)

### 3. [Check Point Harmony Endpoint](https://www.g2.com/products/check-point-harmony-endpoint/reviews)
  Harmony Endpoint is a complete endpoint security solution offering a fleet of advanced endpoint threat prevention capabilities so you can safely navigate today’s menacing threat landscape. It provides a comprehensive system to proactively prevent, detect, and remediate evasive malware attacks.


  **Average Rating:** 4.5/5.0
  **Total Reviews:** 254

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.1/10)


**Seller Details:**

- **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies)
- **Year Founded:** 1993
- **HQ Location:** Redwood City, CA
- **Twitter:** @CheckPointSW (70,978 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,356 employees on LinkedIn®)
- **Ownership:** NASDAQ:CHKP

**Reviewer Demographics:**
  - **Who Uses This:** Network Engineer, Cyber Security Engineer
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 53% Mid-Market, 27% Enterprise


#### Pros & Cons

**Pros:**

- Security (73 reviews)
- Features (57 reviews)
- Threat Detection (51 reviews)
- Protection (50 reviews)
- Ease of Use (46 reviews)

**Cons:**

- Slow Performance (27 reviews)
- High Resource Usage (25 reviews)
- Difficult Configuration (21 reviews)
- Expensive (21 reviews)
- Learning Curve (21 reviews)

### 4. [ESET PROTECT](https://www.g2.com/products/eset-protect/reviews)
  Stay one step ahead of known and emerging cyber threats with our AI-native, prevention-first approach. ESET combines the power of AI and human expertise to make protection easy and effective. Experience best-in-class protection thanks to our in-house global cyber threat intelligence, compiled and examined for over 30 years, which drives our extensive R&amp;D network led by industry-acclaimed researchers. ESET PROTECT, our cloud-first XDR cybersecurity platform combines next-gen prevention, detection, and proactive threat hunting capabilities. ESET&#39;s highly customizable solutions include local support and have minimal impact on performance, identify and neutralize known and emerging threats before they can be executed, support business continuity, and reduce the cost of implementation and management. HOW YOUR ORGANIZATION WILL BENEFIT - Improved protection against ransomware and zero-day threats via cloud-based sandboxing technology. - Helps comply with data regulations thanks to full disk encryption capabilities on Windows and macOS. - Easily accessible ESET PROTECT console improves TCO of security management. - Single-pane-of-glass remote management for visibility of threats, users, and quarantined items. - Company endpoints and mobiles are protected via advanced multilayered technology, now with brute-force attack protection.


  **Average Rating:** 4.6/5.0
  **Total Reviews:** 941

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.9/10 (Category avg: 9.1/10)
- **Unified Visibility:** 9.7/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.9/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 9.8/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [ESET](https://www.g2.com/sellers/eset)
- **Company Website:** https://www.eset.com
- **Year Founded:** 1992
- **HQ Location:** Bratislava, Slovak Republic
- **Twitter:** @ESET (276,397 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/28967/ (1,944 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** IT Manager, Network Administrator
  - **Top Industries:** Information Technology and Services, Computer Software
  - **Company Size:** 47% Mid-Market, 46% Small-Business


#### Pros & Cons

**Pros:**

- Ease of Use (95 reviews)
- Protection (79 reviews)
- Reliability (71 reviews)
- Security (64 reviews)
- Centralized Management (58 reviews)

**Cons:**

- Learning Curve (32 reviews)
- Difficult Configuration (31 reviews)
- Not User-Friendly (25 reviews)
- Lack of Clarity (23 reviews)
- Difficult Navigation (20 reviews)

### 5. [TrendAI Vision One](https://www.g2.com/products/trendai-vision-one/reviews)
  TrendAI Vision One is a cloud-native security operations platform, serving cloud, hybrid, and on-premises environments. It combines ASM and XDR in a single console to effectively manage cyber risk across your organization. The platform provides powerful risk insights, earlier threat detection, and automated risk and threat response options. Utilize the platform’s predictive machine learning and advanced security analytics for a broader perspective and advanced context. TrendAI Vision One integrates with its own expansive protection platform portfolio and industry-leading global threat intelligence, in addition to a broad ecosystem of purpose-built and API-driven third-party integrations.


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 227

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.1/10)
- **Unified Visibility:** 9.1/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.0/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 8.9/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Trend Micro](https://www.g2.com/sellers/trend-micro)
- **Company Website:** https://www.trendmicro.com/
- **Year Founded:** 1988
- **HQ Location:** Tokyo
- **LinkedIn® Page:** https://www.linkedin.com/company/4312/ (8,090 employees on LinkedIn®)
- **Ownership:** OTCMKTS:TMICY

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 51% Enterprise, 34% Mid-Market


#### Pros & Cons

**Pros:**

- Visibility (38 reviews)
- Security (33 reviews)
- Ease of Use (32 reviews)
- Features (31 reviews)
- Threat Detection (27 reviews)

**Cons:**

- Complex Interface (12 reviews)
- Integration Issues (12 reviews)
- Learning Curve (11 reviews)
- Expensive (10 reviews)
- Limited Features (10 reviews)

### 6. [Cynet](https://www.g2.com/products/cynet/reviews)
  Cynet is the unified, AI-powered cybersecurity platform that delivers robust and comprehensive protection for security teams while maximizing operational efficiency for managed service providers (MSPs). This platform consolidates a wide array of security capabilities into a single, user-friendly interface, ensuring that organizations can effectively safeguard their digital assets without the complexity often associated with multi-solution environments. Cynet’s platform simplifies security management by integrating various functionalities, such as endpoint protection, threat detection, and incident response, into one cohesive system. This integration not only streamlines operations but also allows organizations to allocate their resources more effectively, ultimately enhancing their overall security posture. One of the standout features of Cynet’s platform is its remarkable performance in the MITRE ATT&amp;CK Evaluations. Cynet delivered 100% visibility and 100% analytic coverage without requiring any configuration changes three years in a row. This capability ensures that organizations can monitor their environments comprehensively and respond to threats with precision. The platform’s built-in analytics and reporting tools provide actionable insights, enabling users to make informed decisions about their cybersecurity strategies. Additionally, Cynet offers 24/7 expert support, which is crucial for organizations that may not have in-house cybersecurity expertise. This round-the-clock assistance ensures that users can quickly address any security incidents or concerns, minimizing potential downtime and damage. The combination of advanced technology and dedicated support positions Cynet as a valuable partner for SMEs and service providers looking to enhance their cybersecurity measures. In summary, Cynet’s unified, AI-powered cybersecurity platform stands out in the crowded cybersecurity market by offering a unified solution tailored to the needs of MSPs. Its comprehensive features, exceptional performance in industry evaluations, and continuous expert support make it a compelling choice for organizations seeking to bolster their cybersecurity defenses while maintaining operational efficiency.


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 208

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.1/10)
- **Unified Visibility:** 9.0/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.3/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 9.3/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Cynet](https://www.g2.com/sellers/cynet)
- **Company Website:** https://www.cynet.com/
- **Year Founded:** 2014
- **HQ Location:** Boston, MA
- **LinkedIn® Page:** https://www.linkedin.com/company/cynet-security/ (329 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** SOC Analyst, Technical Engineer
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 58% Mid-Market, 30% Small-Business


#### Pros & Cons

**Pros:**

- Ease of Use (48 reviews)
- Features (36 reviews)
- Threat Detection (34 reviews)
- Customer Support (32 reviews)
- Security (31 reviews)

**Cons:**

- Limited Customization (11 reviews)
- Feature Limitations (10 reviews)
- Lack of Customization (10 reviews)
- Limited Features (10 reviews)
- Missing Features (10 reviews)

### 7. [Microsoft Defender XDR](https://www.g2.com/products/microsoft-defender-xdr/reviews)
  Microsoft Defender XDR is a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.


  **Average Rating:** 4.5/5.0
  **Total Reviews:** 269

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.9/10 (Category avg: 9.1/10)
- **Unified Visibility:** 8.7/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.0/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 8.8/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft)
- **Year Founded:** 1975
- **HQ Location:** Redmond, Washington
- **Twitter:** @microsoft (13,105,844 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (227,697 employees on LinkedIn®)
- **Ownership:** MSFT

**Reviewer Demographics:**
  - **Who Uses This:** Software Engineer, Security Consultant
  - **Top Industries:** Information Technology and Services, Computer Software
  - **Company Size:** 40% Enterprise, 37% Mid-Market


#### Pros & Cons

**Pros:**

- Automation (2 reviews)
- Customer Support (1 reviews)
- Cybersecurity Protection (1 reviews)
- Deployment Ease (1 reviews)
- Detection Efficiency (1 reviews)

**Cons:**

- Expensive (1 reviews)
- Expertise Required (1 reviews)
- Learning Curve (1 reviews)
- Licensing Issues (1 reviews)
- Slow Performance (1 reviews)

### 8. [Sophos Central](https://www.g2.com/products/sophos-central-2022-06-17/reviews)
  Sophos Central is a comprehensive, cloud-based cybersecurity management platform that unifies all Sophos next-generation security solutions into a single, intuitive interface. Designed to simplify and enhance cybersecurity management, it enables organizations to efficiently oversee and secure their IT infrastructure with advanced AI-driven protection and real-time data insights. Key Features and Functionality: - Unified Management Console: Provides centralized control over all Sophos security products, including endpoint, server, mobile, public cloud, firewall, email, wireless, and Zero Trust Network Access (ZTNA). - AI-Powered Cyber Defenses: Utilizes advanced artificial intelligence to deliver proactive threat detection and automated incident response, ensuring robust protection against evolving cyber threats. - Deep Data Analytics: Offers synchronized cross-product telemetry and access to SophosLabs Intelix threat intelligence, facilitating comprehensive cross-product investigations and informed decision-making. - High Availability and Scalability: Built on a cloud-native architecture hosted on public cloud platforms like AWS and Azure, ensuring high availability, seamless failover, and the ability to scale security measures as organizational needs grow. - Secure Architecture: Features a secure design with global services for identity and session management, scalable regional API and product services, and strict access controls to maintain data integrity and confidentiality. Primary Value and Solutions Provided: Sophos Central addresses the challenges IT administrators face in managing multiple security tools, responding to complex threats, and ensuring consistent protection across networks. By consolidating security management into a single platform, it reduces administrative burden, automates threat responses, and provides real-time insights, leading to: - Time and Effort Savings: Customers report a 50% reduction in time and effort spent managing IT security. - Enhanced Security Posture: Achieves an 85% reduction in security incidents through integrated and automated defenses. - Faster Issue Identification: Realizes a 90% reduction in time to identify issues, enabling swift remediation and minimizing potential damage. By integrating all security solutions into a cohesive system, Sophos Central empowers organizations to proactively defend against cyber threats, streamline security operations, and adapt to the dynamic cybersecurity landscape effectively.


  **Average Rating:** 4.4/5.0
  **Total Reviews:** 57

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.1/10)
- **Unified Visibility:** 8.8/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.1/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 8.5/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Sophos](https://www.g2.com/sellers/sophos)
- **Year Founded:** 1985
- **HQ Location:** Oxfordshire
- **Twitter:** @Sophos (36,759 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/5053/ (5,561 employees on LinkedIn®)
- **Ownership:** LSE:SOPH

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 52% Mid-Market, 30% Small-Business


#### Pros & Cons

**Pros:**

- Ease of Use (16 reviews)
- Security Features (8 reviews)
- All-in-One Solution (5 reviews)
- Easy Integration (4 reviews)
- Effective Management (4 reviews)

**Cons:**

- Slow Performance (5 reviews)
- Update Issues (5 reviews)
- Device Limitations (4 reviews)
- Access Issues (3 reviews)
- Alert Issues (3 reviews)

### 9. [CrowdStrike Falcon Cloud Security](https://www.g2.com/products/crowdstrike-falcon-cloud-security/reviews)
  Crowdstrike Falcon Cloud Security is the only CNAPP to stop breaches in the cloud Built for today’s hybrid and multi-cloud environments, Falcon Cloud Security protects the entire cloud attack surface - from code to runtime - by combining continuous agentless visibility with real-time detection and response. At runtime, Falcon Cloud Security delivers best-in-class cloud workload protection and real-time cloud detection and response (CDR) to stop active threats across hybrid environments. Integrated with the CrowdStrike Falcon platform, it correlates signals across endpoint, identity, and cloud to detect sophisticated cross-domain attacks that point solutions miss—enabling teams to respond faster and stop breaches in progress. To reduce risk before attacks occur, Falcon Cloud Security also delivers agentless-driven posture management that proactively shrinks the cloud attack surface. Unlike typical solutions, Crowdstrike enriches cloud risk detections with adversary intelligence and graph-based context, enabling security teams to prioritize exploitable exposures and prevent breaches before they happen. Customers using Falcon Cloud Security consistently see measurable results: 89% faster cloud detection and response 100x reduction in false positives by prioritizing exploitable, business-critical risk 83% reduction in cloud security licenses due to elimination of redundant tools


  **Average Rating:** 4.6/5.0
  **Total Reviews:** 83

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.1/10)
- **Rule-Based Detection:** 10.0/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [CrowdStrike](https://www.g2.com/sellers/crowdstrike)
- **Company Website:** https://www.crowdstrike.com
- **Year Founded:** 2011
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @CrowdStrike (110,215 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2497653/ (11,258 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 45% Enterprise, 43% Mid-Market


#### Pros & Cons

**Pros:**

- Security (49 reviews)
- Cloud Security (37 reviews)
- Detection Efficiency (34 reviews)
- Vulnerability Detection (31 reviews)
- Ease of Use (29 reviews)

**Cons:**

- Expensive (17 reviews)
- Improvements Needed (14 reviews)
- Improvement Needed (13 reviews)
- Feature Complexity (8 reviews)
- Learning Curve (8 reviews)

### 10. [Wiz](https://www.g2.com/products/wiz-wiz/reviews)
  Wiz transforms cloud security for customers – including more than 50% of the Fortune 100 – by enabling a new operating model. With Wiz, organizations can democratize security across the development lifecycle, empowering them to build fast and securely. Its Cloud Native Application Protection Platform (CNAPP) consolidates CSPM, KSPM, CWPP, Vulnerability management, IaC scanning, CIEM, DSPM into a single platform. Wiz drives visibility, risk prioritization, and business agility. Protecting Your Cloud Environments Requires a Unified, Cloud Native Platform. Wiz connects to every cloud environment, scans every layer, and covers every aspect of your cloud security - including elements that normally require installing agents. Its comprehensive approach has all of these cloud security solutions built in. Hundreds of organizations worldwide, including 50 percent of the Fortune 100, to rapidly identify and remove critical risks in cloud environments. Its customers include Salesforce, Slack, Mars, BMW, Avery Dennison, Priceline, Cushman &amp; Wakefield, DocuSign, Plaid, and Agoda, among others. Wiz is backed by Sequoia, Index Ventures, Insight Partners, Salesforce, Blackstone, Advent, Greenoaks, Lightspeed and Aglaé. Visit https://www.wiz.io for more information.


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 772

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.1/10)
- **Unified Visibility:** 9.2/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.2/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 9.6/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Wiz](https://www.g2.com/sellers/wiz-76a0133b-42e5-454e-b5da-860e503471db)
- **Company Website:** https://www.wiz.io/
- **Year Founded:** 2020
- **HQ Location:** New York, US
- **Twitter:** @wiz_io (22,550 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/wizsecurity/ (3,248 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** CISO, Security Engineer
  - **Top Industries:** Financial Services, Information Technology and Services
  - **Company Size:** 54% Enterprise, 39% Mid-Market


#### Pros & Cons

**Pros:**

- Features (113 reviews)
- Security (107 reviews)
- Ease of Use (104 reviews)
- Visibility (87 reviews)
- Easy Setup (68 reviews)

**Cons:**

- Improvement Needed (35 reviews)
- Feature Limitations (34 reviews)
- Learning Curve (34 reviews)
- Improvements Needed (29 reviews)
- Complexity (27 reviews)

### 11. [SentinelOne Singularity Endpoint](https://www.g2.com/products/sentinelone-singularity-endpoint/reviews)
  SentinelOne (NYSE:S) is pioneering autonomous cybersecurity to prevent, detect, and respond to cyber attacks faster and with higher accuracy than ever before. The Singularity Platform protects and empowers leading global enterprises with real-time visibility, cross-platform correlation, and AI-powered response across endpoints, cloud workloads and containers, network-connected (IoT) devices and identity-centric attack surfaces. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, on LinkedIn or Facebook. Over 9,250 customers, including 4 of the Fortune 10, hundreds of the Global 2000, prominent governments, healthcare providers, and educational institutions, trust SentinelOne to bring their defenses into the future, gaining more capability with less complexity. SentinelOne is a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms, and is a go-to platform across all customer profiles, as highlighted in Gartner’s Critical Capabilities report. SentinelOne continues to prove its industry-leading capabilities in the MITRE Engenuity ATT&amp;CK® Evaluation, with 100% protection detection, 88% less noise, and zero delays in the 2024 MITRE ATT&amp;CK Engenuity evaluations, demonstrating our dedication to keeping our customers ahead of threats from every vector.


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 194

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.1/10)
- **Unified Visibility:** 9.2/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.4/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 9.1/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [SentinelOne](https://www.g2.com/sellers/sentinelone)
- **Company Website:** https://www.sentinelone.com
- **Year Founded:** 2013
- **HQ Location:** Mountain View, CA
- **Twitter:** @SentinelOne (57,607 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2886771/ (3,183 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 45% Mid-Market, 36% Enterprise


#### Pros & Cons

**Pros:**

- Ease of Use (16 reviews)
- Features (11 reviews)
- Threat Detection (11 reviews)
- Customer Support (10 reviews)
- Security (7 reviews)

**Cons:**

- Learning Curve (4 reviews)
- Not User-Friendly (4 reviews)
- Slow Performance (4 reviews)
- Complexity (3 reviews)
- Difficult Configuration (3 reviews)

### 12. [Barracuda Managed XDR](https://www.g2.com/products/barracuda-managed-xdr/reviews)
  Barracuda Managed XDR is the comprehensive next-generation cybersecurity solution that protects organizations of all sizes against today’s ever-evolving threat landscape. Barracuda Managed XDR is a fully managed service instantly augmenting an organization’s IT staff, identifying signals amidst noise, and reducing TTR from days to seconds. The solution features advanced AI-driven threat protection, SIEM, SOAR, and enterprise-grade threat intelligence from 11+ billion IOCs and hundreds of ML-enriched detection rules aligned to the MITRE ATT&amp;CK framework. Ingesting trillions of events across endpoints, servers, identity, cloud, email, and firewalls, the cloud-native solution detects, responds to, and eliminates cyberthreats in real time across the attack lifecycle. An ‘open’ XDR solution, Barracuda Managed XDR integrates with an organization’s existing technology, ensuring a smooth deployment while enhancing security resilience and operational efficiency. Barracuda Managed XDR is powered by Barracuda’s 24/7/365 global SOC, featuring five specialized expert-level teams delivering best-in-class SLAs and proactive real-time threat detection and response.


  **Average Rating:** 4.6/5.0
  **Total Reviews:** 34

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.1/10)
- **Unified Visibility:** 8.8/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.1/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 6.7/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Barracuda](https://www.g2.com/sellers/barracuda)
- **Company Website:** https://www.barracuda.com
- **Year Founded:** 2002
- **HQ Location:** Campbell, CA
- **Twitter:** @Barracuda (15,235 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/barracuda-networks/ (2,229 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 44% Small-Business, 35% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (6 reviews)
- Monitoring (6 reviews)
- Protection (6 reviews)
- Security (6 reviews)
- Alerts (5 reviews)

**Cons:**

- Lack of Customization (2 reviews)
- Learning Curve (2 reviews)
- Not User-Friendly (2 reviews)
- Portal Issues (2 reviews)
- Agent Issues (1 reviews)

### 13. [aiXDR-PMAX](https://www.g2.com/products/aixdr-pmax/reviews)
  Seceon delivers an AI driven XDR and operational threat management platform that unifies next generation SIEM, SOAR, NDR, UEBA, ITDR, endpoint protection, and cloud security in a single platform. A single agent design ingests and correlates telemetry across endpoint, network, identity, cloud, and OT and ICS sources in real time. Behavioral baselines, network anomaly detection, threat intelligence correlation, and natural language threat hunting support the identification of advanced threats. Identity protection supports multiple identity platforms and network monitoring supports OT and ICS environments. Automated response and compliance ready logging support security operations and incident response through platform consolidation.


  **Average Rating:** 4.9/5.0
  **Total Reviews:** 22

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.1/10)
- **Unified Visibility:** 10.0/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.7/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 10.0/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Seceon](https://www.g2.com/sellers/seceon)
- **Year Founded:** 2015
- **HQ Location:** Westford, Massachusetts, United States
- **Twitter:** @Seceon_Inc (1,209 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/seceon/ (167 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Computer &amp; Network Security, Information Technology and Services
  - **Company Size:** 46% Mid-Market, 38% Small-Business


### 14. [Cortex XDR](https://www.g2.com/products/palo-alto-networks-cortex-xdr/reviews)
  Cortex XDR is the industry’s first extended detection and response platform that stops modern attacks by integrating data from any source. With Cortex XDR, you can harness the power of AI, analytics and rich data to detect stealthy threats. Your SOC team can cut through the noise and focus on what matters most with intelligent alert grouping and incident scoring. Cross-data insights accelerate investigations, so you can streamline incident response and recovery. Cortex XDR delivers peace of mind with best-in-class endpoint protection that achieved the highest combined protection and detection scores in the MITRE ATT&amp;CK® round 3 evaluation. The Cortex XDR platform collects and analyzes all data, so you can gain complete visibility and holistic protection to secure what’s next.


  **Average Rating:** 4.6/5.0
  **Total Reviews:** 49

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.1/10)
- **Unified Visibility:** 9.0/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.7/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 8.7/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks)
- **Year Founded:** 2005
- **HQ Location:** Santa Clara, CA
- **Twitter:** @PaloAltoNtwks (128,686 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (21,355 employees on LinkedIn®)
- **Ownership:** NYSE: PANW

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 46% Enterprise, 37% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (2 reviews)
- Threat Detection (2 reviews)
- XDR Capabilities (2 reviews)
- Alert Notifications (1 reviews)
- Antivirus Protection (1 reviews)

**Cons:**

- Compatibility Issues (1 reviews)
- Complexity (1 reviews)
- Complex Management (1 reviews)
- Difficult Learning (1 reviews)
- Expensive (1 reviews)

### 15. [Darktrace / NETWORK](https://www.g2.com/products/darktrace-network/reviews)
  Darktrace / NETWORK™ is the industry’s most advanced Network Detection and Response (NDR) solution. It learns what normal behavior is for your entire modern network, using Self-Learning AI to detect and autonomously contain any activity that could cause business disruption including known, novel and insider threats. - Sophisticated agentic AI to automate triage and investigation at speed and scale - Recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for NDR - Over 10,000 customers globally


  **Average Rating:** 4.4/5.0
  **Total Reviews:** 43

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.1/10)


**Seller Details:**

- **Seller:** [Darktrace](https://www.g2.com/sellers/darktrace)
- **Company Website:** https://www.darktrace.com
- **Year Founded:** 2013
- **HQ Location:** Cambridgeshire, England
- **Twitter:** @Darktrace (18,180 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/5013440/ (2,548 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Financial Services, Information Technology and Services
  - **Company Size:** 59% Mid-Market, 33% Enterprise


#### Pros & Cons

**Pros:**

- Monitoring (5 reviews)
- Artificial Intelligence (4 reviews)
- Threat Detection (4 reviews)
- Customer Support (3 reviews)
- Cybersecurity (3 reviews)

**Cons:**

- Learning Curve (6 reviews)
- Expensive (4 reviews)
- Alert Issues (2 reviews)
- Complex Setup (2 reviews)
- False Positives (2 reviews)

### 16. [Todyl Security Platform](https://www.g2.com/products/todyl-security-platform/reviews)
  Todyl empowers businesses of any size with a complete, end-to-end security program. The Todyl Security Platform converges SASE, SIEM, Endpoint Security, GRC, MXDR, and more into a cloud-native, single-agent platform purpose-built for MSPs, MSSPs, and Mid-Market IT professionals. Each module is designed to be deployed in a targeted, agile approach to meet any use case. When all modules are combined, our platform becomes a comprehensive security solution that is cloud-first, globally accessible, and features a highly intuitive interface. With Todyl, your security stack becomes one comprehensive, consolidated, and customizable platform, making security more intuitive and streamlined to combat modern threats. Our platform helps to eliminate the complexity, cost, and operational overhead traditional approaches to cybersecurity require, empowering teams with the capabilities they need to protect, detect, and respond to cyberattacks.


  **Average Rating:** 4.6/5.0
  **Total Reviews:** 96

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.1/10)
- **Unified Visibility:** 10.0/10 (Category avg: 9.1/10)
- **Threat Hunting:** 10.0/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 7.5/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Todyl](https://www.g2.com/sellers/todyl)
- **Company Website:** https://www.todyl.com/
- **Year Founded:** 2015
- **HQ Location:** Denver, CO
- **LinkedIn® Page:** https://www.linkedin.com/company/todylprotection (125 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** President, Owner
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 73% Small-Business, 8% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (64 reviews)
- Customer Support (51 reviews)
- Features (41 reviews)
- Security (39 reviews)
- Deployment Ease (35 reviews)

**Cons:**

- Improvements Needed (21 reviews)
- Integration Issues (14 reviews)
- Inadequate Reporting (12 reviews)
- Limited Features (12 reviews)
- Poor Reporting (12 reviews)

### 17. [Bitdefender GravityZone XDR](https://www.g2.com/products/bitdefender-gravityzone-xdr/reviews)
  GravityZone is a business security solution built from ground-up for virtualization and cloud to deliver security services to physical endpoints, mobile devices, virtual machines in public cloud and Exchange mail servers. GravityZone is one product with a unified management console available in the cloud, hosted by Bitdefender, or as one virtual appliance to be installed on company&#39;s premises, and it provides a single point for deploying, enforcing and managing security policies for any number of endpoints and of any type, in any location. GravityZone delivers multiple layers of security for endpoints and for Microsoft Exchange mail servers: antimalware with behavioral monitoring, zero day threat protection, application control and sandboxing, firewall, device control, content control, anti-phishing and antispam.


  **Average Rating:** 4.0/5.0
  **Total Reviews:** 83

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.1/10 (Category avg: 9.1/10)
- **Unified Visibility:** 8.7/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.2/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 8.9/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Bitdefender](https://www.g2.com/sellers/bitdefender)
- **Year Founded:** 2001
- **HQ Location:** Bucuresti, Romania
- **Twitter:** @Bitdefender (113,880 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/6825/ (2,317 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Computer Software
  - **Company Size:** 54% Small-Business, 39% Mid-Market


#### Pros & Cons

**Pros:**

- Features (11 reviews)
- Ease of Use (10 reviews)
- Customer Support (8 reviews)
- Efficiency (8 reviews)
- Security (8 reviews)

**Cons:**

- Not User-Friendly (5 reviews)
- Complex Interface (4 reviews)
- Complexity (4 reviews)
- Configuration Issues (4 reviews)
- Difficult Configuration (4 reviews)

### 18. [Cisco SecureX](https://www.g2.com/products/cisco-securex/reviews)
  Cisco SecureX is the broadest, most integrated security platform that connects the breadth of Cisco&#39;s integrated security portfolio and the customer&#39;s infrastructure for a consistent experience.


  **Average Rating:** 4.3/5.0
  **Total Reviews:** 12

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.3/10 (Category avg: 9.1/10)
- **Unified Visibility:** 8.3/10 (Category avg: 9.1/10)
- **Threat Hunting:** 8.3/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 8.3/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Cisco](https://www.g2.com/sellers/cisco)
- **Year Founded:** 1984
- **HQ Location:** San Jose, CA
- **Twitter:** @Cisco (721,388 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/cisco/ (95,742 employees on LinkedIn®)
- **Ownership:** NASDAQ:CSCO

**Reviewer Demographics:**
  - **Company Size:** 58% Enterprise, 25% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (3 reviews)
- Cloud Computing (2 reviews)
- Centralized Management (1 reviews)
- Dashboard Usability (1 reviews)
- Easy Integrations (1 reviews)

**Cons:**

- Complex Implementation (1 reviews)
- Expensive (1 reviews)
- Integration Issues (1 reviews)
- Slow Performance (1 reviews)
- Training Issues (1 reviews)

### 19. [Palo Alto Cortex XSIAM](https://www.g2.com/products/palo-alto-cortex-xsiam/reviews)
  Product Description: Palo Alto Networks&#39; Cortex XSIAM is an AI-driven security operations platform designed to transform traditional Security Operations Centers by integrating and automating key functions such as data centralization, threat detection, and incident response. By leveraging machine learning and automation, it enables organizations to detect and respond to threats more efficiently, reducing manual workloads and improving overall security posture. Key Features and Functionality: - Data Centralization: Aggregates data from various sources into a unified platform, providing comprehensive visibility across the enterprise. - AI-Powered Threat Detection: Utilizes machine learning algorithms to identify anomalies and potential threats in real-time. - Automated Incident Response: Streamlines response processes through automation, enabling rapid mitigation of security incidents. - Integrated SOC Capabilities: Combines functions such as Extended Detection and Response , Security Orchestration, Automation, and Response , Attack Surface Management , and Security Information and Event Management into a cohesive platform, eliminating the need for multiple disparate tools. - Scalability: Designed to handle large volumes of data and adapt to the evolving needs of modern enterprises. Primary Value and Problem Solved: Cortex XSIAM addresses the challenges of disjointed data, weak threat defense, and heavy reliance on manual work in traditional SOCs. By centralizing data and automating security operations, it simplifies processes, enhances threat detection accuracy, and accelerates incident response times. This transformation enables organizations to proactively outpace threats, reduce operational costs, and achieve a more robust security posture.


  **Average Rating:** 4.4/5.0
  **Total Reviews:** 61

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.4/10 (Category avg: 9.1/10)
- **Unified Visibility:** 7.9/10 (Category avg: 9.1/10)
- **Threat Hunting:** 8.3/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 9.3/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks)
- **Year Founded:** 2005
- **HQ Location:** Santa Clara, CA
- **Twitter:** @PaloAltoNtwks (128,686 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (21,355 employees on LinkedIn®)
- **Ownership:** NYSE: PANW

**Reviewer Demographics:**
  - **Who Uses This:** Information Security Engineer
  - **Top Industries:** Computer &amp; Network Security, Information Technology and Services
  - **Company Size:** 48% Enterprise, 29% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (50 reviews)
- Threat Detection (37 reviews)
- Integrations (28 reviews)
- Cybersecurity (27 reviews)
- Features (27 reviews)

**Cons:**

- Expensive (28 reviews)
- Difficult Learning (17 reviews)
- Complexity (14 reviews)
- Integration Issues (14 reviews)
- UX Improvement (12 reviews)

### 20. [ExtraHop](https://www.g2.com/products/extrahop/reviews)
  ExtraHop is the cybersecurity partner enterprises trust to reveal cyber risk and build business resilience. The ExtraHop RevealX platform for network detection and response and network performance management uniquely delivers the instant visibility and unparalleled decryption capabilities organizations need to expose the cyber risks and performance issues that other tools can’t see. When organizations have full network transparency with ExtraHop, they can investigate smarter, stop threats faster, and keep operations running. RevealX deploys on premises or in the cloud. It addresses the following use cases: - Ransomware - Zero trust - Software supply chain attacks - Lateral movement and C2 communication - Security hygiene - Network and Application Performance Management - IDS - Forensics and more A few of our differentiators: Continuous and on-demand PCAP: Full packet processing is superior to NetFlow and yields higher quality detections. Strategic decryption across a variety of protocols, including SSL/TLS, MS-RPC, WinRM, and SMBv3, gives you better visibility into early-stage threats hiding in encrypted traffic as they attempt to move laterally across your network. Protocol coverage: RevealX decodes more than 70 network protocols. Cloud-scale machine learning: Rather than relying on limited &quot;on-box&quot; compute power for analysis and detections, RevealX uses sophisticated cloud-hosted and cloud-scale machine learning workloads to identify suspicious behavior in real time and create high-fidelity alerts. ExtraHop was named a Leader in The Forrester Wave™: Network Analysis and Visibility, Q2 2023. Key Technology Integration and Go-to-Market Partners: CrowdStrike: RevealX integrates with CrowdStrike Falcon® LogScale, Falcon Insight XDR, Falcon Threat Graph, and Falcon Intelligence. Splunk SOAR AWS Google Cloud Security Founded in 2007, ExtraHop is privately held and headquartered in Seattle, Wash. To learn more, visit www.extrahop.com.


  **Average Rating:** 4.6/5.0
  **Total Reviews:** 68

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.1/10)
- **Unified Visibility:** 9.7/10 (Category avg: 9.1/10)
- **Threat Hunting:** 9.6/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 9.6/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [ExtraHop Networks](https://www.g2.com/sellers/extrahop-networks)
- **Year Founded:** 2007
- **HQ Location:** Seattle, Washington
- **Twitter:** @ExtraHop (10,745 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/extrahop-networks/ (800 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Hospital &amp; Health Care, Transportation/Trucking/Railroad
  - **Company Size:** 69% Enterprise, 26% Mid-Market


#### Pros & Cons

**Pros:**

- All-in-One Solution (1 reviews)
- Comprehensive Monitoring (1 reviews)
- Easy Deployment (1 reviews)
- Responsive Support (1 reviews)


### 21. [Rapid7 Next-Gen SIEM](https://www.g2.com/products/rapid7-next-gen-siem/reviews)
  Rapid7 InsightIDR is a SaaS SIEM for modern threat detection and response. InsightIDR enables security analysts to work more efficiently and effectively, by unifying diverse data sources, providing early and reliable out of the box detections, and delivering rich visual investigations and automation to expedite response. With a lightweight cloud deployment and intuitive UI and onboarding experience, InsightIDR customers recognize an accelerated return on their investment and start seeing valuable insights from Day 1. With InsightIDR, teams can advance their threat detection and response program without adding headcount.


  **Average Rating:** 4.4/5.0
  **Total Reviews:** 67

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.7/10 (Category avg: 9.1/10)
- **Unified Visibility:** 8.6/10 (Category avg: 9.1/10)
- **Threat Hunting:** 8.5/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 8.3/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Rapid7](https://www.g2.com/sellers/rapid7)
- **Year Founded:** 2000
- **HQ Location:** Boston, MA
- **Twitter:** @rapid7 (124,080 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/39624/ (3,249 employees on LinkedIn®)
- **Ownership:** NASDAQ:RPD

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Computer Software
  - **Company Size:** 66% Mid-Market, 31% Enterprise


#### Pros & Cons

**Pros:**

- Ease of Use (2 reviews)
- Easy Integrations (2 reviews)
- Integrations (2 reviews)
- Threat Detection (2 reviews)
- Visibility (2 reviews)

**Cons:**

- Limited Features (2 reviews)
- Alerting Issues (1 reviews)
- Alert Management (1 reviews)
- Difficult Customization (1 reviews)
- Difficult Setup (1 reviews)

### 22. [Field Effect MDR](https://www.g2.com/products/field-effect-mdr/reviews)
  Field Effect delivers intelligence-grade managed detection and response for the AI era. Built on smart federated compute and nation-state tradecraft, Field Effect MDR holistically uncovers weaknesses early, blocks attacks in real time, and reduces risk across the entire threat surface—endpoint, network, cloud, and more. With an 18-second median time to detect, Field Effect helps MSPs and overwhelmed IT teams outpace agentic attacks and achieve premium protection with the team they have.


  **Average Rating:** 4.8/5.0
  **Total Reviews:** 41

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.1/10)
- **Unified Visibility:** 9.0/10 (Category avg: 9.1/10)
- **Threat Hunting:** 8.6/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 8.1/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Field Effect](https://www.g2.com/sellers/field-effect)
- **Company Website:** https://fieldeffect.com/
- **Year Founded:** 2016
- **HQ Location:** Ottawa
- **Twitter:** @fieldeffectsoft (1,309 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/field-effect-software (148 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 50% Small-Business, 29% Mid-Market


#### Pros & Cons

**Pros:**

- Customer Support (10 reviews)
- Ease of Use (10 reviews)
- Protection (7 reviews)
- Threat Detection (7 reviews)
- Alert Notifications (6 reviews)

**Cons:**

- Alert Issues (7 reviews)
- Inefficient Alert System (5 reviews)
- Communication Issues (4 reviews)
- Insufficient Information (3 reviews)
- Learning Curve (3 reviews)

### 23. [NetWitness Platform](https://www.g2.com/products/netwitness-platform/reviews)
  NetWitness is a comprehensive threat detection, investigation and response platform that combines visibility, analytics, insight, and automation into a single solution. It collects and analyzes data across all capture points (logs, packets, netflow, endpoint and IoT) and computing platforms (physical, virtual and cloud), enriching data with threat intelligence and business context.


  **Average Rating:** 3.9/5.0
  **Total Reviews:** 23

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 9.1/10)
- **Unified Visibility:** 10.0/10 (Category avg: 9.1/10)
- **Threat Hunting:** 10.0/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 10.0/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [NetWitness](https://www.g2.com/sellers/netwitness)
- **Year Founded:** 1997
- **HQ Location:** Bedford, MA
- **Twitter:** @Netwitness (1,625 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/netwitness-platform/ (186 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Company Size:** 54% Enterprise, 33% Mid-Market


#### Pros & Cons

**Pros:**

- Investigation (2 reviews)
- Threat Detection (2 reviews)
- Centralized Management (1 reviews)
- Cybersecurity (1 reviews)
- Features (1 reviews)

**Cons:**

- Complex Implementation (2 reviews)
- Complexity (2 reviews)
- Complex Setup (2 reviews)
- Deployment Difficulties (2 reviews)
- Expertise Required (2 reviews)

### 24. [Open Threat Management (OTM) Platform](https://www.g2.com/products/open-threat-management-otm-platform/reviews)
  Seceon Open Threat Management Platform is a software designed for cybersecurity threat detection and response. The software integrates security monitoring, threat intelligence, and automated response capabilities to help organizations identify and mitigate cyber threats in real time. It ingests data from multiple sources, including network traffic, endpoints, and cloud environments, and applies machine learning and analytics to detect anomalies and threats. Through automation, the software streamlines incident response processes, supports compliance requirements, and assists security teams in reducing the time to detect and remediate security incidents. Seceon Open Threat Management Platform addresses the business problem of manual and fragmented security monitoring by offering a unified view and AI-driven analysis for proactive threat management.


  **Average Rating:** 4.5/5.0
  **Total Reviews:** 17

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.1/10)
- **Unified Visibility:** 10.0/10 (Category avg: 9.1/10)
- **Threat Hunting:** 10.0/10 (Category avg: 9.2/10)
- **Rule-Based Detection:** 10.0/10 (Category avg: 8.9/10)


**Seller Details:**

- **Seller:** [Seceon](https://www.g2.com/sellers/seceon)
- **Year Founded:** 2015
- **HQ Location:** Westford, Massachusetts, United States
- **Twitter:** @Seceon_Inc (1,209 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/seceon/ (167 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services
  - **Company Size:** 45% Mid-Market, 35% Small-Business


### 25. [Carbon Black Cloud](https://www.g2.com/products/carbon-black-cloud/reviews)
  The Carbon Black Cloud security platform helps you strengthen and unify security tools to see more and stop more. Carbon Black unifies visibility across your endpoints, networks, and containers to enable you to stop threats targeting your organization with speed and confidence. Carbon Black protects against the full spectrum of modern cyber-attacks, including emerging threats and ransomware. Top SOC teams, IR firms and MSSPs have adopted Carbon Black as a core component of their prevention, detection, and response capability stack. Carbon Black is available via MSSP or directly.


  **Average Rating:** 4.1/5.0
  **Total Reviews:** 38

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.1/10)


**Seller Details:**

- **Seller:** [Broadcom](https://www.g2.com/sellers/broadcom-ab3091cd-4724-46a8-ac89-219d6bc8e166)
- **Year Founded:** 1991
- **HQ Location:** San Jose, CA
- **Twitter:** @broadcom (63,117 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/broadcom/ (55,707 employees on LinkedIn®)
- **Ownership:** NASDAQ: CA

**Reviewer Demographics:**
  - **Top Industries:** Financial Services
  - **Company Size:** 56% Mid-Market, 33% Enterprise


#### Pros & Cons

**Pros:**

- Ease of Use (2 reviews)
- Antivirus Protection (1 reviews)
- Artificial Intelligence (1 reviews)
- Easy Management (1 reviews)
- Efficiency (1 reviews)

**Cons:**

- Compatibility Issues (1 reviews)
- Complex Implementation (1 reviews)
- Configuration Issues (1 reviews)
- Excessive Blocking (1 reviews)
- False Positives (1 reviews)


## Parent Category

[Cloud Security Software](https://www.g2.com/categories/cloud-security)


## Related Categories

- [Endpoint Detection &amp; Response (EDR) Software](https://www.g2.com/categories/endpoint-detection-response-edr)
- [Endpoint Protection Platforms](https://www.g2.com/categories/endpoint-protection-platforms)
- [Managed Detection and Response (MDR)  Software](https://www.g2.com/categories/managed-detection-and-response-mdr)


---
## Frequently Asked Questions

### How does user experience vary across different XDR platforms?

User experience across different XDR platforms varies significantly. For instance, Palo Alto Networks Cortex XDR scores an average user rating of 4.5/5, praised for its intuitive interface and robust integration capabilities. In contrast, Microsoft 365 Defender has a lower average rating of 4.2/5, with users noting a steeper learning curve. SentinelOne ranks similarly at 4.4/5, with feedback highlighting its automation features. Overall, while most platforms receive positive reviews, specific strengths and weaknesses in usability and learning curve are evident across the offerings.


### How do I evaluate the scalability of an XDR solution?

To evaluate the scalability of an XDR solution, consider user feedback on performance under increased loads, integration capabilities with existing systems, and the ease of adding new endpoints. Products like Palo Alto Networks Cortex XDR and Microsoft Sentinel are noted for their robust scalability features, with users highlighting seamless integration and effective management of large data volumes. Additionally, solutions such as Trend Micro XDR and CrowdStrike Falcon XDR receive positive remarks for their ability to scale efficiently as organizational needs grow, ensuring consistent performance.


### How do XDR platforms differ from traditional security solutions?

XDR platforms differ from traditional security solutions by integrating multiple security tools and data sources into a unified system, enhancing threat detection and response capabilities. Users report that XDR provides better visibility across endpoints, networks, and cloud environments, which is often lacking in traditional solutions. Additionally, XDR platforms typically offer automated response features, reducing the time to mitigate threats compared to conventional methods. This comprehensive approach is reflected in user feedback, highlighting improved efficiency and effectiveness in managing security incidents.


### How do XDR platforms handle compliance and regulatory requirements?

XDR platforms typically address compliance and regulatory requirements by offering features such as automated reporting, data encryption, and integration with existing compliance frameworks. Users highlight that platforms like Palo Alto Networks Cortex XDR and Microsoft 365 Defender provide robust compliance tools, including real-time monitoring and alerting for regulatory breaches. Additionally, vendors like Trend Micro and CrowdStrike emphasize their capabilities in maintaining data integrity and supporting audits, which are crucial for meeting various industry standards. Overall, these platforms are designed to streamline compliance processes while enhancing security posture.


### How quickly can I expect to see results after implementing an XDR solution?

Users typically report seeing results within 1 to 3 months after implementing an XDR solution, with many noting improvements in threat detection and response times. For instance, products like Palo Alto Networks Cortex XDR and Microsoft Defender for Endpoint are frequently highlighted for their quick deployment and immediate impact on security posture. Additionally, customers often mention that the integration of XDR solutions leads to enhanced visibility and faster incident response, contributing to overall security effectiveness shortly after implementation.


### What are common use cases for implementing an XDR platform?

Common use cases for implementing an XDR platform include enhancing threat detection and response capabilities, streamlining security operations through centralized visibility, and integrating data from multiple security tools for comprehensive analysis. Users frequently highlight the importance of automated incident response to reduce response times and improve overall security posture. Additionally, organizations leverage XDR for improved endpoint protection and to facilitate compliance with regulatory requirements by maintaining detailed security logs and reports.


### What are the deployment options available for XDR platforms?

XDR platforms typically offer various deployment options, including cloud-based, on-premises, and hybrid solutions. For instance, products like Palo Alto Networks Cortex XDR and Microsoft 365 Defender are primarily cloud-based, while others like Trend Micro XDR provide both cloud and on-premises options. Additionally, vendors such as CrowdStrike Falcon and SentinelOne focus on cloud deployment, emphasizing scalability and ease of management. Overall, the choice of deployment often depends on organizational needs, security requirements, and existing infrastructure.


### What are the key features to look for in an XDR platform?

Key features to look for in an XDR platform include integrated threat intelligence, automated incident response capabilities, comprehensive visibility across endpoints and networks, and advanced analytics for threat detection. Additionally, seamless integration with existing security tools and user-friendly dashboards are highly valued by users. Support for real-time monitoring and customizable alerting features also enhance the effectiveness of an XDR solution, ensuring timely responses to potential threats.


### What factors should influence my decision when selecting an XDR provider?

When selecting an XDR provider, consider factors such as integration capabilities, user experience, and threat detection effectiveness. Look for platforms that offer seamless integration with existing security tools, as this enhances overall security posture. User reviews highlight the importance of intuitive interfaces and ease of use, which can significantly impact operational efficiency. Additionally, evaluate the provider&#39;s ability to detect and respond to threats effectively, as this is crucial for minimizing risks. Finally, assess customer support and service reliability, as these can influence long-term satisfaction and effectiveness.


### What integrations should I consider when choosing an XDR platform?

When choosing an XDR platform, consider integrations with security information and event management (SIEM) systems, endpoint detection and response (EDR) tools, threat intelligence platforms, and cloud security solutions. Popular XDR platforms like Palo Alto Networks Cortex XDR, Microsoft 365 Defender, and Trend Micro XDR are noted for their extensive integration capabilities, enhancing overall security posture. Users frequently highlight the importance of seamless integration with existing security tools to ensure comprehensive threat detection and response.


### What is the average pricing range for XDR platforms?

The average pricing range for Extended Detection and Response (XDR) platforms typically falls between $5,000 to $30,000 per year, depending on the vendor and specific features offered. For instance, products like Palo Alto Networks Cortex XDR and Microsoft 365 Defender are noted for their comprehensive capabilities, while others like Trend Micro XDR and CrowdStrike Falcon XDR offer competitive pricing within this range. It&#39;s important to consider that pricing can vary based on the size of the organization and the level of service required.


### What types of support are typically offered by XDR vendors?

XDR vendors typically offer a range of support options, including 24/7 technical support, online resources such as knowledge bases and documentation, community forums for peer assistance, and dedicated account management for enterprise clients. Many users report that platforms like Palo Alto Networks Cortex XDR and Microsoft 365 Defender provide robust support services, including proactive threat hunting and incident response assistance. Additionally, training and onboarding support are commonly highlighted, ensuring users can effectively utilize the platform&#39;s features.