We performed a comparison between Cisco Secure Endpoint vs Microsoft Defender for Endpoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Endpoint received more favorable ratings in every comparison category.
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The most valuable feature is the analysis, because of the beta structure."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The stability is very good."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Ability to get forensics details and also memory exfiltration."
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
"It doesn't impact the devices. It is an agent-based solution, and we see no performance knock on cell phones. That was a big thing for us, especially in the mobile world. We don't see battery degradation like you do with other solutions which really drain the battery, as they're constantly doing things. That can shorten the useful life of a device."
"The product itself is pretty reliable. The security features that it has make it reliable."
"The product provides sandboxing options like file reputation and file analysis."
"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"The integration with other Cisco products seemed to be really effective. We had Umbrella in place and we were using AnyConnect as well as Firepower. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful."
"Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."
"The most valuable feature is that it comes with the package, so there is no additional installation of third-party software. It's also easy to use."
"It can reach our applications and PC activities in the cloud."
"We use Microsoft Defender for the antivirus."
"Microsoft Defender for Endpoint's most valuable feature is its ease of use."
"Easy to understand and easy to set up endpoint security solution. It's a multifeatured product with web content filtering and automated investigation features. It also has a fantastic vulnerability management dashboard."
"You have endpoint security to keep your devices safe. That's the feature that we're interested in."
"Microsoft Defender for Endpoint's WCS function, a content filtering solution, has proven to be the most useful, stable, and reliable option for our current needs."
"Microsoft Defender for Endpoint is easy to load and it runs quietly in the background, unlike other solutions."
"We'd like to see more one-to-one product presentations for the distribution channels."
"We find the solution to be a bit expensive."
"The solution should address emerging threats like SQL injection."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"Cannot be used on mobile devices with a secure connection."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The solution is not stable."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"I would recommend that the solution offer more availability in terms of the product portfolio and integration with third-party products."
"The technical support is very slow."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"It could be improved in connection with artificial intelligence and IoT."
"In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."
"It is not very stable because we have new versions four times a year, which fixes bugs. We had some problems with some deployments."
"Due to the complexity of the technology that is used and its advanced threat detection capabilities, it is possible to encounter many delays in operation."
"The reporting and analytics areas of the solution need to be improved."
"It is using a large space in your memory all the time. While an antivirus will use some of your memory, if they could reduce the load of the antivirus to some extent that would be good."
"The documentation could be better. When they update their manuals, sometimes they refer to products by their old names, so it is a little confusing. For example, the documentation might still say "Advanced Threat Protection" instead of Defender for Endpoint."
"Features like device inventory continue to lack essential workstation drill-downs showing the entire device information with the least effort."
"It can be more secure."
"A concern is ransomware, whether people can penetrate and encrypt my data or steal my credit card/banking information."
"Something that is unique to Microsoft is its licensing model. When you go out and you buy McAfee or Symantec, you know what you're getting out of the box, but with Microsoft, often, when you're looking to achieve a certain set of capabilities, those capabilities are spread across different products. You might try to do something you could do with CrowdStrike, but then find out that you also need to purchase Microsoft Defender for Identity or Microsoft Defender for Azure. You realize that when they talk about what they can offer within the Microsoft platform, it's really the suite of investments. So, sometimes, you may find yourself buying Defender for Endpoint thinking that it matches CrowdStrike, but then you find that Microsoft really needs to sell you something else. One plus one will equal three, but when you have a very concise platform, such as CrowdStrike, you know what you're going to get."
"They should bring back the feature of a dedicated proxy device for communication to the cloud. As of now, all the agents are required to send the logs directly to the cloud. There should be a solution where you can put a proxy and all the logs are consolidated, like a forwarder."
"The biggest issue I had with Microsoft Defender for Endpoint was the antivirus and ransomware. I wanted central visibility over all the machines that we operate."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Cisco Secure Endpoint is ranked 9th in Endpoint Protection Platform (EPP) with 44 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Cisco Secure Endpoint is rated 8.6, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Cisco Secure Endpoint writes "Single dashboard management, quick infrastructure threat detection, and high level support". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Cisco Secure Endpoint is most compared with Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Check Point Harmony Endpoint, VMware Carbon Black Endpoint and Cisco Umbrella, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and ESET Endpoint Protection Platform. See our Cisco Secure Endpoint vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.