We performed a comparison between Cisco Secure Endpoint vs Microsoft Defender for Endpoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Endpoint received more favorable ratings in every comparison category.
"NGAV and EDR features are outstanding."
"The product's initial setup phase is very easy."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"This is stable and scalable."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"It is stable and scalable."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"It used to take us a month to find out that something is infected, we now know that same day, as soon it is infected."
"The product itself is pretty reliable. The security features that it has make it reliable."
"appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. I can track everything that happens on our server from my PC or device. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us."
"There are several valuable features including strong prevention and exceptional reporting capabilities."
"I am told that we get over 100 million emails a month. This filters them down and allows only somewhere about three million emails, which is a great help."
"The best feature that we found most valuable, is actually the security product for the endpoint, formerly known as AMP. It has behavioral analytics, so you can be more proactive toward zero-day threats. I found that quite good."
"The stability of the solution is perfect. I believe it's the most stable solution on the market right now."
"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"I like the simplicity of the portal and the integration with Microsoft Intune. Microsoft Defender for Endpoint is easy to use and implement."
"It can reach our applications and PC activities in the cloud."
"It is stable and very easy to use."
"I am using it for very simple purposes. It is perfect and quite effective. I have been using it for a while, and I have never had any virus infection, data leak, or other security breaches. It works fine for standalone purposes. If you log on to OneDrive, it has ransomware protection."
"The solution is highly scalable."
"Its threat intelligence feature is beneficial. This solution smoothly integrates with SIEM."
"We have liked the fact that it comes with Microsoft Windows 10 and it is constantly updated with all new virus definitions. It is also updated with new security features on a regular basis."
"It captures data through machine learning, which is built-in on the back-end. It also provides built-in analytics and a threat intelligence feature. It is a one-stop solution that doesn't require an antivirus because it comes prebuilt into Windows 10."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The dashboard isn't easy to access and manage."
"I haven't seen the use of AI in the solution."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The support needs improvement."
"We'd like to see more one-to-one product presentations for the distribution channels."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Its price is okay for us, but it can always be better. There's always room for improvement when it comes to pricing."
"I would like to see integration with Cisco Analytics."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"It does not include encryption and decryption of local file shares."
"The initial setup of Cisco Secure Endpoint is complex."
"The solution needs more in-depth analytics."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."
"From an audit point of view, our auditors would like to have more reports on how things are used, if things go wrong, and how they went wrong. For example, if something got a warning, "Why?" So, we would like more versatility for tracing and reporting. That would improve the product, as long as the user interface doesn't get bogged down."
"Cortex... has good investigation capabilities, out-of-the-box, in case there is an event that you'd like to investigate. It's quite convenient. Microsoft has those capabilities as well, but you need a bit more training on the product to get the basic information that you can get out-of-the-box with Cortex."
"Microsoft should improve support for third-party platforms, because not all functionality is available for all of them. It's a good product, but they should just extend the functionality for all platforms."
"Its interface can be improved a little bit. We would like to have some sort of centralization. It should have something like a central server that is managing all the other clients. There are solutions from Kaspersky or ESET NOD32 that are really doing this kind of thing currently. We would like to see something similar from Microsoft."
"Microsoft Defender for Endpoint can improve by making the reporting faster. It takes some time to reflect back to the administration portal of what has been updated. For example, out of 100 Computers, approximately 90 computers received updates, but when you check the administration portal over one or two days, you will only see 75, even though 90 were updated."
"Something that is unique to Microsoft is its licensing model. When you go out and you buy McAfee or Symantec, you know what you're getting out of the box, but with Microsoft, often, when you're looking to achieve a certain set of capabilities, those capabilities are spread across different products. You might try to do something you could do with CrowdStrike, but then find out that you also need to purchase Microsoft Defender for Identity or Microsoft Defender for Azure. You realize that when they talk about what they can offer within the Microsoft platform, it's really the suite of investments. So, sometimes, you may find yourself buying Defender for Endpoint thinking that it matches CrowdStrike, but then you find that Microsoft really needs to sell you something else. One plus one will equal three, but when you have a very concise platform, such as CrowdStrike, you know what you're going to get."
"I would like MDE to have the ability to isolate a certain amount of time on the timeline."
"I'm not too sure of its current capabilities, but I'm pretty sure they are doing a good job on Windows and Mac. However, I'm not sure whether they covered Linux. If I remember correctly, Microsoft Defender didn't have anything proper on Linux back then, but if they have improved it from that aspect, it would already be ticking all the boxes."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Cisco Secure Endpoint is ranked 9th in Endpoint Protection Platform (EPP) with 44 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Cisco Secure Endpoint is rated 8.6, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Cisco Secure Endpoint writes "Single dashboard management, quick infrastructure threat detection, and high level support". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Cisco Secure Endpoint is most compared with Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Check Point Harmony Endpoint, VMware Carbon Black Endpoint and Cisco Umbrella, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and ESET Endpoint Protection Platform. See our Cisco Secure Endpoint vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.