We performed a comparison between Cisco Secure Endpoint vs Microsoft Defender for Endpoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Endpoint received more favorable ratings in every comparison category.
"The solution was relatively easy to deploy."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Forensics is a valuable feature of Fortinet FortiEDR."
"This is stable and scalable."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Fortinet is very user-friendly for customers."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The simplicity of use is its most valuable feature. You can very clearly see things."
"The best feature that we found most valuable, is actually the security product for the endpoint, formerly known as AMP. It has behavioral analytics, so you can be more proactive toward zero-day threats. I found that quite good."
"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"The VPN is most valuable. It's the best thing in the market today. We can use two-factor authentication with another platform, and we can authenticate with two-factor."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."
"The stability of the solution is perfect. I believe it's the most stable solution on the market right now."
"The integration with other Cisco products seemed to be really effective. We had Umbrella in place and we were using AnyConnect as well as Firepower. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful."
"I am using it for very simple purposes. It is perfect and quite effective. I have been using it for a while, and I have never had any virus infection, data leak, or other security breaches. It works fine for standalone purposes. If you log on to OneDrive, it has ransomware protection."
"The most valuable feature is that we can use the solution right out of the box without too much configuration."
"The most valuable aspect lies in its automation capabilities, particularly within security automation."
"We found that because the endpoint devices are based on Microsoft Windows devices and Windows Defender is integrated with the foundation and the core layer, it makes it more integrated and more agile in terms of responding to any security threats or changes or development"
"Microsoft Defender for Endpoint's most valuable feature is its ease of use."
"Microsoft Defender for Endpoint comes pre-installed in Microsoft Windows."
"The performance of Microsoft Defender for Endpoint has been a valuable feature."
"We had certain compliance and usage issues. For example, our company wanted to go with CIS, but we didn't have a proper way of measuring whether the endpoints have the right standards in place or whether they were compliant with CIS. Microsoft Defender was like a one-stop for most things because it gave us the vulnerability and patching scores so that our vulnerability management teams can focus on covering up the vulnerabilities and the patching team can check the vulnerable versions and deploy the right versions."
"The dashboard isn't easy to access and manage."
"Detections could be improved."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The solution should address emerging threats like SQL injection."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The support needs improvement."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"It is not very stable because we have new versions four times a year, which fixes bugs. We had some problems with some deployments."
"The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product."
"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."
"The initial setup of Cisco Secure Endpoint is complex."
"In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."
"It could be improved in connection with artificial intelligence and IoT."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"The solution has minimal customization options, especially compared to Mandiant, so we want to see more scope for customization. A single portal for customization would also be a welcome addition."
"There is room to improve the security of the solution."
"We encountered some issues when we were trying to enable automatic updates from our group policy."
"Its interface can be improved a little bit. We would like to have some sort of centralization. It should have something like a central server that is managing all the other clients. There are solutions from Kaspersky or ESET NOD32 that are really doing this kind of thing currently. We would like to see something similar from Microsoft."
"I'm not too sure of its current capabilities, but I'm pretty sure they are doing a good job on Windows and Mac. However, I'm not sure whether they covered Linux. If I remember correctly, Microsoft Defender didn't have anything proper on Linux back then, but if they have improved it from that aspect, it would already be ticking all the boxes."
"It would be helpful if they offered video tutorial guides."
"Microsoft Defender for Endpoint should have more transparency. In the latest edition of Windows, Windows 11, it is a compulsory requirement to connect to a Microsoft account, which in turn has implications for Defender. This should be removed."
"The UI for Microsoft Defender for Endpoint needs to be better. Integration with client dashboards is also lacking in this product, e.g. client dashboards shouldn't just be viewable from the cloud, because when the client's computer is offline, you won't be able to see the client dashboard."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Cisco Secure Endpoint is ranked 10th in EPP (Endpoint Protection for Business) with 22 reviews while Microsoft Defender for Endpoint is ranked 1st in EPP (Endpoint Protection for Business) with 78 reviews. Cisco Secure Endpoint is rated 8.6, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Cisco Secure Endpoint writes "Tighter integration with Umbrella and Firepower gave us eye-opening information". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "You can access all your security data and telemetry from a single pane of glass". Cisco Secure Endpoint is most compared with Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, VMware Carbon Black Endpoint, Check Point Harmony Endpoint and ESET Endpoint Protection Platform, whereas Microsoft Defender for Endpoint is most compared with Intercept X Endpoint, Symantec Endpoint Security, CrowdStrike Falcon, SentinelOne Singularity Complete and Malwarebytes. See our Cisco Secure Endpoint vs. Microsoft Defender for Endpoint report.
See our list of best EPP (Endpoint Protection for Business) vendors and best EDR (Endpoint Detection and Response) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.