No more typing reviews! Try our Samantha, our new voice AI agent.

Cybereason Endpoint Detection & Response vs HP Wolf Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
4th
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
110
Ranking in other categories
Extended Detection and Response (XDR) (5th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Cybereason Endpoint Detecti...
Ranking in Endpoint Protection Platform (EPP)
36th
Ranking in Endpoint Detection and Response (EDR)
29th
Average Rating
7.8
Reviews Sentiment
5.6
Number of Reviews
22
Ranking in other categories
No ranking in other categories
HP Wolf Security
Ranking in Endpoint Protection Platform (EPP)
17th
Ranking in Endpoint Detection and Response (EDR)
46th
Average Rating
7.8
Reviews Sentiment
3.4
Number of Reviews
8
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of May 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Cybereason Endpoint Detection & Response is 1.0%, up from 0.8% compared to the previous year. The mindshare of HP Wolf Security is 4.0%, down from 6.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
HP Wolf Security4.0%
Cybereason Endpoint Detection & Response1.0%
Other91.4%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Ivan Burke - PeerSpot reviewer
Head of Research Development and Innovation at CSIR
Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments
I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.
BH
Owner at Stoneridge Engineering, LLC
Adds a layer of safety, especially for laptops operating in various environments
The tool's deployment is easy. HP Wolf Security's deployment was a swift process since it was initially compatible with Windows 10, the operating system on both machines. However, when I transitioned to Windows 11, I encountered minor issues that prompted me to delve deeper into Wolf Security to fine-tune security settings according to my preferences. While I mostly used default settings, there was an initial adjustment where I disabled the AI function related to malware. Currently, the system is running smoothly with no reported issues. Adjusting some settings raised concerns about compatibility between HP Wolf Security and Norton 360. Specifically, aspects of HP Wolf Security, such as the virtual machine component, intrigued me, but I hesitated due to potential conflicts. During my investigation, Windows 11 raised a flag, questioning the system's security settings with Norton 360 and HP Wolf Security. However, it seems that they coexist well without causing issues.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It has pretty much everything we need and works well within the Palo Alto ecosystem."
"Stability is a primary factor, and then there's the ease of distribution and policy management; Cortex XDR by Palo Alto Networks is very easy to work with, and we're quite happy with them."
"The integrations are out-of-the-box, as are the playbooks."
"Palo Alto is the core of the security infrastructure in the environment."
"It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else."
"Its interface and pricing are most valuable, and it is better than other vendors in terms of security."
"Cortex XDR can integrate the firewalls and determine the tendencies of the attacks. It's a new generation antivirus, with protection endpoints and detection response. It is very easy to use and everybody can operate the solution."
"Cortex XDR's most valuable feature is its intelligence-based dashboards."
"The initial setup was straightforward."
"To get my Cybereason instance up and running, I just install it; it takes less than a minute or two to actually install and run the installer."
"We are monitoring it by ourselves as well, however, their SOC team is monitoring and pre-alerting us all the time, every day."
"For me, the technical support is good."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"The dashboard is very good and you can consider it as an interactive UI."
"To get my Cybereason instance up and running, I just install it; it takes less than a minute or two to actually install and run the installer."
"The initial setup process is straightforward."
"Looking at it in the big picture of the risk that you're mitigating and the protection that you're getting, it's phenomenal."
"We've been able to isolate and prevent malicious code from external email attachments and from downloaded internet files. Those are the two big areas that have really made an impact."
"Bromium allows us to safely view images and quickly and safely surf our network so that we can take proper care of our patients efficiently, effectively, and expeditiously."
"The isolation feature is the most important because it prevents attacks."
"I use HP Wolf Security to add a layer of safety, especially for laptops operating in various environments."
"Our overall security posture has absolutely improved as a result of adding Bromium to our security stack."
"Our security posture has improved; it has definitely contained and prevented some malicious attacks from happening."
"It has prevented thousands of potential threats by encapsulating them within its own vSentry container, thus providing overall protection and integrity of the operating system."
 

Cons

"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
"If Palo Alto reduces the pricing slightly for their products, it would make them more scalable in markets such as India and globally for cybersecurity."
"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
"The MAC agent is not as robust feature-wise as the PC version."
"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
"We had a problem with getting our older endpoints up to date, but their newest updates have been really good."
"In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."
"In an upcoming release, the solution could improve by proving hard disk encryption. If it could support this it would be a complete solution."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"They need to improve their technical support services."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"Its Microsoft PowerShell protections still need some compatibility improvements."
"It initially took some time to deploy."
"Linux was a bad experience and Micro OS was a disaster."
"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."
"When you deploy, not only is the user asked to reboot their computer, they are also asked to wait for 20 minutes while it sits there and initializes. It definitely impacts the end-user. It takes time away from their day."
"Room for improvement would be keeping up with the rate of change, specifically on Windows platforms. There are a lot of updates that come out for Microsoft Windows operating systems and the Bromium product needs to be able to keep up quickly with those updates and all the browser updates that are coming out. It's hard to do, but that's really where they need to be more responsive because we end up with problems and then we have to call support to get patches, etc."
"Reporting is one of the shortcomings of the product. It becomes very difficult because you have to spend a lot of time digging through the volumes of data."
"I did not find this to be an out-of-the-box solution, it required planning and alignment across many groups."
"Reporting is one of the shortcomings of the product. We do mine the data that's in there from a forensics perspective... It becomes very difficult because you have to spend a lot of time digging through the volumes of data. Reporting is absolutely the biggest shortcoming."
"Room for improvement would be keeping up with the rate of change, specifically on Windows platforms."
"The tool behaves differently when I ported to Windows 11."
"They have always struggled with usability. The protection that it offers you is tremendous, but there's definitely an impact with use of resources on the computer. It's gotten a lot better now with Win 10. But sometimes, when you open up a website, it's going to take longer than it would without Bromium, and it's the same with documents."
 

Pricing and Cost Advice

"The solution is expensive. It's pricing is on a yearly-basis."
"I don't have any issues with the pricing. We are satisfied with the price."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"Its pricing is kind of in line with its competitors and everybody else out there."
"I feel it is fairly priced."
"The price of the solution is high for the license and in general."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"In terms of pricing, it's a good solution."
"The pricing is manageable."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"This product is somewhat expensive and should be cheaper."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
"I do not have experience with the licensing of the product."
"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."
"The product came as a bundle with the machine."
"Pricing is reasonable."
"The pricing is very fair compared to the competition. The licensing is straightforward."
"I think the pricing is a good value. All of these security products are always going to be very expensive, but I don't think Bromium is unreasonable. I think Bromium is decently priced. It’s a tiered licensing platform. The more you buy, the cheaper gets per unit, and I think their tiers are very well defined. I think they're fair."
"The product's pricing is a good value. We only run it on our internet-facing workstations, we don't run it on everything in our environment. We are very selective. Some organizations may want to consider doing something like that to reduce their license count."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
893,244 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
12%
Construction Company
12%
Comms Service Provider
9%
Manufacturing Company
8%
Financial Services Firm
13%
Computer Software Company
10%
Manufacturing Company
10%
Outsourcing Company
8%
Comms Service Provider
10%
Manufacturing Company
8%
Computer Software Company
8%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business45
Midsize Enterprise21
Large Enterprise48
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise4
Large Enterprise13
By reviewers
Company SizeCount
Small Business3
Large Enterprise5
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your primary use case for Cybereason Endpoint Detection & Response?
My main use case for Cybereason Endpoint Detection & Response is mostly for incident response.
What needs improvement with Cybereason Endpoint Detection & Response?
When it comes to advanced threats, it sometimes helps me with finding them and hunting them down with threat detectio...
What advice do you have for others considering Cybereason Endpoint Detection & Response?
I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR compone...
Ask a question
Earn 20 points
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Cybereason EDR, Cybereason Deep Detect & Respond
Bromium vSentry
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Valspar
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. HP Wolf Security and other solutions. Updated: April 2026.
893,244 professionals have used our research since 2012.