# Best Enterprise Endpoint Detection &amp; Response (EDR) Software

  *By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)*

   Products classified in the overall Endpoint Detection &amp; Response (EDR) category are similar in many regards and help companies of all sizes solve their business problems. However, enterprise business features, pricing, setup, and installation differ from businesses of other sizes, which is why we match buyers to the right Enterprise Business Endpoint Detection &amp; Response (EDR) to fit their needs. Compare product ratings based on reviews from enterprise users or connect with one of G2&#39;s buying advisors to find the right solutions within the Enterprise Business Endpoint Detection &amp; Response (EDR) category.

In addition to qualifying for inclusion in the Endpoint Detection &amp; Response (EDR) Software category, to qualify for inclusion in the Enterprise Business Endpoint Detection &amp; Response (EDR) Software category, a product must have at least 10 reviews left by a reviewer from an enterprise business.


## Category Overview

**Total Products under this Category:** 121


## Trust & Credibility Stats

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 12,500+ Authentic Reviews
- 121+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.


---

**Sponsored**

### Corsica Technologies

Corsica Technologies is a strategic technology partner for midmarket and enterprise businesses that specializes in consulting and managed services, designed to assist businesses in navigating the complexities of the digital landscape. This solution encompasses a wide array of services, including cybersecurity, IT services, artificial intelligence (AI) solutions, digital transformation, electronic data interchange (EDI), and data integration. By offering a comprehensive suite of services under one roof, Corsica Technologies aims to streamline operations and enhance the technological capabilities of its clients. The target audience for Corsica Technologies includes businesses of all sizes and across various sectors that are seeking to improve their IT infrastructure and security posture. Organizations looking to optimize their technology utilization and protect their systems from emerging threats can benefit significantly from Corsica&#39;s offerings. The company provides both fully managed and co-managed service options, allowing clients to choose the level of support that best fits their operational needs. This flexibility is particularly valuable for companies that may not have extensive in-house IT resources or expertise. Key features of Corsica Technologies include its integrated team of experts, which is backed by over 300 industry certifications. This level of expertise ensures that clients receive informed guidance and support tailored to their specific challenges. Additionally, Corsica manages over 20,000 systems, demonstrating its capability to handle diverse technological environments. The company&#39;s emphasis on cybersecurity is particularly noteworthy, as it provides businesses with the necessary tools and strategies to safeguard their data and systems against cyber threats. Another significant benefit of partnering with Corsica Technologies is the predictable monthly pricing model. This approach allows businesses to budget effectively for their IT needs without the uncertainty of fluctuating costs. By offering unlimited service consumption, Corsica ensures that clients can access the support they require without worrying about additional fees. This model not only enhances cost efficiency but also fosters a collaborative relationship between Corsica and its clients, as both parties work together to achieve optimal technology utilization. Overall, Corsica Technologies stands out in the managed services category by providing a holistic approach to technology management. Its combination of expertise, comprehensive service offerings, and flexible pricing structure positions it as a valuable partner for businesses aiming to thrive in an increasingly digital environment.


[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=1159&amp;secure%5Bdisplayable_resource_id%5D=1159&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=page_category&amp;secure%5Bplacement_resource_ids%5D%5B%5D=1159&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=146933&amp;secure%5Bresource_id%5D=1159&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fendpoint-detection-response-edr&amp;secure%5Btoken%5D=8bf3a6fdb960033c059840a80512c54b4119fdd05359b344997cb570805b890c&amp;secure%5Burl%5D=https%3A%2F%2Fcorsicatech.com%2Fmsp-that-bundles-all-technology-services%2F%3Futm_source%3DG2%26utm_medium%3Dcpc%26utm_campaign%3DG2_paid_clicks&amp;secure%5Burl_type%5D=custom_url)

---

## Top-Rated Products (Ranked by G2 Score)
### 1. [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews)
  Organizations today face a serious challenge: managing numerous security vendors and tools while confronting an ever-evolving threat landscape. Sophisticated adversaries are becoming smarter, faster, and more evasive, launching complex attacks that can strike in minutes or even seconds. Traditional security approaches struggle to keep pace, leaving businesses vulnerable. The CrowdStrike Falcon Platform addresses this by offering a unified, cloud-native solution. It consolidates previously siloed security solutions and incorporates third-party data into a single platform with one efficient and resource-conscious agent, leveraging advanced AI and real-time threat intelligence. This approach simplifies security operations, speeds analyst decision making, and enhances protection to stop the breach, allowing organizations to reduce risk with less complexity and lower costs. CrowdStrike&#39;s Falcon Platform includes: - Endpoint Security: Secure the endpoint, stop the breach - Identify Protection: Identity is the front line, defend it - Next-Gen SIEM: The future of SIEM, today - Data Protection: Real-time data protection from endpoint to cloud - Exposure Management: Understand risk to stop breaches - Charlotte AI: Powering the next evolution of the SOC


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 368

**User Satisfaction Scores:**

- **Ease of Admin:** 9.0/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.9/10 (Category avg: 8.7/10)
- **Ease of Use:** 9.0/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [CrowdStrike](https://www.g2.com/sellers/crowdstrike)
- **Company Website:** https://www.crowdstrike.com
- **Year Founded:** 2011
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @CrowdStrike (110,215 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2497653/ (11,258 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** Security Analyst, Cyber Security Analyst
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 46% Enterprise, 42% Mid-Market


#### Pros & Cons

**Pros:**

- Features (113 reviews)
- Threat Detection (103 reviews)
- Ease of Use (98 reviews)
- Security (97 reviews)
- Detection (86 reviews)

**Cons:**

- Expensive (54 reviews)
- Complexity (39 reviews)
- Learning Curve (35 reviews)
- Limited Features (31 reviews)
- Pricing Issues (29 reviews)

### 2. [Sophos Endpoint](https://www.g2.com/products/sophos-endpoint/reviews)
  Sophos Endpoint is the world’s most comprehensive endpoint protection solution. Built to stop the widest range of attacks, Sophos Endpoint has been proven to prevent even the most advanced ransomware and malware by leveraging a unique combination of next-generation techniques. This includes the ability to detect never-before-seen malware with deep learning, stop ransomware with Sophos anti-ransomware technology, and deny attacker tools with signatureless exploit prevention. Sophos Endpoint also includes root cause analysis to provide insight into threats, and instant malware removal to ensure no attack remnants remain.


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 782

**User Satisfaction Scores:**

- **Ease of Admin:** 9.3/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.0/10)
- **Quality of Support:** 9.0/10 (Category avg: 8.7/10)
- **Ease of Use:** 9.3/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Sophos](https://www.g2.com/sellers/sophos)
- **Company Website:** https://www.sophos.com/
- **Year Founded:** 1985
- **HQ Location:** Oxfordshire
- **Twitter:** @Sophos (36,759 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/5053/ (5,561 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** IT Manager, System Administrator
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 59% Mid-Market, 18% Small-Business


#### Pros & Cons

**Pros:**

- Ease of Use (191 reviews)
- Protection (180 reviews)
- Security (165 reviews)
- Threat Detection (129 reviews)
- Easy Management (124 reviews)

**Cons:**

- Slow Performance (73 reviews)
- High Resource Usage (52 reviews)
- Learning Curve (50 reviews)
- Difficult Configuration (36 reviews)
- High CPU Usage (34 reviews)

### 3. [TrendAI Vision One](https://www.g2.com/products/trendai-vision-one/reviews)
  TrendAI Vision One is a cloud-native security operations platform, serving cloud, hybrid, and on-premises environments. It combines ASM and XDR in a single console to effectively manage cyber risk across your organization. The platform provides powerful risk insights, earlier threat detection, and automated risk and threat response options. Utilize the platform’s predictive machine learning and advanced security analytics for a broader perspective and advanced context. TrendAI Vision One integrates with its own expansive protection platform portfolio and industry-leading global threat intelligence, in addition to a broad ecosystem of purpose-built and API-driven third-party integrations.


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 226

**User Satisfaction Scores:**

- **Ease of Admin:** 8.7/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.7/10 (Category avg: 8.7/10)
- **Ease of Use:** 8.6/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Trend Micro](https://www.g2.com/sellers/trend-micro)
- **Company Website:** https://www.trendmicro.com/
- **Year Founded:** 1988
- **HQ Location:** Tokyo
- **LinkedIn® Page:** https://www.linkedin.com/company/4312/ (8,090 employees on LinkedIn®)
- **Ownership:** OTCMKTS:TMICY

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 51% Enterprise, 34% Mid-Market


#### Pros & Cons

**Pros:**

- Visibility (38 reviews)
- Security (33 reviews)
- Ease of Use (32 reviews)
- Features (31 reviews)
- Threat Detection (27 reviews)

**Cons:**

- Complex Interface (12 reviews)
- Integration Issues (12 reviews)
- Learning Curve (11 reviews)
- Expensive (10 reviews)
- Limited Features (10 reviews)

### 4. [Arctic Wolf](https://www.g2.com/products/arctic-wolf/reviews)
  Arctic Wolf® is the market leader in security operations. Using the cloud-native Arctic Wolf® Platform, we help organizations end cyber risk by providing security operations as a concierge service. Arctic Wolf solutions include Arctic Wolf® Managed Detection and Response (MDR), Managed Risk, and Managed Security Awareness —each delivered by the industry’s original Concierge Security® Team. Highly-trained Concierge Security experts work as an extension of internal teams to provide 24x7 monitoring, detection, and response, as well as ongoing risk management to give organizations the protection, resilience and guidance they need to defend against cyber threats. Visit arcticwolf.com to get the latest industry resources and learn more about our solutions.


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 275

**User Satisfaction Scores:**

- **Ease of Admin:** 9.1/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.0/10)
- **Quality of Support:** 9.4/10 (Category avg: 8.7/10)
- **Ease of Use:** 9.2/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Arctic Wolf Networks](https://www.g2.com/sellers/arctic-wolf-networks)
- **Company Website:** https://www.arcticwolf.com
- **Year Founded:** 2012
- **HQ Location:** Eden Prairie, MN
- **Twitter:** @AWNetworks (4,469 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2760138/ (3,382 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** IT Manager, IT Director
  - **Top Industries:** Hospital &amp; Health Care, Information Technology and Services
  - **Company Size:** 71% Mid-Market, 20% Enterprise


#### Pros & Cons

**Pros:**

- Customer Support (58 reviews)
- Threat Detection (47 reviews)
- Cybersecurity (28 reviews)
- Ease of Use (27 reviews)
- Alerts (22 reviews)

**Cons:**

- Expensive (10 reviews)
- False Positives (7 reviews)
- Learning Curve (7 reviews)
- Cybersecurity Risks (6 reviews)
- Dashboard Issues (5 reviews)

### 5. [Check Point Harmony Endpoint](https://www.g2.com/products/check-point-harmony-endpoint/reviews)
  Harmony Endpoint is a complete endpoint security solution offering a fleet of advanced endpoint threat prevention capabilities so you can safely navigate today’s menacing threat landscape. It provides a comprehensive system to proactively prevent, detect, and remediate evasive malware attacks.


  **Average Rating:** 4.5/5.0
  **Total Reviews:** 255

**User Satisfaction Scores:**

- **Ease of Admin:** 8.7/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.7/10 (Category avg: 8.7/10)
- **Ease of Use:** 8.9/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies)
- **Year Founded:** 1993
- **HQ Location:** Redwood City, CA
- **Twitter:** @CheckPointSW (70,978 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,356 employees on LinkedIn®)
- **Ownership:** NASDAQ:CHKP

**Reviewer Demographics:**
  - **Who Uses This:** Network Engineer, Security Engineer
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 53% Mid-Market, 27% Enterprise


#### Pros & Cons

**Pros:**

- Security (73 reviews)
- Features (57 reviews)
- Threat Detection (51 reviews)
- Protection (50 reviews)
- Ease of Use (46 reviews)

**Cons:**

- Slow Performance (27 reviews)
- High Resource Usage (25 reviews)
- Difficult Configuration (21 reviews)
- Expensive (21 reviews)
- Learning Curve (21 reviews)

### 6. [Microsoft Defender for Endpoint](https://www.g2.com/products/microsoft-defender-for-endpoint/reviews)
  Microsoft Defender for Endpoint is a complete endpoint security solution that delivers preventative protection, post-breach detection, automated investigation, and response. With Defender for Endpoint, you have: Agentless, cloud powered - No additional deployment or infrastructure. No delays or update compatibility issues. Always up to date. Unparalleled optics - Built on the industry’s deepest insight into Windows threats and shared signals across devices, identities, and information. Automated security - Take your security to a new level by going from alert to remediation in minutes—at scale.


  **Average Rating:** 4.4/5.0
  **Total Reviews:** 299

**User Satisfaction Scores:**

- **Ease of Admin:** 8.6/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.5/10 (Category avg: 8.7/10)
- **Ease of Use:** 8.6/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft)
- **Year Founded:** 1975
- **HQ Location:** Redmond, Washington
- **Twitter:** @microsoft (13,105,844 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (227,697 employees on LinkedIn®)
- **Ownership:** MSFT

**Reviewer Demographics:**
  - **Who Uses This:** Software Engineer, Security Analyst
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 39% Enterprise, 35% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (20 reviews)
- Threat Detection (18 reviews)
- Security (17 reviews)
- Protection (15 reviews)
- Cybersecurity Protection (14 reviews)

**Cons:**

- Compatibility Issues (8 reviews)
- Complexity (8 reviews)
- Difficult Configuration (7 reviews)
- Improvements Needed (7 reviews)
- Lack of Clarity (7 reviews)

### 7. [Cortex XDR](https://www.g2.com/products/palo-alto-networks-cortex-xdr/reviews)
  Cortex XDR is the industry’s first extended detection and response platform that stops modern attacks by integrating data from any source. With Cortex XDR, you can harness the power of AI, analytics and rich data to detect stealthy threats. Your SOC team can cut through the noise and focus on what matters most with intelligent alert grouping and incident scoring. Cross-data insights accelerate investigations, so you can streamline incident response and recovery. Cortex XDR delivers peace of mind with best-in-class endpoint protection that achieved the highest combined protection and detection scores in the MITRE ATT&amp;CK® round 3 evaluation. The Cortex XDR platform collects and analyzes all data, so you can gain complete visibility and holistic protection to secure what’s next.


  **Average Rating:** 4.6/5.0
  **Total Reviews:** 49

**User Satisfaction Scores:**

- **Ease of Admin:** 8.9/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10)
- **Quality of Support:** 9.0/10 (Category avg: 8.7/10)
- **Ease of Use:** 9.0/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks)
- **Year Founded:** 2005
- **HQ Location:** Santa Clara, CA
- **Twitter:** @PaloAltoNtwks (128,686 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (21,355 employees on LinkedIn®)
- **Ownership:** NYSE: PANW

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 46% Enterprise, 37% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (2 reviews)
- Threat Detection (2 reviews)
- XDR Capabilities (2 reviews)
- Alert Notifications (1 reviews)
- Antivirus Protection (1 reviews)

**Cons:**

- Compatibility Issues (1 reviews)
- Complexity (1 reviews)
- Complex Management (1 reviews)
- Difficult Learning (1 reviews)
- Expensive (1 reviews)

### 8. [Cynet](https://www.g2.com/products/cynet/reviews)
  Cynet is the unified, AI-powered cybersecurity platform that delivers robust and comprehensive protection for security teams while maximizing operational efficiency for managed service providers (MSPs). This platform consolidates a wide array of security capabilities into a single, user-friendly interface, ensuring that organizations can effectively safeguard their digital assets without the complexity often associated with multi-solution environments. Cynet’s platform simplifies security management by integrating various functionalities, such as endpoint protection, threat detection, and incident response, into one cohesive system. This integration not only streamlines operations but also allows organizations to allocate their resources more effectively, ultimately enhancing their overall security posture. One of the standout features of Cynet’s platform is its remarkable performance in the MITRE ATT&amp;CK Evaluations. Cynet delivered 100% visibility and 100% analytic coverage without requiring any configuration changes three years in a row. This capability ensures that organizations can monitor their environments comprehensively and respond to threats with precision. The platform’s built-in analytics and reporting tools provide actionable insights, enabling users to make informed decisions about their cybersecurity strategies. Additionally, Cynet offers 24/7 expert support, which is crucial for organizations that may not have in-house cybersecurity expertise. This round-the-clock assistance ensures that users can quickly address any security incidents or concerns, minimizing potential downtime and damage. The combination of advanced technology and dedicated support positions Cynet as a valuable partner for SMEs and service providers looking to enhance their cybersecurity measures. In summary, Cynet’s unified, AI-powered cybersecurity platform stands out in the crowded cybersecurity market by offering a unified solution tailored to the needs of MSPs. Its comprehensive features, exceptional performance in industry evaluations, and continuous expert support make it a compelling choice for organizations seeking to bolster their cybersecurity defenses while maintaining operational efficiency.


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 208

**User Satisfaction Scores:**

- **Ease of Admin:** 9.2/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.0/10)
- **Quality of Support:** 9.3/10 (Category avg: 8.7/10)
- **Ease of Use:** 9.1/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Cynet](https://www.g2.com/sellers/cynet)
- **Company Website:** https://www.cynet.com/
- **Year Founded:** 2014
- **HQ Location:** Boston, MA
- **LinkedIn® Page:** https://www.linkedin.com/company/cynet-security/ (329 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** SOC Analyst, Technical Engineer
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 58% Mid-Market, 30% Small-Business


#### Pros & Cons

**Pros:**

- Ease of Use (48 reviews)
- Features (36 reviews)
- Threat Detection (34 reviews)
- Customer Support (32 reviews)
- Security (31 reviews)

**Cons:**

- Limited Customization (11 reviews)
- Feature Limitations (10 reviews)
- Lack of Customization (10 reviews)
- Limited Features (10 reviews)
- Missing Features (10 reviews)

### 9. [SentinelOne Singularity Endpoint](https://www.g2.com/products/sentinelone-singularity-endpoint/reviews)
  SentinelOne (NYSE:S) is pioneering autonomous cybersecurity to prevent, detect, and respond to cyber attacks faster and with higher accuracy than ever before. The Singularity Platform protects and empowers leading global enterprises with real-time visibility, cross-platform correlation, and AI-powered response across endpoints, cloud workloads and containers, network-connected (IoT) devices and identity-centric attack surfaces. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, on LinkedIn or Facebook. Over 9,250 customers, including 4 of the Fortune 10, hundreds of the Global 2000, prominent governments, healthcare providers, and educational institutions, trust SentinelOne to bring their defenses into the future, gaining more capability with less complexity. SentinelOne is a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms, and is a go-to platform across all customer profiles, as highlighted in Gartner’s Critical Capabilities report. SentinelOne continues to prove its industry-leading capabilities in the MITRE Engenuity ATT&amp;CK® Evaluation, with 100% protection detection, 88% less noise, and zero delays in the 2024 MITRE ATT&amp;CK Engenuity evaluations, demonstrating our dedication to keeping our customers ahead of threats from every vector.


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 194

**User Satisfaction Scores:**

- **Ease of Admin:** 8.9/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.9/10 (Category avg: 8.7/10)
- **Ease of Use:** 8.9/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [SentinelOne](https://www.g2.com/sellers/sentinelone)
- **Company Website:** https://www.sentinelone.com
- **Year Founded:** 2013
- **HQ Location:** Mountain View, CA
- **Twitter:** @SentinelOne (57,607 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2886771/ (3,183 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 45% Mid-Market, 36% Enterprise


#### Pros & Cons

**Pros:**

- Ease of Use (16 reviews)
- Features (11 reviews)
- Threat Detection (11 reviews)
- Customer Support (10 reviews)
- Security (7 reviews)

**Cons:**

- Learning Curve (4 reviews)
- Not User-Friendly (4 reviews)
- Slow Performance (4 reviews)
- Complexity (3 reviews)
- Difficult Configuration (3 reviews)

### 10. [IBM MaaS360](https://www.g2.com/products/ibm-maas360/reviews)
  IBM MaaS360 is an easy to use, unified endpoint management (UEM) solution that transforms the way that organizations support users, apps, content, and data across essentially every type of device. Its open, cloud-based platform integrates with preferred security and productivity tools. You can protect your workforce with evolved Threat Management, Mobile Security, Device management features and your analytics will be powered by watsonx AI capabilities, helping you to set up a good security posture. IBM MaaS360 is available for purchase on ibm.com and AWS Marketplace.


  **Average Rating:** 4.2/5.0
  **Total Reviews:** 183

**User Satisfaction Scores:**

- **Ease of Admin:** 8.0/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 8.0/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.1/10 (Category avg: 8.7/10)
- **Ease of Use:** 8.2/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [IBM](https://www.g2.com/sellers/ibm)
- **Company Website:** https://www.ibm.com/us-en
- **Year Founded:** 1911
- **HQ Location:** Armonk, NY
- **Twitter:** @IBM (709,023 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1009/ (324,553 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** IT Manager, Software Engineer
  - **Top Industries:** Information Technology and Services, Computer Software
  - **Company Size:** 45% Mid-Market, 34% Enterprise


#### Pros & Cons

**Pros:**

- Features (48 reviews)
- Security (46 reviews)
- Device Management (38 reviews)
- Ease of Use (37 reviews)
- Protection (24 reviews)

**Cons:**

- Learning Curve (24 reviews)
- Poor Interface Design (17 reviews)
- Poor UI (17 reviews)
- Slow Performance (17 reviews)
- Outdated Interface (13 reviews)

### 11. [ThreatDown](https://www.g2.com/products/threatdown/reviews)
  ThreatDown solutions simplify endpoint security by combining Malwarebytes’ award-winning detection and remediation with quick deployment in an easy user-interface – to protect people, devices, and data in minutes. The ThreatDown product line is enriched by Malwarebytes global threat intelligence, its patented remediation engine that removes every trace of malware to prevent reinfection, and its nearly two decades of experience detecting and remediating threats. With one agent and one console, ThreatDown solutions are purpose-built to simplify cybersecurity for organizations with limited IT resources. ThreatDown solutions bundle technology with services to streamline security and provide robust protection that’s efficient and cost-effective. With a channel-first mindset across the globe, we empower our partners to help resource-constrained IT organizations. ThreatDown Solutions: ThreatDown MDR (managed detection and response) combines Malwarebytes’ renowned detection, with AI-powered engines, and around-the-clock human intervention to streamline security and allow organizations to focus on business growth. ThreatDown MDR simply and effectively closes your security resources gap, reduces your risk of unknown threats, and increases your security efficiency exponentially. ThreatDown EDR (endpoint detection and response) is enriched by Malwarebytes global threat intelligence and its patented remediation engine that removes every trace of malware to prevent reinfection. It provides protection against a range of threats, including malware, ransomware, zero-day exploits, phishing, and other threats with a suite of tools to detect, investigate and contain even the stealthiest human-operated attacks that bypass prevention layers. Seven-day ransomware rollback ensures organizations can turn the clock back on attacks and restore systems. ThreatDown Security Advisor provides customers with a security score to illustrate their current level of protection, offers guidance on how to make improvements and enables them to take immediate action. ThreatDown Bundles: ThreatDown Core is a complete malware prevention solution with vulnerability assessment and application blocking. It features our award-winning prevention technologies, visibility to assess your risk for vulnerability exploits (one of the most common attack vectors), and the blocking of malicious and unwanted applications. ThreatDown Advanced includes award-winning technologies such as endpoint detection and response, ransomware rollback, patch management, and managed threat hunting to appreciably enhance endpoint security. ThreatDown Elite is purpose-built for organizations with small (to non-existent) security teams that lack the resources to address all security alerts. Beyond the Advanced bundle, Elite includes 24x7x365 expert-managed detection and response. ThreatDown Ultimate includes the technologies and human expertise you need for comprehensive protection wrapped up and delivered as a single, hassle-free solution. Ultimate also includes easy-to-use, website content filtering (DNS Filtering). For Partners Our multi-tenant ThreatDown OneView platform enables MSPs and IT admins to streamline operations with centralized management of customer endpoints, license subscriptions, reporting, and global policies. With products and services like Endpoint Detection and Response (EDR), Managed Detection and Response (MDR) and the rest of our technologies in our portfolio, partners can offer the right product or service to each customer, tailored to their specific needs. Find out more about our partner program at https://www.threatdown.com/partner-program.


  **Average Rating:** 4.6/5.0
  **Total Reviews:** 1,040

**User Satisfaction Scores:**

- **Ease of Admin:** 9.1/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.8/10 (Category avg: 8.7/10)
- **Ease of Use:** 9.2/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Malwarebytes](https://www.g2.com/sellers/malwarebytes)
- **Company Website:** https://www.malwarebytes.com
- **Year Founded:** 2008
- **HQ Location:** Santa Clara, CA
- **Twitter:** @Malwarebytes (87,543 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/malwarebytes/ (613 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** IT Manager, Owner
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 48% Small-Business, 41% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (99 reviews)
- Features (68 reviews)
- Security (59 reviews)
- Threat Detection (56 reviews)
- Customer Support (54 reviews)

**Cons:**

- Poor Customer Support (23 reviews)
- Lack of Clarity (22 reviews)
- Missing Features (20 reviews)
- False Positives (18 reviews)
- Communication Issues (16 reviews)

### 12. [ESET PROTECT](https://www.g2.com/products/eset-protect/reviews)
  Stay one step ahead of known and emerging cyber threats with our AI-native, prevention-first approach. ESET combines the power of AI and human expertise to make protection easy and effective. Experience best-in-class protection thanks to our in-house global cyber threat intelligence, compiled and examined for over 30 years, which drives our extensive R&amp;D network led by industry-acclaimed researchers. ESET PROTECT, our cloud-first XDR cybersecurity platform combines next-gen prevention, detection, and proactive threat hunting capabilities. ESET&#39;s highly customizable solutions include local support and have minimal impact on performance, identify and neutralize known and emerging threats before they can be executed, support business continuity, and reduce the cost of implementation and management. HOW YOUR ORGANIZATION WILL BENEFIT - Improved protection against ransomware and zero-day threats via cloud-based sandboxing technology. - Helps comply with data regulations thanks to full disk encryption capabilities on Windows and macOS. - Easily accessible ESET PROTECT console improves TCO of security management. - Single-pane-of-glass remote management for visibility of threats, users, and quarantined items. - Company endpoints and mobiles are protected via advanced multilayered technology, now with brute-force attack protection.


  **Average Rating:** 4.6/5.0
  **Total Reviews:** 941

**User Satisfaction Scores:**

- **Ease of Admin:** 8.5/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 8.9/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.9/10 (Category avg: 8.7/10)
- **Ease of Use:** 9.0/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [ESET](https://www.g2.com/sellers/eset)
- **Company Website:** https://www.eset.com
- **Year Founded:** 1992
- **HQ Location:** Bratislava, Slovak Republic
- **Twitter:** @ESET (276,397 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/28967/ (1,944 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** IT Manager, Network Administrator
  - **Top Industries:** Information Technology and Services, Computer Software
  - **Company Size:** 47% Mid-Market, 46% Small-Business


#### Pros & Cons

**Pros:**

- Ease of Use (95 reviews)
- Protection (79 reviews)
- Reliability (71 reviews)
- Security (64 reviews)
- Centralized Management (58 reviews)

**Cons:**

- Learning Curve (32 reviews)
- Difficult Configuration (31 reviews)
- Not User-Friendly (25 reviews)
- Lack of Clarity (23 reviews)
- Difficult Navigation (20 reviews)

### 13. [Huntress Managed EDR](https://www.g2.com/products/huntress-managed-edr/reviews)
  At Huntress, we believe that enterprise-grade endpoint security shouldn’t just be for big security teams with the most resources. When basic defenses don&#39;t cut it, Huntress Managed EDR levels the cybersecurity playing field with a solution for ALL businesses. Our comprehensive platform combines fully-owned technology with expert oversight, including 24/7 monitoring by a team of expert hunters specializing in wrecking hackers day in and day out. Our focus is on hitting hackers when and where it matters most, so we filter out the noise of false positives and only alert you on real threats. And if hackers breach your defenses, we isolate and eliminate those threats for you with speed and precision. With Huntress, you’re not just keeping pace—you’re leveling up to world-class endpoint security. Huntress gives organizations of all sizes a top EDR solution with the ease of use security teams actually need so they can sleep at night knowing they&#39;re protected.


  **Average Rating:** 4.9/5.0
  **Total Reviews:** 870

**User Satisfaction Scores:**

- **Ease of Admin:** 9.6/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.0/10)
- **Quality of Support:** 9.7/10 (Category avg: 8.7/10)
- **Ease of Use:** 9.5/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Huntress Labs](https://www.g2.com/sellers/huntress-labs)
- **Company Website:** https://huntress.com
- **Year Founded:** 2015
- **HQ Location:** Ellicott City, US
- **Twitter:** @HuntressLabs (40,031 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/10172550/ (859 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** Owner, President
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 79% Small-Business, 17% Mid-Market


#### Pros & Cons

**Pros:**

- Customer Support (158 reviews)
- Ease of Use (125 reviews)
- Threat Detection (92 reviews)
- Protection (75 reviews)
- Continuous Monitoring (70 reviews)

**Cons:**

- Improvements Needed (20 reviews)
- Lack of Customization (17 reviews)
- Poor Reporting (17 reviews)
- Alert Issues (15 reviews)
- Integration Issues (15 reviews)

### 14. [Trellix Endpoint Security](https://www.g2.com/products/trellix-endpoint-security/reviews)
  Trellix Endpoint Security Suite gives your security team the context, visibility, and capabilities to identify, investigate, and remediate threats across your hybrid environment. And it provides the data essential for your extended detection and response.


  **Average Rating:** 4.3/5.0
  **Total Reviews:** 320

**User Satisfaction Scores:**

- **Ease of Admin:** 8.2/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 8.1/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.5/10 (Category avg: 8.7/10)
- **Ease of Use:** 8.6/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Trellix](https://www.g2.com/sellers/trellix)
- **Year Founded:** 2004
- **HQ Location:** Milpitas, CA
- **Twitter:** @Trellix (241,709 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/44195/ (811 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** Senior Software Engineer, Software Developer
  - **Top Industries:** Information Technology and Services, Computer Software
  - **Company Size:** 42% Mid-Market, 41% Enterprise


#### Pros & Cons

**Pros:**

- Ease of Use (6 reviews)
- Features (4 reviews)
- Threat Detection (4 reviews)
- Customer Support (3 reviews)
- Protection (3 reviews)

**Cons:**

- Difficult Configuration (2 reviews)
- Expensive (2 reviews)
- Agent Issues (1 reviews)
- Complex Installation (1 reviews)
- Complex Interface (1 reviews)

### 15. [Acronis Cyber Protect](https://www.g2.com/products/acronis-acronis-cyber-protect/reviews)
  Acronis Cyber Protect delivers robust protection against cyberthreats, unparalleled backup and recovery capabilities and simplified management and visibility through a single pane of glass, for the entire environment. Key features of Acronis Cyber Protect include: · Cyberthreat protection: Using artificial intelligence (AI) and machine learning (ML), proactively secures data, applications and systems, from advanced cyberattacks, including ransomware and other forms of malware. · Rapid Recovery: Reduced dependency on central IT support empowers users to initiate one-click recovery of distributed endpoints, including bare-metal recovery of physical workloads. · Reduced TCO: Broad, multigenerational OS support, enables vendor consolidation while ensuring comprehensive protection. · Simplified management: Centralized management includes local autonomy and seamless integration with existing third-party tools to provide a unified view of backup and recovery operations along with broad, multigenerational OS support. · Data sovereignty: With the use of Acronis’ extensive network of global data centers, users can ensure compliance and master regional data sovereignty laws, offering peace of mind and regulatory compliance. Acronis is majority-owned by EQT.


  **Average Rating:** 4.3/5.0
  **Total Reviews:** 654

**User Satisfaction Scores:**

- **Ease of Admin:** 8.4/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 8.4/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.3/10 (Category avg: 8.7/10)
- **Ease of Use:** 8.6/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Acronis](https://www.g2.com/sellers/acronis)
- **Year Founded:** 2003
- **HQ Location:** Schaffhausen
- **Twitter:** @acronis (94,780 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/13179/ (1,917 employees on LinkedIn®)
- **Ownership:** Acronis is majority-owned by EQT

**Reviewer Demographics:**
  - **Who Uses This:** Support Analyst, IT Manager
  - **Top Industries:** Information Technology and Services, Computer Software
  - **Company Size:** 45% Small-Business, 40% Mid-Market


#### Pros & Cons

**Pros:**

- Backup Solutions (10 reviews)
- Ease of Use (8 reviews)
- Features (8 reviews)
- Data Recovery (5 reviews)
- Security (5 reviews)

**Cons:**

- Expensive (6 reviews)
- Complexity (4 reviews)
- Difficult Learning (4 reviews)
- Poor Customer Support (4 reviews)
- Slow Performance (4 reviews)

### 16. [Iru](https://www.g2.com/products/iru/reviews)
  Iru is an AI-powered IT and security platform designed to help organizations secure their users, applications, and devices in an increasingly complex digital landscape. Tailored for the AI era, Iru integrates identity and access management, endpoint security, and compliance automation into a single cohesive solution. This unification streamlines operations, allowing IT and security teams to regain control and allocate their time more effectively. Targeted at fast-growing companies, Iru addresses the challenges faced by IT and security professionals who often juggle multiple tools and systems. The platform is particularly beneficial for organizations that require robust security measures while maintaining agility and efficiency. Use cases include managing user access across various applications, ensuring device security, and automating compliance processes, all of which are critical in today’s fast-paced business environment. At the heart of Iru is the Iru Context Model, which provides a dynamic overview of the organization’s environment by continuously monitoring users, devices, and applications in real-time. Complementing this model is Iru AI, an intelligent layer that transforms live data signals into actionable insights, orchestrates necessary actions, and maintains a comprehensive audit trail. This integration enhances policy enforcement, automates response mechanisms, and simplifies compliance, making it easier for organizations to adhere to regulatory requirements. One of Iru&#39;s standout features is its single endpoint agent, which manages and secures every device within an organization’s fleet. By implementing passwordless access through device-bound passkeys linked to device posture, Iru creates a trust fabric that strengthens security between users and devices. Additionally, compliance is continuously monitored with customized controls and an Adaptive Evidence Map that updates automatically, reducing the burden on IT teams and minimizing the risk of oversight. Iru aims to bring clarity and control back to overwhelmed IT and security teams by consolidating disparate tools into one unified platform. This shift allows teams to transition from reactive firefighting to proactive strategic initiatives that drive business success. The result is a more robust security posture, simplified workflows, and outcomes that align with organizational goals, ultimately fostering a safer and more efficient operational environment.


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 772

**User Satisfaction Scores:**

- **Ease of Admin:** 9.4/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.0/10)
- **Quality of Support:** 9.5/10 (Category avg: 8.7/10)
- **Ease of Use:** 9.4/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Iru](https://www.g2.com/sellers/iru)
- **Company Website:** https://www.iru.com/
- **Year Founded:** 2018
- **HQ Location:** Miami, FL
- **Twitter:** @officiallyiru (2,013 Twitter followers)
- **LinkedIn® Page:** https://linkedin.com/company/officiallyiru (356 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** IT Manager, CTO
  - **Top Industries:** Computer Software, Information Technology and Services
  - **Company Size:** 72% Mid-Market, 23% Small-Business


#### Pros & Cons

**Pros:**

- Ease of Use (345 reviews)
- Customer Support (254 reviews)
- Device Management (174 reviews)
- Easy Setup (152 reviews)
- Apple Device Management (148 reviews)

**Cons:**

- Missing Features (71 reviews)
- Lacking Features (56 reviews)
- Device Management (53 reviews)
- Limited Compatibility (51 reviews)
- Expensive (46 reviews)

### 17. [Acronis Cyber Protect Cloud](https://www.g2.com/products/acronis-cyber-protect-cloud/reviews)
  Acronis delivers the world’s most complete cyber resilience platform, combining backup, disaster recovery, cybersecurity, RMM, and business operations tools into a single, natively integrated solution. Built specifically for Managed Service Providers (MSPs) and IT teams, Acronis simplifies operations with one agent, one console, and one license model. Automation, AI-driven insights, and multi-tenant management ensure that fewer technicians can manage more clients at lower cost. With predictable pricing and transparent billing, Acronis enables partners and IT teams to scale efficiently, comply with regulations, and deliver unmatched resilience. No other vendor delivers this level of integration, efficiency, and MSP alignment. Acronis Cyber Protect Cloud unites backup and next-generation, AI-based anti-malware, antivirus, and endpoint protection management in one solution. Integration and automation provide unmatched ease for service providers — reducing complexity while increasing productivity and decreasing operating costs. Acronis Cyber Protect Cloud is the single service provider solution that combines backup, anti-malware (including anti-virus, anti-ransomware, and anti-cryptojacking) and security and management capabilities such as vulnerability assessments, patch management, URL filtering and more. Now, service providers can eliminate complexity and make security a centerpiece of their offerings while increasing SLAs, decreasing churn, and generating more recurring revenue. Get upgraded security with integrated AI-based defenses that protect clients from modern threats, make smarter use of resources so your team can focus on clients, and earn new recurring revenue and higher margins that strengthen your business. Enriched with next-gen, full-stack anti-malware protection and comprehensive yet simple management tools, built on top of our industry-leading backup and data recovery solution, Acronis Cyber Protect Cloud simplifies onboarding, daily operations, and reporting, and combats advanced attacks with new use cases enabled by integration. Acronis Cyber Protect Cloud makes it easy to deliver the modern cyber protection your clients seek. Acronis is majority-owned by EQT.


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 1,261

**User Satisfaction Scores:**

- **Ease of Admin:** 9.1/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.8/10 (Category avg: 8.7/10)
- **Ease of Use:** 9.1/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Acronis](https://www.g2.com/sellers/acronis)
- **Company Website:** https://www.acronis.com/
- **Year Founded:** 2003
- **HQ Location:** Schaffhausen
- **Twitter:** @acronis (94,780 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/13179/ (1,917 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** CEO, Director
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 68% Small-Business, 28% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (217 reviews)
- Backup Solutions (213 reviews)
- Backup Ease (169 reviews)
- Protection (159 reviews)
- Security (158 reviews)

**Cons:**

- Slow Performance (77 reviews)
- Expensive (65 reviews)
- Complexity (53 reviews)
- Poor Customer Support (50 reviews)
- Backup Issues (41 reviews)

### 18. [Carbon Black EDR](https://www.g2.com/products/carbon-black-edr/reviews)
  Carbon Black EDR is a market-leading incident response and threat hunting solution designed to provide responders with the most information possible, accompanied by expert threat analysis and armed with real-time response capabilities to stop attacks, minimize damage and close security gaps. Carbon Black EDR makes these teams more efficient, reducing investigations from days to hours, and more effective, enabling them to discover threats before attacks can exploit them. Carbon Black EDR also allows teams to connect to and isolate infected machines to prevent lateral movement and remediate devices without costly IT involvement. Continuous and Centralized Recording Centralized access to continuously recorded endpoint data means that security professionals have the information they need to hunt threats in real time as well as conduct in-depth investigations after a breach has occurred. Live Response for Remote Remediation With Live Response, incident responders can create a secure connection to infected hosts to pull or push files, kill processes, perform memory dumps and quickly remediate from anywhere in the world. Attack Chain Visualization and Search Carbon Black EDR provides intuitive attack chain visualization to make identifying root cause fast and easy. Analysts can quickly jump through each stage of an attack to gain insight into the attacker’s behavior, close security gaps and learn from every new attack technique to avoid falling victim to the same attack twice. Automation via Integrations and Open APIs Carbon Black boasts a robust partner ecosystem and open platform that allows security teams to integrate products like Carbon Black EDR into their existing security stack.


  **Average Rating:** 4.4/5.0
  **Total Reviews:** 82

**User Satisfaction Scores:**

- **Ease of Admin:** 7.9/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 8.3/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.6/10 (Category avg: 8.7/10)
- **Ease of Use:** 8.4/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Broadcom](https://www.g2.com/sellers/broadcom-ab3091cd-4724-46a8-ac89-219d6bc8e166)
- **Year Founded:** 1991
- **HQ Location:** San Jose, CA
- **Twitter:** @broadcom (63,117 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/broadcom/ (55,707 employees on LinkedIn®)
- **Ownership:** NASDAQ: CA

**Reviewer Demographics:**
  - **Who Uses This:** IT Manager
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 64% Mid-Market, 41% Enterprise


#### Pros & Cons

**Pros:**

- Protection (5 reviews)
- Automation (2 reviews)
- Incident Response (2 reviews)
- Threat Detection (2 reviews)
- AI (1 reviews)

**Cons:**

- Expensive (3 reviews)
- High Resource Usage (2 reviews)
- Alert Issues (1 reviews)
- False Positives (1 reviews)
- Inefficient Search Functionality (1 reviews)

### 19. [Carbon Black Cloud](https://www.g2.com/products/carbon-black-cloud/reviews)
  The Carbon Black Cloud security platform helps you strengthen and unify security tools to see more and stop more. Carbon Black unifies visibility across your endpoints, networks, and containers to enable you to stop threats targeting your organization with speed and confidence. Carbon Black protects against the full spectrum of modern cyber-attacks, including emerging threats and ransomware. Top SOC teams, IR firms and MSSPs have adopted Carbon Black as a core component of their prevention, detection, and response capability stack. Carbon Black is available via MSSP or directly.


  **Average Rating:** 4.1/5.0
  **Total Reviews:** 38

**User Satisfaction Scores:**

- **Ease of Admin:** 8.1/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.4/10 (Category avg: 8.7/10)
- **Ease of Use:** 8.2/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Broadcom](https://www.g2.com/sellers/broadcom-ab3091cd-4724-46a8-ac89-219d6bc8e166)
- **Year Founded:** 1991
- **HQ Location:** San Jose, CA
- **Twitter:** @broadcom (63,117 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/broadcom/ (55,707 employees on LinkedIn®)
- **Ownership:** NASDAQ: CA

**Reviewer Demographics:**
  - **Top Industries:** Financial Services
  - **Company Size:** 56% Mid-Market, 33% Enterprise


#### Pros & Cons

**Pros:**

- Ease of Use (2 reviews)
- Antivirus Protection (1 reviews)
- Artificial Intelligence (1 reviews)
- Easy Management (1 reviews)
- Efficiency (1 reviews)

**Cons:**

- Compatibility Issues (1 reviews)
- Complex Implementation (1 reviews)
- Configuration Issues (1 reviews)
- Excessive Blocking (1 reviews)
- False Positives (1 reviews)

### 20. [Palo Alto Cortex XSIAM](https://www.g2.com/products/palo-alto-cortex-xsiam/reviews)
  Product Description: Palo Alto Networks&#39; Cortex XSIAM is an AI-driven security operations platform designed to transform traditional Security Operations Centers by integrating and automating key functions such as data centralization, threat detection, and incident response. By leveraging machine learning and automation, it enables organizations to detect and respond to threats more efficiently, reducing manual workloads and improving overall security posture. Key Features and Functionality: - Data Centralization: Aggregates data from various sources into a unified platform, providing comprehensive visibility across the enterprise. - AI-Powered Threat Detection: Utilizes machine learning algorithms to identify anomalies and potential threats in real-time. - Automated Incident Response: Streamlines response processes through automation, enabling rapid mitigation of security incidents. - Integrated SOC Capabilities: Combines functions such as Extended Detection and Response , Security Orchestration, Automation, and Response , Attack Surface Management , and Security Information and Event Management into a cohesive platform, eliminating the need for multiple disparate tools. - Scalability: Designed to handle large volumes of data and adapt to the evolving needs of modern enterprises. Primary Value and Problem Solved: Cortex XSIAM addresses the challenges of disjointed data, weak threat defense, and heavy reliance on manual work in traditional SOCs. By centralizing data and automating security operations, it simplifies processes, enhances threat detection accuracy, and accelerates incident response times. This transformation enables organizations to proactively outpace threats, reduce operational costs, and achieve a more robust security posture.


  **Average Rating:** 4.4/5.0
  **Total Reviews:** 61

**User Satisfaction Scores:**

- **Ease of Admin:** 8.1/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 8.4/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.2/10 (Category avg: 8.7/10)
- **Ease of Use:** 8.4/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks)
- **Year Founded:** 2005
- **HQ Location:** Santa Clara, CA
- **Twitter:** @PaloAltoNtwks (128,686 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (21,355 employees on LinkedIn®)
- **Ownership:** NYSE: PANW

**Reviewer Demographics:**
  - **Who Uses This:** Information Security Engineer
  - **Top Industries:** Computer &amp; Network Security, Information Technology and Services
  - **Company Size:** 48% Enterprise, 29% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (50 reviews)
- Threat Detection (37 reviews)
- Integrations (28 reviews)
- Cybersecurity (27 reviews)
- Features (27 reviews)

**Cons:**

- Expensive (28 reviews)
- Difficult Learning (17 reviews)
- Complexity (14 reviews)
- Integration Issues (14 reviews)
- UX Improvement (12 reviews)

### 21. [ThreatLocker Platform](https://www.g2.com/products/threatlocker-platform/reviews)
  ThreatLocker is a global leading Zero Trust Platform designed to empower organizations by providing them with the ability to control which applications are permitted to run on their networks. This suite of security tools is tailored for a wide range of users, including businesses, government agencies, and academic institutions, all of whom face the increasing threat of cybercrime. By enabling users to manage application execution, ThreatLocker aims to create a secure environment where organizations can operate without the looming fear of malware and other cyber threats. The ThreatLocker suite stands out in the cybersecurity landscape due to its focus on application whitelisting, a proactive approach that allows organizations to define and enforce policies on what software can be executed. This feature is particularly beneficial for organizations that require stringent security measures, as it minimizes the risk of unauthorized applications compromising sensitive data. The solution is designed for IT administrators who seek to enhance their network security posture while maintaining operational efficiency. One of the key features of ThreatLocker is its ability to provide real-time visibility and control over application behavior. This allows organizations to monitor application usage and detect any suspicious activities that may indicate a potential threat. Additionally, ThreatLocker offers customizable policies that can be tailored to meet the specific needs of different departments or user groups within an organization, ensuring that security measures align with operational requirements. Another significant benefit of ThreatLocker is its user-friendly interface, which simplifies the management of security policies. This accessibility enables IT teams to implement and adjust security measures without extensive training or expertise in cybersecurity. Furthermore, ThreatLocker is backed by a team of experienced cybersecurity professionals who continuously update and enhance the platform to address emerging threats and vulnerabilities. In essence, ThreatLocker provides organizations with the tools they need to take control of their cybersecurity strategy. By focusing on application control and offering robust monitoring capabilities, ThreatLocker helps organizations mitigate risks associated with cyber threats while fostering a secure environment for their operations. This innovative approach to cybersecurity empowers users to navigate their digital landscape confidently, free from the influence of cybercriminals.


  **Average Rating:** 4.8/5.0
  **Total Reviews:** 471

**User Satisfaction Scores:**

- **Ease of Admin:** 8.6/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.0/10)
- **Quality of Support:** 9.7/10 (Category avg: 8.7/10)
- **Ease of Use:** 8.3/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Threatlocker Inc](https://www.g2.com/sellers/threatlocker-inc)
- **Company Website:** https://www.threatlocker.com
- **Year Founded:** 2017
- **HQ Location:** Orlando, Florida, United States
- **Twitter:** @ThreatLocker (2,735 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/65512111/ (686 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** President, CEO
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 54% Small-Business, 33% Mid-Market


#### Pros & Cons

**Pros:**

- Customer Support (92 reviews)
- Threat Detection (87 reviews)
- Ease of Use (75 reviews)
- Security (71 reviews)
- Protection (69 reviews)

**Cons:**

- Learning Curve (44 reviews)
- Difficult Learning Curve (30 reviews)
- Difficult Configuration (16 reviews)
- Difficult Navigation (14 reviews)
- Training Required (13 reviews)

### 22. [Intezer](https://www.g2.com/products/intezer-intezer/reviews)
  Intezer automates the entire alert triage process, like an extension of your team handling Tier 1 SOC tasks for every alert at machine-speed. Intezer monitors incoming incidents from endpoint, reported phishing pipelines, or SIEM tools, then autonomously collects evidence, investigates, makes triage decisions, and escalates only the serious threats to your team for human intervention. Power your SOC with artificial intelligence that makes sure every alert is deeply analyzed (including every single artifact like files, URLs, endpoint memory, etc.), detecting malicious code in memory and other evasive threats. Fast set up and integrations with your SOC team&#39;s workflows (EDR, SOAR, SIEM, etc.) means Intezer&#39;s AI can immediately start filtering out false positives, giving you detailed analysis about every threat, and speeding up your incident response time. With Intezer: • Reduce Tier 1 escalation, sending only 4% of alerts on average to your team for immediate action. • Identify up to 97% of false positive alerts without taking any time from your analysts. • Reduce average triage time to 5 minutes or less, while giving your analysts deep context about every alert to prioritize critical treats and respond faster.


  **Average Rating:** 4.5/5.0
  **Total Reviews:** 187

**User Satisfaction Scores:**

- **Ease of Admin:** 8.8/10 (Category avg: 8.8/10)
- **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.0/10)
- **Quality of Support:** 8.6/10 (Category avg: 8.7/10)
- **Ease of Use:** 9.1/10 (Category avg: 8.7/10)


**Seller Details:**

- **Seller:** [Intezer](https://www.g2.com/sellers/intezer)
- **Year Founded:** 2015
- **HQ Location:** New York
- **Twitter:** @IntezerLabs (10,225 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/10656303/ (88 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** Software Engineer, Student
  - **Top Industries:** Computer &amp; Network Security, Information Technology and Services
  - **Company Size:** 54% Small-Business, 23% Mid-Market


#### Pros & Cons

**Pros:**

- Detection Accuracy (3 reviews)
- Ease of Use (3 reviews)
- Malware Protection (3 reviews)
- Security (3 reviews)
- Security Protection (3 reviews)

**Cons:**

- Complex Interface (2 reviews)
- Poor Interface Design (2 reviews)
- UX Improvement (2 reviews)
- Access Control (1 reviews)
- Data Privacy (1 reviews)


## Parent Category

[Endpoint Protection Software](https://www.g2.com/categories/endpoint-protection)


## Related Categories

- [Antivirus Software](https://www.g2.com/categories/antivirus)
- [Endpoint Protection Platforms](https://www.g2.com/categories/endpoint-protection-platforms)
- [Managed Detection and Response (MDR)  Software](https://www.g2.com/categories/managed-detection-and-response-mdr)


---

## Buyer Guide

### What You Should Know About Endpoint Detection &amp; Response (EDR) Software

### What is endpoint detection and response (EDR) software?

EDR software is used to help companies identify and remediate threats related to network-connected endpoints. EDR solutions inform security professionals of vulnerable or infected endpoints and guide them through the remediation process. After incidents have been resolved, EDR tools help teams investigate issues and the vulnerable components that allow an endpoint to become compromised.

Continuous monitoring is one of the core capabilities of endpoint detection technologies. These monitoring features provide complete and continuous visibility across a company’s network-connected endpoints. Individuals can monitor behaviors, vulnerabilities, and activity for abnormalities. When abnormalities are identified, the detection portion of EDR technology transitions to the response portion.

Endpoint response begins with alerting and containment. Security professionals are alerted of threats present to their systems and isolate potentially compromised endpoints from further network access; this helps prevent one infected endpoint from becoming hundreds. Once systems are properly organized to contain malware and threat actors, security teams can work to remove malware and prevent future access from actors to endpoint devices.

EDR platforms store threat data related to security incidents, improving a team&#39;s ability to defend against threats in the future by helping them identify root causes and threat actors. Additionally, zero-day exploits may be identified, and other vulnerabilities may be remediated as a result. This will help prevent third-party privilege escalation, malware injection, and unapproved endpoint control from occurring in the future. Some EDR products provide machine learning capabilities to analyze events, improve threat hunting, and reduce false positives by automating protection and remediation processes.

### Key benefits of EDR software

- Monitor endpoints and detect issues or security incidents
- Remediate present threats to endpoints
- Investigate incidents to identify causes
- Contain threats and restrict access to other endpoints or networks

### Why use endpoint detection and response solutions?

Endpoints are some of the most vulnerable components of a business&#39; network structure. One vulnerable endpoint could cause a company’s entire network, databases, and sensitive information to become exposed or stolen. EDR systems will help secure individual endpoints, detect issues as they arise, and contain threats that make their way beyond traditional security structures.

Endpoint protection is even more relevant considering the growing popularity of bring-your-own-device (BYOD) policies. When employees are in complete control over downloads, applications, and updates, security must be a priority. Every day professionals are not the most security-savvy individuals and may unintentionally compromise their devices or put business information at risk.

**Zero-day threats—** While traditional prevention tools such as antivirus software or firewall technology are helpful as the first line of defense, zero-day threats are bound to occur. The nature of these threats means they have yet to be discovered and, therefore, cannot be defended against. EDR solutions will help identify new threats as they arise and remediate them before damage occurs.

**Visibility and control—** Continuous monitoring and endpoint visibility help defend against traditional malware and sophisticated threats. Monitoring can help identify known threats as they arise and detect minute details that indicate the presence of advanced threats. Hackers are always developing new ways to enter networks undetected through fileless malware or malicious code injection. Monitoring capabilities will improve a team’s ability to detect anomalies caused by outside actors and threats.

**Analysis and deterrence —** EDR software improves a security organization’s ability to review the data associated with security events, data breaches, and network attacks. The data collected from these events can be reviewed back to the initial onset and used to identify the vulnerability or exploit used. Once identified, security teams and software developers can work collectively to resolve flaws and prevent similar attacks from occurring in the future.

### What are the common features of EDR products?

**Detection—** Detection capabilities result from monitoring practices. Monitoring collects information about properly functioning systems and can be applied to identify abnormal behavior or functionality. Once identified, IT and security professionals are alerted and directed through the review and resolution processes.

**Containment —** Once threats are present within an endpoint device, access must be restricted from the greater network and additional endpoints. Often referred to as quarantine features, these capabilities can help protect a network when a threat is detected.

**Remediation—** As threats are discovered, they must be dealt with. EDR software allows individuals and security teams to track incidents back to their onset and identify suspicious actors or malware.

**Investigation—** After incidents occur, EDR tools&amp;nbsp;collect large amounts of data associated with the endpoint device and provide a historical record of activities. This information can be used to quickly identify the cause of an incident and prevent its reoccurrence in the future.

#### Additional EDR features

**Behavioral analysis—** Behavior analysis capabilities allow administrators to gain valuable insights into end-user behavior. This data can be used as a reference for monitoring features to compare against and detect anomalies.

**Real-time monitoring —** Real-time and continuous monitoring capabilities allow security professionals to constantly monitor systems and detect anomalies in real time.

**Threat data documentation—** Event data recording capabilities automate the collection and curation of incident data. This information can alert security teams of the performance and health of a company&#39;s endpoint-enabled devices.

**Data exploration —** Data exploration features allow security teams to review data associated with security incidents. These data points can be cross-referenced and analyzed to provide insights on better protecting endpoints in the future.

### Potential issues with EDR solutions

**Endpoint variety—** Endpoints come in many shapes and sizes, from laptops and servers to tablets and smartphones. A business should ensure that all types of endpoints connected to its network are compatible with a chosen EDR solution. This is especially important for businesses with a large number of BYOD devices that run different operating systems and applications.

**Scalability —** Scale refers to the size and scope of your network of connected endpoints. It’s a major consideration because some EDR tools may only facilitate monitoring on a specific number of devices or limit the number of concurrent investigations or remediations. Companies with large pools of endpoints should be sure the solutions they consider can handle the number of endpoints and provide adequate monitoring for the scale of their business and projected growth.

**Efficacy —** Efficacy refers to the actual functional benefit of using a software solution. Companies may be wasting their time if security teams are inundated with false positives or conflicting results. This is a key identifier in user reviews and third-party evaluations that buyers should consider when evaluating a product.

**Administration and Management —** Companies adopting EDR for the first time should be sure they have sufficient staff equipped with skills relevant to using EDR software. Smaller, growing businesses may not be best suited for adopting complex security systems and may be better served using managed services until the need for security matches their ability to deliver.

### Software and services related to EDR software

EDR software is one member of the endpoint protection and security family. These tools provide the remediation component of the endpoint protection process but not all of the prevention and management components in other endpoint security software.

[**Endpoint protection suites**](https://www.g2crowd.com/categories/endpoint-protection-suites? __hstc=171774463.81494f0ac47c15794fea57ed705405f2.1607315526284.1610948873867.1611035647295.58&amp;__ hssc=171774463.13.1611035647295&amp;__hsfp=669407890) **—** Endpoint protection suites are sophisticated platforms containing capabilities across all segments of the endpoint security technology world. They include virus and malware protection as well as the administration and management of endpoint devices.

[**Endpoint antivirus software**](https://www.g2.com/categories/antivirus) **—** Antivirus technologies are some of the oldest solutions for endpoint security. These tools help prevent malware, computer viruses, and other threats from compromising an endpoint device. These capabilities are present in many security technologies, but antivirus software is specifically dedicated to this kind of protection.

[**Endpoint management software**](https://www.g2.com/categories/endpoint-management) **—** Endpoint management software documents, monitors, and manages endpoints connected to a network. These tools ensure that only approved devices access a company’s network and require connected devices to pass specific security requirements before gaining access. This may mean implementing software updates, security scans, or user authentication processes.

[**Endpoint security services**](https://www.g2.com/categories/endpoint-security-services) **—** Endpoint security services are a form of managed security services that are often the go-to for organizations without dedicated security staff. These solution providers deliver services surrounding the entire endpoint security stack to reduce a business’s need to manage day-to-day tasks and resolve issues directly. These services will not provide the same level of customization or control but will provide a business with peace of mind until they are capable of handling security issues in-house.

**Incident response software—** Incident response software is a term for general security incident management and threat remediation tools. These products are designed to facilitate incident investigation and solve them at the point of attack. These tools may provide some similar forensic analysis capabilities but often do not provide the same endpoint monitoring and control functionality.