Try our new research platform with insights from 80,000+ expert users

ConnectWise SIEM vs Cybereason Endpoint Detection & Response comparison

ConnectWise and LevelBlue are both solutions in the Endpoint Detection and Response (EDR) category. ConnectWise is ranked #54 with an average rating of 6.0, while LevelBlue is ranked #28 with an average rating of 7.7. ConnectWise holds a 0.7% mindshare in EDR, compared to LevelBlue’s 1.2% mindshare. Additionally, 66% of ConnectWise users are willing to recommend the solution, compared to 85% of LevelBlue users who would recommend it.
Sponsored
Cortex XDR by Palo Alto Net...
Read 108 Cortex XDR by Palo Alto Networks reviews
  • 14,649 Views
  • 8,057 Comparison Views
96% willing to recommend
ConnectWise SIEM
Read 3 ConnectWise SIEM reviews
  • 2,378 Views
  • 832 Comparison Views
66% willing to recommend
Cybereason Endpoint Detecti...
Read 22 Cybereason Endpoint Detection & Response reviews
  • 4,160 Views
  • 2,704 Comparison Views
85% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

Cybereason Endpoint Detection & Response and ConnectWise SIEM are both robust cybersecurity solutions. Cybereason's user satisfaction with support and overall value gives it an edge, but ConnectWise SIEM stands out with its advanced feature set making it worth the investment.

Features: Cybereason Endpoint Detection & Response is praised for its robust threat detection capabilities, real-time response, and automation features. ConnectWise SIEM is highly valued for its comprehensive monitoring, incident response, and customizable dashboards. Users highlight ConnectWise's deeper insights and flexibility as superior.

Room for Improvement: Users of Cybereason mention improved integration with other tools, better reporting features, and enhanced user interface. ConnectWise SIEM users suggest a more intuitive setup process, improved training resources, and streamlined configuration. Differences lie in Cybereason focusing on integration and reporting, while ConnectWise needs to address setup and training.

Ease of Deployment and Customer Service: Cybereason Endpoint Detection & Response's deployment is reported as straightforward and quick, with effective customer service. ConnectWise SIEM requires more initial configuration and setup time, although users appreciate the available customer support once operational. Cybereason is more efficient in deployment, but both provide commendable customer service.

Pricing and ROI: Cybereason Endpoint Detection & Response is found to be competitively priced offering good ROI according to user reviews. ConnectWise SIEM, though more expensive, delivers strong ROI through its extensive features and capabilities. Differences point to Cybereason being cost-effective, while ConnectWise justifies its price with feature strength.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ConnectWise SIEM vs. Cybereason Endpoint Detection & Response Report (Updated: March 2026).
Buyer's Guide
ConnectWise SIEM vs. Cybereason Endpoint Detection & Response
March 2026
Download the complete report
Helped 884,933 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
7th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
108
Ranking in other categories
Endpoint Protection Platform (EPP) (5th), Extended Detection and Response (XDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (2nd)
ConnectWise SIEM
Ranking in Endpoint Detection and Response (EDR)
54th
Average Rating
8.6
Reviews Sentiment
6.6
Number of Reviews
3
Ranking in other categories
Security Information and Event Management (SIEM) (51st), Secure Access Service Edge (SASE) (21st), Managed Detection and Response (MDR) (25th)
Cybereason Endpoint Detecti...
Ranking in Endpoint Detection and Response (EDR)
28th
Average Rating
7.8
Reviews Sentiment
5.6
Number of Reviews
22
Ranking in other categories
Endpoint Protection Platform (EPP) (38th)
 

Mindshare comparison

As of March 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.4%, down from 4.0% compared to the previous year. The mindshare of ConnectWise SIEM is 0.7%, up from 0.2% compared to the previous year. The mindshare of Cybereason Endpoint Detection & Response is 1.2%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.4%
Cybereason Endpoint Detection & Response1.2%
ConnectWise SIEM0.7%
Other94.7%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
ABHISHEK_SINGH
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Read full review
reviewer2711757 - PeerSpot reviewer
reviewer2711757
Cyber Security Software Engineer at a tech services company with 11-50 employees
Automated alerting and reporting excel while cost and feature limitations remain
I find automation to be one of the best and most valuable features of the product. Machine learning is incorporated into the solution, though AI is a broader term that I wouldn't apply here. I haven't personally explored AI yet, but I will investigate it. Machine learning functions more as automation in my experience, as there's no training involved yet. I want to conduct R&D on another project with Wazuh to determine how to capture usage, for example, tracking user logins and time spent. This is where I need to implement machine learning. Additionally, the extraction of GeoIP adds complexity. The solution is effectively reducing incident response times in operations.
Read full review
Ivan Burke - PeerSpot reviewer
Ivan Burke
Head of Research Development and Innovation at CSIR
Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments
I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application."
"I've found the solution to be highly scalable for enterprises."
"The initial setup is easy."
"The product has an intuitive dashboard."
"Cortex XDR by Palo Alto Networks's ability to block sophisticated threats in real time is quite good and is on par with SentinelOne's."
"From a single pane of glass, you can easily manage all of your endpoints."
"It's very stable. I've never experienced downtime for the ASM console or ASM core."
"One of the main benefits of the solution is its intelligence to correlate the events into an incident."
More Cortex XDR by Palo Alto Networks pros
"We have found the solution has great functionality and it is easy to use."
"One valuable feature of ConnectWise Fortify is the ability to add other teams and receive notifications when customers make changes or remove multi-factor authentication in Microsoft or SAP environments."
"The integration capabilities of ConnectWise SIEM are off the shelf, making it easy to buy and use; you just unpack it and use it."
"With Cybereason, we can never fail any business type because of the antivirus detection."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."
"What I find most valuable is the clarity of the platform."
"What I find most valuable is the clarity of the platform. It is very straightforward."
"The interface is user-friendly."
"If a file was infected on somebody's laptop or workstation, then it is now easier for us to understand what the impact is on the environment, as the Cybereason product enables me to go directly into the software, look up the process, see who were the dealers, what were the websites, what were the IP addresses which were contacted, and detect if there were other systems which were impacted or if my environment was compromised."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
More Cybereason Endpoint Detection & Response pros
 

Cons

"The setup is quite easy. We had appropriate support from the manager. One thing that was missing was the integration part."
"When it comes to malware files, it should be a little quick because, at times, it would give a wrong result in the sense of what it might be on malware, even if it still might be a normal one."
"They are charging for Network Traffic Analyzer (NTA) services, so if the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better."
"Dashboards do not allow everyone to see what's happening."
"If Palo Alto reduces the pricing slightly for their products, it would make them more scalable in markets such as India and globally for cybersecurity."
"A little bit more automation would be nice."
"The product's pricing needs improvement. They could provide more discounts. Additionally, the dashboard and control panel could be enhanced."
"The tool needs to be improved in terms of integration and interface."
More Cortex XDR by Palo Alto Networks cons
"The manage portion of the solution is complicated and should be simplified by having different versions to meet the needs of different size companies."
"ConnectWise SIEM is primarily focused on notifications and is limited in that aspect, while Wazuh can automate the elimination process."
"ConnectWise Fortify could work on covering more areas, like phishing messages, which have become more complicated to detect."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"Technical support needs to improve."
"It initially took some time to deploy."
"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"They need to improve their technical support services."
"There can be problems with the Electronic Data Interchange (EDI). The reporting feature needs improvement."
"The product's reporting isn't great."
"The reporting feature needs improvement."
More Cybereason Endpoint Detection & Response cons
 

Pricing and Cost Advice

"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"I feel it is fairly priced."
"Cortex XDR is a costly solution."
"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"Every customer has to pay for a license because it doesn't work with what you get from a managed services provider."
"The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month."
"Very costly product."
More Cortex XDR by Palo Alto Networks pricing and cost advice
"The solution is expensive."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
"In terms of pricing, it's a good solution."
"This product is somewhat expensive and should be cheaper."
"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
"I do not have experience with the licensing of the product."
"In terms of cost, this is a good choice for our needs."
More Cybereason Endpoint Detection & Response pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
See recommendations
884,933 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
9%
Manufacturing Company
9%
Financial Services Firm
9%
Comms Service Provider
7%
Computer Software Company
22%
Comms Service Provider
8%
University
8%
Financial Services Firm
6%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
10%
Outsourcing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise20
Large Enterprise47
No data available
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise4
Large Enterprise13
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
See all answers
What needs improvement with ConnectWise Fortify?
I haven't utilized the advanced threat intelligence capabilities with ConnectWise SIEM. Advanced threat intelligence ...
See all answers
What is your primary use case for ConnectWise Fortify?
I do not have experience with ConnectWise SIEM for RMM, as I mostly work on Wazuh, and I have a team that handles Con...
See all answers
What advice do you have for others considering ConnectWise Fortify?
The review can be made anonymous if just my name and not the company name is used. I would assess the real-time visib...
See all answers
What is your primary use case for Cybereason Endpoint Detection & Response?
My main use case for Cybereason Endpoint Detection & Response is mostly for incident response.
See all answers
What needs improvement with Cybereason Endpoint Detection & Response?
When it comes to advanced threats, it sometimes helps me with finding them and hunting them down with threat detectio...
See all answers
What advice do you have for others considering Cybereason Endpoint Detection & Response?
I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR compone...
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 9% of the time
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Compared 6% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks
Compared 3% of the time
More Cortex XDR by Palo Alto Networks Competitors
Check Point Harmony SASE (formerly Perimeter 81) vs ConnectWise SIEM Logo
Check Point Harmony SASE (formerly Perimeter 81) vs ConnectWise SIEM
Compared 5% of the time
Zscaler Zero Trust Exchange Platform vs ConnectWise SIEM Logo
Zscaler Zero Trust Exchange Platform vs ConnectWise SIEM
Compared 4% of the time
CrowdStrike Falcon Complete MDR vs ConnectWise SIEM Logo
CrowdStrike Falcon Complete MDR vs ConnectWise SIEM
Compared 3% of the time
CompassOne by Blackpoint Cyber vs ConnectWise SIEM Logo
CompassOne by Blackpoint Cyber vs ConnectWise SIEM
Compared 3% of the time
Versa Unified Secure Access Service Edge (SASE) Platform vs ConnectWise SIEM Logo
Versa Unified Secure Access Service Edge (SASE) Platform vs ConnectWise SIEM
Compared 3% of the time
More ConnectWise SIEM Competitors
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response Logo
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response
Compared 10% of the time
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response Logo
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response
Compared 7% of the time
Fortinet FortiEDR vs Cybereason Endpoint Detection & Response Logo
Fortinet FortiEDR vs Cybereason Endpoint Detection & Response
Compared 4% of the time
Intercept X Endpoint vs Cybereason Endpoint Detection & Response Logo
Intercept X Endpoint vs Cybereason Endpoint Detection & Response
Compared 4% of the time
ESET Inspect vs Cybereason Endpoint Detection & Response Logo
ESET Inspect vs Cybereason Endpoint Detection & Response
Compared 3% of the time
More Cybereason Endpoint Detection & Response Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2026
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Security Information and Event Management (SIEM)
March 2026
ConnectWise SIEM reportDownload ConnectWise SIEM product report
Buyer's Guide
Cybereason Endpoint Detection & Response
March 2026
Cybereason Endpoint Detection & Response reportDownload Cybereason Endpoint Detection & Response product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
ConnectWise Security Management, ConnectWise Fortify, Continuum Fortify, ConnectWise SIEM, ConnectWise SASE
Cybereason EDR, Cybereason Deep Detect & Respond
 

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?
  • Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
  • Multi-layered Security: Combines various security measures for comprehensive protection.
  • Endpoint Protection: Safeguards against malware and exploits.
  • Behavioral Analysis: Monitors suspicious activity for early detection.
  • Automatic Threat Response: Automates responses to neutralize threats.
What benefits should users expect?
  • Ease of Use: Simplifies security management with intuitive design.
  • Resource Efficiency: Minimizes impact on system resources.
  • Integration Capabilities: Works well with existing security setups.
  • Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

IT solution providers are the first—and often only—line of defense for every kind of business in every part of the world. Whether managing mom-and-pop businesses or high-profile clients, providing preventive security measures is a must-have in today’s cybersecurity landscape. Security information and event management (SIEM) solutions offer an additional layer of security for your clients; however, most SIEM solutions are routinely difficult to manage, expensive to deploy, and require a significant amount of in-house cybersecurity expertise.

ConnectWise SIEM offers a powerful alternative to expand your security perspective to both prevention and detection. The solution includes comprehensive, flexible SIEM software that streamlines safety and security across your network without additional full-time employee costs or complicated implementations.

ConnectWise

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

LevelBlue
 

Sample Customers

CBI Health Group, University Honda, VakifBank
Techvera, Syrex, Clark Integrated Technologies
Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Buyer's Guide
ConnectWise SIEM vs. Cybereason Endpoint Detection & Response
March 2026
Free Report: ConnectWise SIEM vs. Cybereason Endpoint Detection & Response
Find out what your peers are saying about ConnectWise SIEM vs. Cybereason Endpoint Detection & Response and other solutions. Updated: March 2026.
DOWNLOAD NOW
884,933 professionals have used our research since 2012.
See our ConnectWise SIEM vs. Cybereason Endpoint Detection & Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.