We changed our name from IT Central Station: Here's why
Get our free report covering Trend Micro, Microsoft, Broadcom, and other competitors of Trend Micro Smart Protection. Updated: January 2022.
564,143 professionals have used our research since 2012.

Read reviews of Trend Micro Smart Protection alternatives and competitors

Director of IT at a tech services company with 51-200 employees
Real User
Top 20
Responsive and fast support, easy to deploy, well-tuned to ignore false positives
Pros and Cons
  • "We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
  • "It would be nice if the dashboard had some more information upfront, and looked a little better."

What is our primary use case?

We use this product for endpoint security and threat remediation.

How has it helped my organization?

The fact that this is a cloud-native solution that provides us with flexibility and always-on protection is absolutely important, especially with a good majority of our staff working remotely, now.

We've had security incidents that occurred and within a matter of just a couple of minutes, they were completely remediated and fixed and we didn't even have to think about it. We just got the report after the fact.

Falcon's ability to prevent breaches is excellent. It's affected us in that we haven't had any downtime as a result of breaches or any malware or anything like that. Ultimately, it's given us a lot of our time back. On the IT side, this is at least five to ten hours per week. On the user side, it is probably more.

What is most valuable?

The most valuable feature is threat remediation. We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur.

CrowdStrike takes care of all of the updates, so we don't even think about it or see it. This is great because we definitely spent a lot of time doing that kind of thing with our previous solution. Now that we haven't had to do it in four months, it's not even something we consider anymore.

We use both the endpoint and cloud workload protection and the detection and prevention it provides are excellent. It's tuned well to the fact that there can be a lot of false positives, so there's not a lot of potential issues that we're getting alerted about that aren't real. This means that when we do get alerts, we know that they're real and they're already being remediated for us.

What needs improvement?

It would be nice if the dashboard had some more information upfront, and looked a little better. Having a cooler dashboard is nice to have, although it is not as important as the functionality, which is very good.

For how long have I used the solution?

I have been using CrowdStrike Falcon for approximately four months.

What do I think about the stability of the solution?

The stability is great and we haven't had a single issue.

What do I think about the scalability of the solution?

It was originally deployed to 200 users and we haven't really grown since we started, so I can't speak to scalability. This represents 100% adoption in our organization, and there are no current plans to grow. As we hire more people, our usage will increase.

There are two people who work with it on a daily basis. There is the director of IT and a network administrator.

How are customer service and technical support?

The technical support is excellent. I've only used it a couple of times and they were extremely responsive and very fast.

Which solution did I use previously and why did I switch?

Prior to implementing CrowdStrike, we used BlackBerry Cylance. We switched for the ability to have full remediation so that we didn't have to do it ourselves. Also, this product is pretty much best-in-class for endpoint protection.

The only real difference that we have found with CrowdStrike, compared to Cylance, is that we no longer have to spend time remediating our issues. The detection and prevention capabilities are similar, although, with CrowdStrike, we have fewer false positives.

How was the initial setup?

The initial setup is extremely easy. It took me about five minutes to deploy it to my entire organization of about 200 users. The single-center process is extremely important because it's something that we were worried about, but it turned out to be a non-issue because it only took five minutes and we haven't had to think about it again.

We initially had a plan for deployment but once we found out how easy it really turned out to be, it was basically a one-step plan.

What was our ROI?

Our return on investment comes from the fact that there is less downtime for people that do get malware and other such problems. That is something that can be quantified.

What's my experience with pricing, setup cost, and licensing?

We made use of the free trial and the process for getting set up was extremely easy. We spoke to our sales rep and in our discussions and demos, they offered the free trial. We accepted, they sent me a link and I downloaded the agent. I was then able to install it and login in less than five minutes.

Having the free trial was very important in making our decision to implement CrowdStrike because without being able to test it, it's not something that we would have chosen.

The pricing is definitely high but you get what you pay for, and it's not so high that it prices itself out of the market. That said, it's definitely one of the highest. There are no costs in addition to the standard licensing fees and the fact that it's keeping us safe, and it's proven that it works, is worth it.

Which other solutions did I evaluate?

We evaluated solutions from several vendors including Sophos, Trend Micro, McAfee, Kaspersky, and perhaps another one. A lot of these other endpoint solutions don't offer a full remediation option, and that was a big deal for us.

Also, reputation was important. We had used a couple of others in the past and there were issues where they would make an update that would negatively affect all of our computers. For example, our users could no longer access certain important websites. We haven't had that problem with CrowdStrike.

In terms of ease of use, CrowdStrike is extremely easy. Comparatively, we've had less time in the administration console than we have previously.

What other advice do I have?

My advice for anybody who is looking into implementing CrowdStrike is to go ahead and do it. There is nothing to worry about and they deliver as promised.

I would rate this solution a nine out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Systems Administrator at a legal firm with 51-200 employees
Real User
Top 20
Intuitive, easy to use, and does a good job of catching and stopping things for the most part and has a unique rollback feature
Pros and Cons
  • "It is intuitive and easy to use. For the most part, it does a good job of catching things. It is good at stopping stuff. I did a couple of tests with a password cracker. I tried to load that on, and Malwarebytes didn't let me do that, which was pretty good. It has a rollback feature that I haven't seen with any other company. If one of your endpoints are hit with mass ransomware, you could actually roll it back. I watched a demo of them do that, and it was pretty sweet."
  • "The EPP solution lacks the sophisticated artificial intelligence required for automating reports and letting you know about things in real-time. It stops a suspicious activity in real-time, but it doesn't let you know in real-time. You have to look at a report, and then you find out that something is wrong. You have to manually kick off a scan. With the Advanced EDR solutions, Malwarebytes has the ability to alert you in real-time, but they still don't do automatic remediation or quarantining of devices. That is something that you still have to do manually. So, the endpoint protection piece, which is just like their basic endpoint protection, lacks AI. For the advanced detection and response piece, there is an add-on that comes with it, but it still doesn't go far enough in terms of automatic remediation of viruses. It won't separate that virus from your network if something happens. You have to manually go there and do it."

What is our primary use case?

We just needed something that was intuitive and easy to use. It had a good record for catching viruses in the wild and things like that.

We have the cloud endpoint solution, so it is cloud Malwarebytes or the cloud EPP.

What is most valuable?

It is intuitive and easy to use. For the most part, it does a good job of catching things. It is good at stopping stuff. I did a couple of tests with a password cracker. I tried to load that on, and Malwarebytes didn't let me do that, which was pretty good.

It has a rollback feature that I haven't seen with any other company. If one of your endpoints are hit with mass ransomware, you could actually roll it back. I watched a demo of them do that, and it was pretty sweet.

What needs improvement?

The EPP solution lacks the sophisticated artificial intelligence required for automating reports and letting you know about things in real-time. It stops a suspicious activity in real-time, but it doesn't let you know in real-time. You have to look at a report, and then you find out that something is wrong. You have to manually kick off a scan.

With the Advanced EDR solutions, Malwarebytes has the ability to alert you in real-time, but they still don't do automatic remediation or quarantining of devices. That is something that you still have to do manually. So, the endpoint protection piece, which is just like their basic endpoint protection, lacks AI. For the advanced detection and response piece, there is an add-on that comes with it, but it still doesn't go far enough in terms of automatic remediation of viruses. It won't separate that virus from your network if something happens. You have to manually go there and do it.

For how long have I used the solution?

I have been using this solution since 2016.

What do I think about the stability of the solution?

Its stability is fine. I haven't had any problems. The only thing is that it catches some of the programs as viruses. We have a program called Poll Everywhere that some of our staff members use, and Malwarebytes flagged it as a virus. Very often, we have to go in and update the hash on this particular software. Malwarebytes catches a lot of things like that. It is good I guess, but there are a lot of false positives.

What do I think about the scalability of the solution?

It is easy to scale, but it depends on what your organization is. If your organization has a lot of PII and you are a large company, then you might want to look at a different type of solution. One of the reports that we got back for Malwarebytes said that it is too commercial, and it is for big businesses like law firms and stuff like that, and we should probably use something else, but that was it. Malwarebytes also had a bad report in third-party testing. This company tests a product against all these viruses in the wild, and apparently, it did pretty poorly in that.

How are customer service and technical support?

Tech support is good. I haven't called them. You don't really have to call them because it is good at stopping stuff. 

Which solution did I use previously and why did I switch?

We switched to Malwarebytes from Sophos. Sophos provided good protection, but the customer support was just awful. We had to get away from them for that reason. Sophos also made it really difficult for even an admin to remove a product. Sometimes we had problems with the application, and we wanted to uninstall and re-install it, but it was just a nightmare trying to get that stuff off. It is a plus when you are trying to uninstall somebody's antivirus, but it is just hard for an admin who has a legitimate reason for going in there and removing it.

How was the initial setup?

The initial setup was straightforward. In terms of the implementation strategy, the only thing that we had to do was to create policies to turn off Windows Defender. It is recommended that you don't have two antiviruses running at the same time. We did that with a GTO, and then we pushed out the software through group policy. It was a big process because we had Sophos. We had to get Sophos off the machines and then deploy Malwarebytes.

What's my experience with pricing, setup cost, and licensing?

Its cost is around $60 a machine. The cost of the total solution for 250 people is about $8,500 a year. If we add EDR to it, it will bring that cost up to about $15,000. The cost for Carbon Black is about $25,000, which is $10,000 more, but you get all AI functions with it.

Which other solutions did I evaluate?

We evaluated Carbon Black and Trend Micro. We had a demo with Carbon Black. It is a really good solution, but it is expensive, and there is a learning curve associated with it,

We use a research company. We had a meeting with them, and they gave us an initial bad report with Malwarebytes. The researcher thought that we were this huge company, whereas we only have 150 employees. The same person wrote a report saying that Malwarebytes was good. The report they gave us at a meeting contradicted another report they gave us.

What other advice do I have?

If you're a small company with less than 500 people, the Malwarebytes EDR solution is a good fit. It is also a good solution if:

  • You don't have any DOD requirements for your data.
  • You don't have a lot of PPI.
  • You don't have a lot of confidential documents in your environment.

If you have strict DOD regulations or something like that, you might want to look at Carbon Black and Trend Micro.

I would rate Malwarebytes an eight out of ten.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CISO at a media company with 10,001+ employees
Real User
Easy to deploy and configure, stable, and has good support
Pros and Cons
  • "Morphisec is a no-brain solution that is efficient and very stable."
  • "The weakest point of this product is how difficult it is to understand the reasons for an alert. This is a problem because it is hard to determine whether an attack is real or not."

What is our primary use case?

I am a consultant for a cybersecurity company and I'm active as CSO for several customers. 

We use this product to provide protection against viruses and other threats.

How has it helped my organization?

This solution automatically blocks threats, which is important to us because we're a small team. We don't have a lot of incidents and we don't do any investigation into them.

I can't say whether using Morphisec has reduced our team's workload, although I can say that it hasn't increased it. That's a good point.

What is most valuable?

The most important point for me is to have technology that does not require any interaction. We don't have a need to understand the way in which Morphisec detects threats. We have a small security team and we want a solution that we can set and forget. This product makes it easy to prevent breaches, even with a small team.

What needs improvement?

The weakest point of this product is how difficult it is to understand the reasons for an alert. This is a problem because it is hard to determine whether an attack is real or not. It blocks the behavior automatically but it is quite difficult to check the reason for this, and it is something that we are discussing with Morphisec.

We need to have better reporting features that are able to produce KPIs that we can show to management. Improved analytics reports would help us to understand what type of attack it is and how it was able to reach a particular computer.

For how long have I used the solution?

I have been working with the Morphisec Breach Prevention Platform for approximately four years.

What do I think about the stability of the solution?

The stability is perfect. We have never had any issues.

What do I think about the scalability of the solution?

The size of our perimeter is quite stable and is limited to between 3,000 and 4,000 computers. As such, it's hard for me to say how easy it is to scale. For example, I wouldn't know how well it works for 10,000 or 100,000 computers, although I don't think that it's an issue with Morphisec.

We are considering expanding the use of this product by installing it on our servers. However, that plan is not active for the moment.

There are five people in charge of using the solution for security analysis and configuration.

How are customer service and support?

We have a good relationship with Morphisec. The product is working well and we don't need a lot of support but when we have a specific question or when we want new features, they answer us quickly and well.

Overall, we are very satisfied with the support.

Which solution did I use previously and why did I switch?

We were using another antivirus technology prior to this, and we switched because we wanted to have better coverage. We met Morphisec during a technology trip and we decided to deploy it, giving us better coverage against the attacks.

In my role as CSO for several customers, I have used different solutions. These include SentinelOne and CrowdStrike, and we currently use Trend Micro.

I don't think that these are competitors because they do things differently, but we can compare the results and the interfaces. Morphisec is a no-brain solution that is efficient and very stable. It probably covers fewer attacks and is less technical than competitors but what they do, they do perfectly. The workload on our staff is very low compared to a product like CrowdStrike when we need to have our experts analyze the results so that we can understand them.

How was the initial setup?

The initial setup was straightforward. It is really easy to deploy and configure.

Our deployment took perhaps three months, although the delay was not due to Morphisec. Rather, it was a result of the time it took to deploy things on our computers. We were able to get the service running in one or two days.

As part of our implementation, we tried a number of different tasks. We worked mainly with the business teams to ensure that we weren't getting any false positives.

What about the implementation team?

We worked directly with the Morphisec team. They had a small team, four years ago.

On our side, there was me and one of my engineers. For me, there is no workload due to Morphisec. The only time that I work on it is when we are deploying it for a new client. 

Which other solutions did I evaluate?

We did a pilot with the product and we tested it with certain attacks from within our team. We could tell from these tests that the solution was able to block the types of attacks that we wanted to protect ourselves against.

What other advice do I have?

This product provides us with full visibility into security events with Microsoft Defender and Morphisec in a single dashboard, although this is not a focal point for us because we do not use Defender. We use Trend Micro for protection.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
Network Administrator at a tech services company with 51-200 employees
Reseller
Top 5
Not just another simple virus-scanning product, but it does not handle removable USB drives well
Pros and Cons
  • "It is not just a simple virus scanning product. It handles more advanced needs."
  • "This product does not handle USB drives well."

What is our primary use case?

We use Intercept X Advanced along with Sophos EDR (Enhanced Data Detection and Response).  

We use it for our servers and clients as advanced protection. It is not just a simple virus scanning product.  

We use it to work with clients and it is installed on five servers. At this time we have only installed it at one customer site. But we plan to continue to expand.  

What is most valuable?

The most valuable part of the solution in our use case is client isolation. It is a good feature.  

What needs improvement?

What I think Sophos can improve is with the data-loss feature, especially when it comes to using USB sticks and USB hard disks. The feature blocks access to these USB sticks and disks and there seems to be no immediate workaround for that. Our customer was not satisfied with the feature. We actually ended up having to deactivate this feature because it is too aggressive and could not meet the client's needs.  

For how long have I used the solution?

We started using Sophos Intercept X in December of 2019.  

What do I think about the stability of the solution?

We have not had a problem at all with the stability.  

What do I think about the scalability of the solution?

It is easy to scale this product. As far as the typical organization size that it fits, I would say it is suited for smaller and medium-sized companies. We have not yet installed it at a large customer site, so I cannot answer about large or enterprise companies specifically.  

How are customer service and technical support?

To this point, I have not had a need to use Sophos support for Intercept X specifically.  

I have used Sophos support for other products that we use. Sophos support for XG is okay if it is just regarding questions about the product. I did not have any problems with them in getting a good answer to questions about the product or installations. But when it comes to device defects, then it can take four to six weeks to get a solution. In that case, the support is really not satisfactory. It does not satisfy me and it is really unacceptable.  

Which solution did I use previously and why did I switch?

We did use other solutions in the past, including Trend Micro, Symantec, and Kaspersky. The main difference between Sophos Intercept X and the other products is the client reservation feature. I believe that is a standalone point for Sophos as it is the only product that has it. It allows particular hosts to always use the same IP address which is sometimes desirable.  

The administration of Trend Micro is one thing which I like about that product. It is very easy to use. I would say that Trend Micro is better than Sophos on that point.  

We switched to Sophos because we are selling Sophos firewalls already. The Sophos Intercept X product works better with these firewall solutions than other virus scanning products from different vendors. We decided to keep to the same vendor for a more unified solution.  

We started to work with Sophos Endpoint Protection originally and we are on Bonfire XG as well. It is convenient to expand out working with the brand as a partner.  

How was the initial setup?

The initial setup for the product is not simple. It is medium to complex to install and setup.  

After deploying it takes only me and the customer team for maintenance. Really one person can do it. So there is just one person at my company and I have communication with one colleague at the customer site.  

What about the implementation team?

We did not need outside help from a vendor to handle the deployment. I did it myself and we are a partner with Sophos.  

What other advice do I have?

Advice that I would have for people considering using virus scanning is that I, personally, would not use Sophos Endpoints. That is the simplest edition of the Sophos virus protection product line. I would use Intercept X Advanced as the entry-level product as the other, simpler product, is not robust enough to provide acceptable protection for businesses in my estimation.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Sophos Intercept X as a seven. First, I never give a ten because every product can be improved. Second, I subtract two points because of my experience with the data loss feature and how it behaves with USB drives.  

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Network and Security Specialist at a government with 51-200 employees
Real User
Top 10
It's reliable and secure, but the monitoring and notifications could be more detailed
Pros and Cons
  • "The performance is good. It doesn't use a lot of resources, which is crucial for us."
  • "Kaspersky and most other security products have a lot of modules. They recently added several new ones. You find yourself buying and deploying so many things. There are some modules that everyone uses, like, for example, the orchestration module. Instead of selling them separately, it would be better to have bundles or an all-in-one license."

What is our primary use case?

We install Kaspersky to protect our endpoints for clients and servers. In the past, Kaspersky had different solutions for the clients and servers. We use the solution for protection from viruses, malware, etc., on the client's side.

I'm not sure if we'll increase usage of Kaspersky or try another solution. We are having discussions now with Trend Micro because we have new business requirements, and we want to see all the different capabilities that are there.

When we started with Kaspersky, it was an antivirus system, but now they've added endpoint protection, so it has more capabilities. Trend Micro has the same product and engine for clients and servers. We are using another product from Trend Micro that will integrate these products, which is better than having different solutions. For now, we're still using Kaspersky, but in the future, I think we'll move to Trend Micro.

What is most valuable?

With Kaspersky in place, we haven't faced any problems with viruses, ransomware, or anything like that. 

What needs improvement?

If something critical happens, Kaspersky will alert the admin or SOC team about it. I think Kaspersky's reporting, monitoring, and notifications should be more detailed.  

In my case, different admins are responsible because we have various departments. There is one admin per department. We don't need to receive all the notifications. We can receive only the critical alerts, but the other admins need to get all of them. That's one area where Kaspersky needs improvement.

For how long have I used the solution?

I've been using Kaspersky for five or six years.

What do I think about the stability of the solution?

The performance is good. It doesn't use a lot of resources, which is crucial for us. However, the performance wasn't optimal out of the box. It needed some tuning on it to be sure that it is the best configuration. Kaspersky is reliable. I can't recall any time we had crashes or downtime.

What do I think about the scalability of the solution?

Kaspersky is highly scalable. Right now, we have more than 500 users in various departments, including regular employees and managers.

How are customer service and support?

Kaspersky support is fast and good.

How was the initial setup?

Setting up Kaspersky isn't complex at all. It's straightforward. You install the server, and then you can install the agent remotely. It didn't take very long either. For post-installation maintenance, we have different sites, and each site has an engineer responsible for handling Kaspersky. The product doesn't necessarily require this many engineers. It's only because we have different locations. Right now, we have five or six engineers across the various sites.

What about the implementation team?

We used a Kaspersky partner for implementation. They were very good.

What's my experience with pricing, setup cost, and licensing?

I don't remember exactly what the licenses cost, but it's not too expensive. It's affordable,
especially when you are dealing with on-prem. However, I don't know about the new prices because we are in the process of buying support. We've owned the license for a long time, and we are now bringing in the support, so we are not paying much for this.

Kaspersky and most other security products have a lot of modules. They recently added several new ones. You find yourself buying and deploying so many things. There are some modules that everyone uses, like, for example, the orchestration module. Instead of selling them separately, it would be better to have bundles or an all-in-one license. That would save the customers from having to do lots of implementations. As far as I know, they do not have a bundled license. 

What other advice do I have?

I rate Kaspersky Endpoint Security seven out of 10. I think Kaspersky is one of the best products for small and medium-sized businesses. It doesn't need that much experience for implementation and support. I would suggest that new users be patient when they're tuning in the first implementation. They might find that the system uses a lot of resources and the machines become slow. But after spending some time tuning, the product will work fine.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Get our free report covering Trend Micro, Microsoft, Broadcom, and other competitors of Trend Micro Smart Protection. Updated: January 2022.
564,143 professionals have used our research since 2012.