Alternatives to IBM QRadar EDR
Compare IBM QRadar EDR alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to IBM QRadar EDR in 2026. Compare features, ratings, user reviews, pricing, and more from IBM QRadar EDR competitors and alternatives in order to make an informed decision for your business.
-
1
ManageEngine Endpoint Central
ManageEngine
ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the entire endpoint lifecycle, all from a single console. With automated patching across Windows, Mac, Linux and 1,000+ third-party applications, it ensures vulnerabilities are mitigated before attackers can exploit them. Its next-gen antivirus (NGAV) feature, powered by AI-driven behavioural detection, provides 24/7 protection against ransomware, malware, and zero-day threats. Endpoint Central further strengthens enterprise defenses with a broad set of security capabilities, including vulnerability assessment and mitigation, peripheral device control, data loss prevention, application control, endpoint privilege management, encryption with FileVault and BitLocker, and browser security. -
2
ThreatLocker
ThreatLocker
ThreatLocker is a Zero Trust Platform that prevents cyber threats by blocking unknown applications, enforcing least privilege, and controlling what can run across your environment. Using Allowlisting, Ringfencing, Network Control, and more, ThreatLocker stops ransomware, zero-day attacks, and unauthorized activity before execution, rather than relying on detection after the fact. Built for modern IT and cybersecurity teams, the platform delivers centralized visibility and policy management across endpoints, users, and applications. ThreatLocker reduces attack surface, limits lateral movement, and supports compliance with detailed audit logs. With fast deployment, a large built-in application library, and streamlined approvals, organizations can strengthen security while minimizing operational overhead and maintaining business continuity. -
3
Graylog
Graylog
Graylog is the AI-powered SIEM and log management platform built for security and IT operations. The platform centralizes and analyzes event data from across complex environments to help teams detect threats faster, investigate smarter, and control data costs—without compromise. Graylog combines scalable log management with explainable AI that summarizes dashboards, prioritizes real risks, and automates investigation workflows—while keeping analysts in control. With products including Graylog Security, Enterprise, API Security, and Open, Graylog serves more than 60,000 organizations across 180 countries. Headquartered in Houston with roots in open source, Graylog continues to redefine how modern teams achieve clarity, context, and control across their environments. -
4
DriveLock
DriveLock
Cyber threats are everywhere, but protecting your IT systems should be as natural as locking your front door. With DriveLock’s HYPERSECURE Platform, safeguarding your endpoints and business data is easier than ever. We integrate the latest security technologies and share our expertise, so you can focus on what matters—without worrying about data protection. Zero Trust Platform takes a proactive approach, eliminating security gaps before they become a risk. By enforcing centralized policies, DriveLock ensures employees and endpoints access only what they need—following the golden rule of cybersecurity: ''never trust, always verify''. -
5
Heimdal® Endpoint Detection and Response is our proprietary multi-solution service providing unique prevention, threat-hunting, and remediation capabilities. It combines some of the most advanced threat-hunting technologies: - Next-Gen Antivirus - Privileged Access Management - Application Control - Ransomware Encryption Protection - Patch & Asset Management - Email Security - Remote Desktop - Threat Prevention ( DNS based ) - Threat Hunting & Action Center With 9 modules working together seamlessly under one convenient roof, all within one agent and one platform, Heimdal Endpoint Detection and Response grants you access to all the essential cybersecurity layers your business needs to protect itself against both known and unknown online and insider threats. Our state-of-the-art product empowers you to quickly and effortlessly respond to sophisticated malware with stunning accuracy, protecting your digital assets and your reputation in the process as well.Starting Price: $0/month
-
6
SanerNow
SecPod Technologies
SecPod SanerNow is the world's best unified endpoint security & management platform that powers IT/Security Teams automate cyber hygiene practices. It works on an intelligent agent-server model to execute effective endpoint management and security. It gives you accurate vulnerability management with scanning, detection, assessment, prioritization, and remediation capabilities. SanerNow is available on both cloud and on-premise, whose integrated patch management automates patching across all major OSs like Windows, MAC, Linux, and a vast collection of 3rd party software patches. What makes it unique? You can now access other salient features like security compliance management, IT asset management, endpoint management, software deployment, application & device control, and endpoint threat detection and response, all on a single platform. With SanerNow, you can remotely perform and automate these tasks to secure your systems from the emerging wave of cyberattacks.Starting Price: $50/year/device -
7
CrowdStrike Falcon
CrowdStrike
CrowdStrike Falcon is a cloud-native cybersecurity platform that provides advanced protection against a wide range of cyber threats, including malware, ransomware, and sophisticated attacks. It leverages artificial intelligence (AI) and machine learning to detect and respond to threats in real time, offering endpoint protection, threat intelligence, and incident response capabilities. The platform uses a lightweight agent that continuously monitors endpoints for signs of malicious activity, providing visibility and protection without significant impact on system performance. Falcon’s cloud-based architecture ensures fast updates, scalability, and rapid threat response across large, distributed environments. Its comprehensive security features help organizations prevent, detect, and mitigate potential cyber risks, making it a powerful tool for modern enterprise cybersecurity. -
8
Huntress
Huntress
Huntress delivers a powerful suite of endpoint protection, detection and response capabilities—backed by a team of 24/7 threat hunters—to protect your business from today’s determined cybercriminals. Huntress protects your business throughout the modern attack lifecycle—defending against threats like ransomware, malicious footholds, and more. Our security experts take care of the heavy lifting with 24/7 threat hunting, world-class support and step-by-step instructions to stop advanced attacks. We review all suspicious activity and only send an alert when a threat is verified or action is required—eliminating the clutter and false positives found in other platforms. With one-click remediation, handwritten incident reports and powerful integrations, even non-security staff can use Huntress to swiftly respond to cyber events. -
9
Fortinet
Fortinet
Fortinet is a global leader in cybersecurity solutions, known for its comprehensive and integrated approach to safeguarding digital networks, devices, and applications. Founded in 2000, Fortinet provides a wide range of products and services, including firewalls, endpoint protection, intrusion prevention systems, and secure access solutions. At the core of its offerings is the Fortinet Security Fabric, a unified platform that seamlessly integrates security tools to deliver visibility, automation, and real-time threat intelligence across the entire network. Trusted by businesses, governments, and service providers worldwide, Fortinet emphasizes innovation, scalability, and performance, ensuring robust defense against evolving cyber threats while supporting digital transformation and business continuity. -
10
BIMA
Peris.ai
BIMA by Peris.ai is an all-encompassing Security-as-a-Service platform that combines the advanced functionalities of EDR, NDR, XDR, and SIEM into one powerful solution. This integration ensures proactive threat detection across all network points and endpoints, utilizing AI-driven analytics to predict and mitigate potential breaches before they escalate. BIMA streamlines incident response and enhances security intelligence, providing organizations with a formidable defense against sophisticated cyber threats. With BIMA, organizations benefit from a unified, intelligent approach to cybersecurity, enabling faster detection, improved incident response, and comprehensive protection. The platform’s AI capabilities continuously analyze data to identify patterns and anomalies, offering predictive insights that help prevent attacks. BIMA’s integration of multiple security technologies simplifies management and reduces the complexity of securing diverse IT environments.Starting Price: $168 -
11
IBM Guardium
IBM
Protect your data across its lifecycle with IBM Guardium. Secure critical enterprise data from both current and emerging risks, wherever it lives. Find and classify your data. Monitor for data exposures. Prioritize risks and vulnerabilities. Remediate and respond to threats. Protect your data from current and emerging risks, including AI and cryptographic-related risks, through a unified experience. Manage your security and compliance posture on premises and in the cloud with an open and integrated solution. The 5 modules on IBM Guardium Data Security Center include: IBM® Guardium® DSPM, IBM® Guardium® DDR, IBM® Guardium® Data Compliance, IBM® Guardium® AI Security and IBM® Guardium® Quantum Safe. -
12
Panda Adaptive Defense 360
WatchGuard
Unified Endpoint Protection (EPP) and Endpoint Detection and Response (EDR) capabilities, with our unique Zero-Trust Application Service and Threat Hunting Service in one single solution, to effectively detect and classify 100% of processes running on all the endpoints within your organization. Cloud-delivered endpoint prevention, detection, containment and response technologies against advanced threat, zero-day malware, ransomware, phishing, in-memory exploits and malware-less attacks. It also provides IDS, firewall, device control, email protection, URL & content filtering capabilities. It automates the prevention, detection, containment and response to any advanced threat, zero day malware, ransomware, phishing, in-memory exploits, and fileless and malwareless attacks, inside and outside the corporate network. -
13
WatchGuard EDPR
WatchGuard Technologies
WatchGuard EPDR brings together our Endpoint Protection (EPP) and Endpoint Detection and Response (EDR) capabilities into one easy-to-buy product for maximum security against sophisticated endpoint threats. We layer on traditional, signature-based techniques with advanced features and services for a unique, comprehensive offering. By enabling continuous endpoint monitoring, detection and classification of all activity, we are able to reveal and block anomalous behaviors of users, machines and processes. At the same time, we proactively discover new hacking and evasion techniques and tactics to quickly arm our customers. These advances are included at no extra cost and immediately add an additional intelligent layer of protection to get ahead of attackers. EDR for continuous monitoring that prevents the execution of unknown processes. Automatic detection and response for targeted attacks and in-memory exploits. -
14
OpenText Core EDR
OpenText
OpenText Core EDR is an all-in-one endpoint detection and response solution that unifies endpoint protection, SIEM (security information and event management), SOAR (security orchestration, automation, and response), alert triage, and vulnerability assessment into a single platform, eliminating the need to manage disparate security tools. It uses a lightweight agent with pre-configured policies, enabling deployment in minutes and simplifying management across devices without complex scripting. By correlating endpoint, network, and identity events in real time, built-in SIEM and SOAR playbooks surface suspicious behavior and automatically guide containment, remediation, and investigation actions. Continuous, global threat intelligence powers real-time monitoring, helping detect malware, ransomware, zero-day attacks, and other advanced threats before they spread, and enabling rapid isolation or remediation of compromised endpoints. -
15
ManageEngine Vulnerability Manager Plus
ManageEngine
Enterprise vulnerability management software. Vulnerability Manager Plus is an integrated threat and vulnerability management software that delivers comprehensive vulnerability scanning, assessment, and remediation across all endpoints in your network from a centralized console. Scan and discover exposed areas of all your local and remote office endpoints as well as roaming devices. Leverage attacker-based analytics, and prioritize areas that are more likely to be exploited by an attacker. Mitigate the exploitation of security loopholes that exist in your network and prevent further loopholes from developing. Assess and prioritize vulnerabilities based on exploitability, severity, age, affected system count, as well as the availability of the fix. Download, test, and deploy patches automatically to Windows, Mac, Linux, and over 250 third-party applications with an integral patching module—at no additional cost.Starting Price: $695 per user per year -
16
Cisco Secure Endpoint
Cisco
Our cloud-native solution delivers robust protection, detection, and response to threats—reducing remediation times by as much as 85 percent. Reduces the attack surface using advanced endpoint detection and response (EDR), threat hunting, and endpoint isolation. The built-in SecureX platform delivers a unified view, simplified incident management, and automated playbooks—making our extended detection and response (XDR) the broadest in the industry. Our Orbital Advanced Search capability provides the answers you need about your endpoints—fast. Find sophisticated attacks faster. Our proactive, human-driven hunts for threats map to the MITRE ATT&CK framework to help you thwart attacks before they cause damage. Secure Endpoint establishes protection, detection, response, and user access coverage to defend your endpoints. -
17
N-able EDR
N-able
New threat patterns require a different approach. Zero day attacks, ransomware, and fileless threats all elude the antivirus solutions your customers rely on. Take threat protection to the next level with Endpoint Detection and Response, which uses AI to stay one step ahead of the next cyberattack. Provide real-time, automated protection against evolving threats at each endpoint. Harness AI engines to provide static and behavioral analysis on new threat patterns. Use machine learning to evolve threat responses. Onboard, operate, and manage endpoint protection from a single dashboard. MSP clients think antivirus solutions will catch all their threats. They often don’t realize threats like ransomware and zero day threats can slip through these programs. Allow and block devices with custom policies to defend against zero day and fileless attacks out of the box. With the Windows OS rollback feature, reverse ransomware typically in minutes. -
18
RAV Endpoint Protection
Reason Cybersecurity
RAV Endpoint Protection is a next-generation antivirus solution that leverages AI-powered Endpoint Detection and Response (EDR) technology to provide real-time protection against advanced cyber threats. Its lightweight engine requires fewer device resources compared to other antivirus programs, ensuring seamless operation without technical expertise. The platform offers comprehensive online protection and identity monitoring, safeguarding users from phishing, ransomware, adware, and more during web activities. It includes digital identity management features, such as personal data monitoring and dark web scanning, to alert users when their identity has been compromised. The dynamic ransomware defense and malware protection feature utilizes advanced heuristics to block and alert users to potentially unknown ransomware threats. Additionally, RAV Endpoint Protection emphasizes privacy with tools like webcam and microphone protection, minimizing potential entry points for attackers.Starting Price: $32.83 per month -
19
Microsoft Defender for Business
Microsoft
Microsoft Defender for Business is an AI-powered device security solution designed for small and medium-sized businesses with up to 300 users. It goes beyond traditional antivirus by providing enterprise-grade endpoint protection across Windows, macOS, iOS, and Android devices. The platform helps organizations identify vulnerabilities, protect devices, detect threats, and rapidly respond to cyberattacks. AI-driven endpoint detection and response automatically disrupt ransomware and other in-progress attacks in real time. Defender for Business includes vulnerability management to prioritize and remediate security weaknesses. Its simplified onboarding and management experience makes it easy to deploy without complex security expertise. Overall, Microsoft Defender for Business delivers cost-effective, scalable security tailored to modern hybrid work environments.Starting Price: $3/user/month -
20
Sequretek Percept EDR
Sequretek
Secure your endpoints with cloud-native Percept EDR - a comprehensive centrally-managed, cross-platform technology with an end-to-end response mechanism to detect and protect against advanced threats. Percept EDR is an intelligent, easy-to-manage, simple-to-deploy product that works efficiently in heterogeneous environments. Percept EDR uses AI-ML and endpoint detection and response (EDR) telemetry analytics for enhanced detection capabilities. It is one of the very few products that features on-agent AI ensuring that devices stay protected even in an offline mode. Percept EDR provides a real-time defense against zero-day threats, advanced persistent threats, ransomware attacks, and any other malicious activities. Beyond advanced threat protection, Percept EDR also integrates components such as device control, application whitelisting, and vulnerability management into a single product with a single dashboard view over your endpoint security. -
21
RevBits Endpoint Security
RevBits
Identify, Isolate and Remove Endpoint Threats in Real-Time As an intuitive, high-performance security software, RevBits Endpoint Security blocks the most sophisticated attacks. RevBits Endpoint Security is the only solution available that conducts a three-phase analysis of threats. The feature-rich and comprehensive RevBits Endpoint Detection and Response (EDR) module provide complete control and access to the breached system from anywhere. Ransomware and malware incidents are stories of failed endpoint security. RevBIts Endpoint Security delivers better protection of the endpoint and will deliver organizations a safer network by preventing malware from successful lateral movement in the environment. -
22
Cybereason
Cybereason
Together we can end cyber attacks at the endpoint, across the enterprise, to everywhere the battle moves. Cybereason delivers over-the-horizon visibility and high fidelity convictions of both known and unknown threats so defenders can leverage the power of true prevention. Cybereason provides the deep context and correlations from across the whole of the network to uncover stealthy operations and enable defenders to be expert threat hunters. Cybereason significantly reduces the time required for defenders to investigate and resolve attacks through both automated and guided remediation with just a click of the mouse. Cybereason analyzes 80 million events per second - that’s 100x the volume of other solutions on the market. Reduce investigation time by as much as 93% to eliminate emerging threats in a matter of minutes rather than days. -
23
Xcitium
Xcitium
Xcitium is the only unified zero-trust cybersecurity platform, bringing zero-trust posture all the way from endpoints to the cloud under a single pane of glass. With Xcitium, we protect with detection-less innovation: patented Kernel-level API virtualization. Xcitium reduces the amount of time a threat can maneuver or dwell in your environment, down to absolute zero. Attacks happen in minutes and seconds. However, the impact of an attack does not always occur instantly. It can take some dwell time for an intruder to get a foothold and to execute search and destroy or exfiltration missions. Xcitium intercepts and isolates the attack before any of its impact and intended damage can occur. Equip every endpoint, network, and workload with the latest threat intelligence against cyber threat signatures and payloads. Defense against new or zero-day cyber threats using powerful static, dynamic, and patented behavioral AI. -
24
Check Point Endpoint Security
Check Point Software
Check Point Endpoint Security is a comprehensive endpoint protection platform that safeguards devices, users, and corporate data against modern cyber threats through a unified security architecture. The solution combines Endpoint Protection Platform (EPP), Endpoint Detection and Response (EDR), and Extended Detection and Response (XDR) capabilities within a single agent and centralized management console. Designed to protect remote and hybrid workforces, it delivers advanced defenses against ransomware, malware, phishing attacks, zero-day threats, and data loss incidents. The platform supports a wide range of operating systems and devices, including Windows, macOS, Linux, mobile devices, virtual desktop environments, and servers. Powered by Check Point’s ThreatCloud AI, the solution leverages artificial intelligence and threat intelligence to detect and prevent sophisticated cyberattacks before they impact business operations. -
25
Symantec EDR
Broadcom
Quickly discover and resolve threats with deep endpoint visibility and superior detection analytics, reducing mean time to remediation. Overcome cyber security skills shortages and streamline SOC operations with extensive automation and built-in integrations for sandboxing, SIEM, and orchestration. Fortify security teams with the unmatched expertise and global scale of Symantec Managed Endpoint Detection and Response services. Roll out Endpoint Detection and Response (EDR) across Windows, macOS, and Linux devices using Symantec Endpoint Protection (SEP)-integrated EDR or a dissolvable agent. Supported by deep endpoint visibility, precisely detect and actively hunt threats to quickly expose and fully resolve them, no matter how persistent. Instantly detect advanced attack methods using behavioral policies continually updated by Symantec researchers. -
26
FortiClient
Fortinet
Multilayered endpoint security with behavior based analysis for prevention against known and unknown threats. Complete real-time visibility of all your global software inventory. Here, there, anywhere. Cloud-delivered FortiClient endpoint protection service designed for small and medium-sized business. Integrated endpoint protection platform that provides automated next-generation threat protection, visibility and control of your software and hardware inventory across the entire security fabric. Identify & remediate vulnerable or compromised hosts across your attack surface. As a key piece of the Fortinet Security Fabric, FortiClient integrates endpoints into the fabric for early detection and prevention of advanced threats. Security events including zero-day malware, botnet detections, and vulnerabilities are reported in real-time. -
27
eScan
MicroWorld Technologies
eScan's next-gen antivirus solution that protects the home network from viruses, malware, ransomware, bots, and more, using a layered approach. With the unique combination of basic and modern techniques, eScan blocks a broad range of attacks. It comprises right from web filtering, signature-based malware detection and behavior analysis to innovative techniques like deep learning malware detection, exploit prevention, heuristic scan, and many more. eScan offers business endpoint protection and endpoint detection and response (EDR) solutions as well as anti-spam solutions for email and multi-factor authentication.Starting Price: $58.95/one-time/user -
28
Sophos Intercept X Endpoint
Sophos
Take threat hunting and IT security operations to the next level with powerful querying and remote response capabilities. Ransomware file protection, automatic file recovery, and behavioral analysis to stop ransomware and boot record attacks. Deep Learning Technology Artificial intelligence built into Intercept X that detects both known and unknown malware without relying on signatures. Deny attackers by blocking the exploits and techniques used to distribute malware, steal credentials, and escape detection. Elite team of threat hunters and response experts who take targeted actions on your behalf to neutralize even the most sophisticated threats. Active adversary mitigation prevents persistence on machines, credential theft protection, and malicious traffic detection.Starting Price: $28 per user per year -
29
Syxsense Secure
Syxsense
Syxsense Secure is world’s first IT management and security solution that combines vulnerability scanning, patch management, and EDR capabilities in a single cloud console. With insight into the health of every endpoint across your network, you get the peace of mind that comes from predicting, preventing, and eliminating threats in real time. Make exposed risk and attack vectors a thing of the past. -
30
WithSecure Elements XDR
WithSecure
WithSecure Elements Cloud seamlessly integrates software, services, and all essential security capabilities into a single unified solution. WithSecure's modular Elements Cloud cyber security platform seamlessly integrates Extended Detection and Response (XDR), Exposure Management (XM) and Co-Security Services into a single unified solution. WithSecure Elements XDR includes Elements Endpoint Security (EPP+EDR), Identity Security for Microsoft Entra ID, Collaboration Protection for Microsoft 365, and Cloud Security as modules. WithSecure Elements Exposure Management (XM) is a continuous and proactive solution that predicts and prevents breaches against your company’s assets and business operations. At WithSecure, we've spent more than 35 years providing enterprise-grade cyber security that aligns with business goals, making us your ideal strategic cyber security partner. Embracing 'The European Way' of trust and compliance, we protect and enable operations across all industries. -
31
ESET PROTECT Elite
ESET
ESET PROTECT Elite is an enterprise-grade cybersecurity solution that integrates extended detection and response with comprehensive multilayered protection. It offers advanced threat defense using adaptive scanning, machine learning, cloud sandboxing, and behavioral analysis to prevent zero-day threats and ransomware. The platform includes modern endpoint protection for computers and smartphones, server security for real-time data protection, and mobile threat defense. It also features full disk encryption, helping organizations comply with data protection regulations. ESET PROTECT Elite provides robust email security, including anti-phishing, anti-malware, and anti-spam technologies, along with cloud app protection for Microsoft 365 and Google Workspace. Vulnerability and patch management capabilities allow for automatic tracking and patching of vulnerabilities across all endpoints.Starting Price: $275 one-time payment -
32
Carbon Black EDR
Broadcom
Carbon Black Endpoint Detection and Response (EDR) by Broadcom offers a comprehensive solution for detecting, investigating, and responding to cybersecurity threats on endpoints. It utilizes advanced behavioral analysis and machine learning to identify suspicious activities in real time, providing security teams with actionable insights to prevent data breaches and mitigate risks. With its cloud-based architecture, Carbon Black EDR enables continuous monitoring, visibility into endpoint activity, and automated threat response. It’s designed to support organizations of all sizes by improving threat detection, reducing investigation time, and enhancing overall endpoint security. -
33
Sangfor Athena EPP
Sangfor Technologies
Sangfor Athena EPP is a modern endpoint protection platform that combines next-generation antivirus (NGAV), endpoint detection and response (EDR), and endpoint management in a single solution. It delivers comprehensive protection, detection, and response across all endpoints within an organization’s network. The platform offers asset and patch management to maintain visibility and control over devices and software. Athena EPP includes dedicated ransomware protection, forensic analysis, threat hunting, and ransomware recovery capabilities. Its flexible architecture supports on-premises, cloud, and hybrid deployments, making it suitable for organizations of all sizes. Third-party validations and certifications highlight its proven effectiveness and reliability in endpoint security. -
34
Uncover the unknown in your network with this EDR solution. This endpoint detection and response tool leverages ESET's multilayered Endpoint Protection Platform. All layers send relevant data to ESET Enterprise Inspector, which analyzes vast amounts of real-time endpoint data. Provides quick analysis and remediation of any security issue in the network. ESET Enterprise Inspector provides a unique behavior and reputation based detection that is fully transparent to security teams. All rules are easily editable via XML to allow fine-tuning. New rules can be created to match the needs of specific enterprise environments, including SIEM integrations. Utilize ESET’s endpoint detection and response tool to easily suppress false alarms by adjusting the sensitivity of detection rules for different computer groups or users. Combine criteria such as file name/path/hash/command line/signer to fine-tune the trigger conditions.Starting Price: $38 per user per year
-
35
Panda Endpoint Protection
WatchGuard
Our endpoint protection stops malware, ransomware, and threats that leverage unknown (zero-day) vulnerabilities using an easy-to-manage cloud-based console and a lightweight agent that doesn’t interfere with the performance of the endpoints. Endpoint protection against malware, ransomware, and the latest threats. Detailed, real-time security monitoring and reporting. Lightweight agent and easy-to-use cloud-based console. Extend security by adding patch management and encryption without a new deployment. This effective, Cloud-native security solution for desktops, laptops, and servers centrally manages the security of endpoints, both inside and outside the corporate network. Our Endpoint Protection (EPP) technologies prevent infections by utilizing our Collective Intelligence, the consolidated and incremental knowledge repository of all applications, binaries, and other files, both trusted and malicious. -
36
Trellix Endpoint Security (HX)
Trellix
Trellix Endpoint Security (HX) performs fast, targeted forensic investigations across thousands of endpoints. Protect and empower your workforce with an integrated security framework that protects every endpoint. Trellix Endpoint Security solutions apply proactive threat intelligence and defenses across the entire attack lifecycle to keep your organization safer and more resilient. Keep your endpoints secure in today’s dynamic threat landscape. Explore how our integrated suite of endpoint protection technologies gives you the power of actionable intelligence, machine learning, and more to help you continuously monitor threats and avert attacks. Endpoint security is the practice of safeguarding the data and workflows associated with the individual devices that connect to your network. Endpoint protection platforms (EPP) work by examining files as they enter the network. -
37
HCL BigFix
HCL Software
HCL BigFix: Secure Resilient Operations, Powered by AI HCL BigFix is the platform for unified endpoint and infrastructure management, purpose-built to deliver on the Digital+ promise of reducing cost, risk, and complexity. Proven at enterprise scale, BigFix secures and manages 155M+ endpoints across nearly 100 operating systems. It leverages AI-driven automation to deliver continuous compliance and real-time vulnerability remediation with one of the industry’s best first-pass patch success rates (>98%). This is enhanced by AEX, our agentic AI platform, which transforms the digital employee experience through proactive, self-healing support. HCL BigFix is the single solution to secure any endpoint, in any cloud, across any industry. -
38
OpenText Core Endpoint Protection
OpenText
OpenText Core Endpoint Protection delivers next-generation, cloud-based security designed to stop ransomware, phishing, and zero-day attacks before they disrupt business operations. Using real-time machine learning and OpenText Threat Intelligence, it continuously identifies threats and blocks malicious behavior across all endpoints. The platform simplifies security management with pre-built policies, easy administration, and seamless integration with leading RMM tools. With cloud-based control, IT teams can monitor and protect devices from anywhere without requiring on-premises oversight. The solution minimizes downtime by preventing infections and enabling rapid isolation and investigation when suspicious activity occurs. For organizations seeking deeper visibility, it integrates seamlessly with OpenText Core EDR to provide advanced threat detection and workflow automation.Starting Price: $30 per year -
39
Symantec Endpoint Protection
Broadcom
Symantec Endpoint Security delivers the most complete, integrated endpoint security platform on the planet. As an on-premises, hybrid, or cloud-based solution, the single-agent Symantec platform protects all your traditional and mobile endpoint devices, and uses artificial intelligence (AI) to optimize security decisions. A unified cloud-based management system simplifies protecting, detecting and responding to all the advanced threats targeting your endpoints. Keep your business running. Compromised endpoints are highly disruptive to business. Innovative attack prevention and attack surface reduction delivers the strongest security across the entire attack life cycle (e.g., stealthy malware, credential theft, fileless, and “living off the land” attacks). Prevent the worst-case scenario. Full blown breaches are CISOs' worst nightmare. Deliver detection and remediation of persistent threats with sophisticated attack analytics and prevention of AD credential theft. -
40
Cymulate
Cymulate
Continuous Security Validation Across the Full Kill Chain. Cymulate’s breach and attack simulation platform is used by security teams to determine their security gaps within seconds and remediate them. Cymulate’s full kill chain attack vectors simulations analyze all areas of your organization including for example web apps, email, phishing, and endpoints, so no threats slip through the cracks. -
41
Kaspersky EDR
Kaspersky Lab
Not long ago, a typical cyberattack would use mass malware. It would target separate endpoints and detonate within single computers. Mass malware attacks are automatic, they pick out random victims via mass emails, phishing websites, rogue Wi-Fi hotspots etc. The remedy was endpoint protection solutions (EPP), which would protect hosts from mass malware. Facing the effective EPP-based detection, attackers switched to the more costly, but more effective, tactic of launching targeted attacks against particular victims. Due to high cost, targeted attacks are usually used against companies, with the aim of getting profit. Targeted attacks involve reconnaissance and are designed for penetrating the victim’s IT system and evading its protection. The attack kill chain involves many hosts of the IT system. EPPs rely on what they see on a single endpoint. But advanced attacks act on many hosts, making relatively unsuspicious actions on yet another endpoint. -
42
Apozy Airlock
Apozy
Apozy Airlock. The browser endpoint detection and response platform that neutralizes web attacks in one click. The Internet is a dangerous place. It doesn’t have to be. Airlock fills the gap in your EPP/EDR by protecting the browser, delivering a safe, clean, and lightning-fast internet experience. Powered by the very first visually-aware native browser isolation platform with over 6 petabytes of visual data, Airlock prevents web attacks in real time. Airlock stops spearfishing in its tracks. With a visual model database of over 67.83 billion pages which analyzes over 12.20 trillion links per year, our technology protects anyone clicking on a malicious link by sandboxing the threat.Starting Price: $9/month/user -
43
AhnLab EDR
AhnLab
AhnLab EDR is an Endpoint Detection and Response (EDR) solution that continuously monitors endpoints for comprehensive threat detection, analysis, and response. New and unknown malware, including ransomware, and malware variants are intensifying at an alarming pace - but organizations do not have adequate response measures in place and rely on traditional endpoint security measures. To mitigate the risks and strengthen your resiliency in security incidents, EDR technology is necessary. AhnLab EDR provides a total process of information detection, analysis, response, and prediction at endpoints. The response process enables holistic visibility into threats with continuous monitoring and recording of every activity in endpoints, analyzing the flow and enabling stronger response. -
44
BUFFERZONE
Bufferzone Security
BUFFERZONE provides a patented containment and disarming solution that defends endpoints against advanced malware and zero-day attacks while maximizing user and IT productivity. By isolating potentially malicious content coming from browsers, email and removable media, BUFFERZONE defends individuals and organizations from advanced threats that evade detection. BUFFERZONE disarms content for securely transferring it from the container to the native endpoint and secure network zones, and provides critical intelligence for enterprise-wide security analytics. Easy to deploy and configure, BUFFERZONE is a lightweight solution that provides cost-effective containment for up to thousands of endpoints. -
45
Kitecyber
Kitecyber
Kitecyber provides an AI-powered endpoint security solution to protect your workforce and data from modern threats like AI agents, data exfiltration, credential theft and insider risk. Our unified security agent runs on each endpoint and provides comprehensive security while meeting compliance requirements of organizations for SOC2, ISO27001, HIPAA, PCI-DSS, GDPR etc. Our unique endpoint-based approach eliminates the need for cloud gateways or local appliances. The unified agent offering includes the following protections: 1) Control and visibility into AI agent usage 2) Secure Web Gateway to safeguard internet access 3) Eliminate Shadow SaaS and Shadow AI 4) Anti-Phishing measures to protect user credentials 5) Zero Trust Private Access (Next gen VPN) 6) Data Loss Prevention across all devices—Mac, Windows, and mobile 7) Device Management for Mac, Windows, and mobile for all employees, BYOD devices and 3rd party contractors 8) Continuous Compliance MonitoringStarting Price: $10/user/month -
46
WatchGuard Endpoint Protection Platform (EPP)
WatchGuard Technologies
The WatchGuard EPP product goes beyond signature-based antivirus to stop malware, ransomware and threats that leverage unknown, zero day vulnerabilities. Even better, it's managed with an intuitive Cloud-based console and lightweight agent that doesn't interfere with endpoint performance. Endpoints are protected from viruses, malware, spyware and phishing with WatchGuard EPP. We use a comprehensive set of security techniques including signatures, local cache, and even our own proprietary intelligence feeds derived from the malware previously detected with our EDR products. This enables us to find zero day exploits using behavioral heuristics and known indicators of attacks as “contextual rules." WatchGuard EPP centralizes next-generation antivirus for all your Windows, macOS and Linux desktops, laptops, and servers, in addition to the leading virtualization systems. -
47
Trellix XDR
Trellix
Introducing the Trellix Platform, a composable XDR ecosystem that adapts to the challenges of your business. The Trellix Platform learns and adapts for living protection while delivering native and open connections and providing expert and embedded support for your team. Keep your organization resilient with adaptive prevention that adjusts and responds in machine time to threats. Customers trust 75M endpoints to Trellix. Maximize business agility through zero trust principles and protect against front-door, side-door, and back-door attacks, all while streamlining policy management. Get comprehensive, non-invasive protection for your cloud-native applications, through secure agile DevOps and visible deployment environments. Our email and collaboration tool security protects against high-volume exposure points and attackers, automating for optimized productivity and enabling secure and agile teamwork. -
48
Microsoft Defender for Endpoint
Microsoft
Gain the upper hand against sophisticated threats like ransomware and nation-state attacks. Put time back in the hands of defenders to prioritize risks and elevate your security posture. Advance beyond endpoint silos and mature your security based on a foundation for XDR and Zero Trust. Microsoft Defender for Endpoint delivers industry-leading endpoint security for Windows, macOS, Linux, Android, iOS, and network devices and helps to rapidly stop attacks, scale your security resources, and evolve your defenses. It’s delivered at cloud scale, with built-in AI that reasons over the industry’s broadest threat intelligence. Our comprehensive solution enables discovery of all endpoints and even network devices, such as routers, in your environment. It offers vulnerability management, endpoint protection, endpoint detection and response (EDR), mobile threat defense, and managed hunting all in a single, unified platform. -
49
LMNTRIX
LMNTRIX
LMNTRIX is an Active Defense company specializing in detecting and responding to advanced threats that bypass perimeter controls. Be the hunter not the prey. We think like the attacker and prize detection and response. Continuous everything is the key. Hackers never stop and neither do we. When you make this fundamental shift in thinking, you start to think differently about how to detect and respond to threats. So at LMNTRIX we shift your security mindset from “incident response” to “continuous response,” wherein systems are assumed to be compromised and require continuous monitoring and remediation. By thinking like the attacker and hunting on your network and your systems, we allow you to move from being the prey to being the hunter. We then turn the tables on the attackers and change the economics of cyber defense by shifting the cost to the attacker by weaving a deceptive layer over your entire network – every endpoint, server and network component is coated with deceptions. -
50
Defense.com
Defense.com
Take control of cyber threats. Identify, prioritize and track all your security threats with Defense.com. Simplify your cyber threat management. Detection, protection, remediation, and compliance, are all in one place. Make intelligent decisions about your security with automatically prioritized and tracked threats. Improve your security by following the effective remediation steps provided for each threat. Gain knowledge and advice from experienced cyber and compliance consultants when you need assistance. Take control of your cyber security with easy-to-use tools that can work with your existing security investment. Live data from penetration tests, VA scans, threat intelligence and more all feeds into a central dashboard, showing you exactly where your risks are and their severity. Remediation advice is included for each threat, making it easy to make effective security improvements. Powerful threat intelligence feeds are mapped to your unique attack surface.Starting Price: $30 per node per month
