Try our new research platform with insights from 80,000+ expert users

Cisco Secure Endpoint vs Microsoft Defender for Endpoint comparison

Cisco and Microsoft are both solutions in the Endpoint Protection Platform (EPP) category. Cisco is ranked #12 with an average rating of 8.4, while Microsoft is ranked #1 with an average rating of 8.3. Cisco holds a 1.7% mindshare in EPP, compared to Microsoft’s 13.0% mindshare. Additionally, 96% of Cisco users are willing to recommend the solution, compared to 94% of Microsoft users who would recommend it.
Cisco Secure Endpoint
Read 47 Cisco Secure Endpoint reviews
  • 9,149 Views
  • 5,234 Comparison Views
96% willing to recommend
Microsoft Defender for Endp...
Read 184 Microsoft Defender for Endpoint reviews
  • 52,442 Views
  • 41,277 Comparison Views
94% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Aug 2, 2022

We performed a comparison between Cisco Secure Endpoint vs Microsoft Defender for Endpoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of Cisco Secure Endpoint say that the deployment is straightforward. Users of Microsoft Defender For Endpoint share mixed reviews. Some consider it to be easy while others say it is complex.
  • Features: Users of both solutions are happy with the products’ stability and scalability.

    Users of Cisco Secure Endpoint like the solution’s Device Trajectory, its central management console, and its actionable alerts. They would like to see improvements made to the dashboard, fewer false positives, and more data provided by the endpoint agent.

    Users of Microsoft Defender For Endpoint like the solution’s data leak prevention, its attack surface reduction controls, and its Automated Investigation and Response feature. Users would like to see more customization when it comes to integration, a better GUI, and improved monitoring.
  • Pricing: Users of both solutions say the pricing is reasonable.
  • Service and Support: Users of Cisco Secure Endpoint are satisfied with the technical support they receive. Users of Microsoft Defender For Endpoint feel that service and support are just average.
  • ROI: Users of both solutions report an ROI.

Comparison Results: Cisco Secure Endpoint received more favorable ratings in every comparison category.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cisco Secure Endpoint vs. Microsoft Defender for Endpoint Report (Updated: August 2024).
Buyer's Guide
Cisco Secure Endpoint vs. Microsoft Defender for Endpoint
August 2024
Download the complete report
Helped 798,889 peers since 2012
 

Categories and Ranking

Cisco Secure Endpoint
Ranking in Endpoint Protection Platform (EPP)
12th
Ranking in Endpoint Detection and Response (EDR)
9th
Average Rating
8.6
Number of Reviews
47
Ranking in other categories
Cisco Security Portfolio (6th)
Microsoft Defender for Endp...
Ranking in Endpoint Protection Platform (EPP)
1st
Ranking in Endpoint Detection and Response (EDR)
1st
Average Rating
8.0
Number of Reviews
184
Ranking in other categories
Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Microsoft Security Suite (6th)
 

Mindshare comparison

As of August 2024, in the Endpoint Protection Platform (EPP) category, the mindshare of Cisco Secure Endpoint is 1.7%, down from 2.1% compared to the previous year. The mindshare of Microsoft Defender for Endpoint is 13.0%, down from 16.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

JG
Jun 15, 2023
Streamlines security policy creation and saves a lot of time in identifying threats
The most valuable feature is being able to push a policy. Whenever we update a corporate policy, we update it in one place, push it down, and it updates the policy on every laptop. Secure Endpoint is good for creating actionable alerts so we can detect and remediate threats. If somebody does get infected, we don't have to wait for them to say, "Oh, I can't use my email." We immediately know about it. We would absolutely know about the problem before the person did. That was our biggest impact. Secure Endpoint decreased our time to remediation. Where it used to take us a month to find out that something is infected, we now know that same day, as soon it is infected. Cisco Secure Endpoint has helped improve our cybersecurity resilience. We only have about two IT guys. So it just makes them better at what they do. It saves them time, so they can focus on other things. It saves them time so they can focus on other tasks.
Read full review
SimonThornton - PeerSpot reviewer
Jul 17, 2022
Provides good visibility and is fairly easy to set up within one tenant, but doesn't support multitenancy and is not as capable as other solutions
The catch with ATP is you have to have the right Microsoft license. The licensing of ATP is linked to the licensing of Office 365. You have to have an E3 or an E5 license. If you have a small office license, it is not possible for you. Another challenge is that it is not a multi-tenant solution. Microsoft's tenant is a licensed tenant. I'm an MSSP. So, I have multiple customers. In Microsoft's world, that means that I can't just buy an E5 license and give that out to all my customers. That won't work because all of the customer data resides within a single tenant in Microsoft's world. Other products—such as SentinelOne, Palo Alto Cortex, CrowdStrike, et cetera—are multi-tenant. So, I can have it at the top of the pyramid for my analyst to look into it and see all the customers, but each customer's data is separate. If the customer wants to look at what we see, they would only see their data, whereas in the Microsoft world, if I've got multiple customers connected to the same Microsoft tenant, they would see everybody else's data, which is a privacy problem in Europe. It is not possible to share the data, and it is a breach of privacy. So, the licensing and the privacy aspect makes it problematic in some situations. It is also very complicated. If you decide to outsource your monitoring through an MSSP, the model for allowing the MSSP to connect to your Defender cloud is very complicated. In Office 365, it is relatively simple, but because of the way it has been done in Defender—because Defender is not part of the same cloud—it is a mess. It is possible, and it is workable, but it is probably one of the most complicated integrations we do. It is still clunky as compared to products like Cisco AMP, SentinelOne, and CrowdStrike. Microsoft took the Defender product, and they bolted on the extra features, but you can see that there are different development teams working on it. Some features are well integrated, and some features are not. They keep on improving it, and it is better than it was. It is better than an unmanaged solution, but it is far from perfect.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"It's quite simple, and the advantage I see is that I get the trajectory of what happened inside the network, how a file has been transmitted to the workstation, and which files have got corrupted."
"If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that."
"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."
"The console feature gives a centralized management of what's going on, and if something happens, it gives you an alert. So, that's the most important feature for me."
"The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."
"The most valuable features of this solution are the IPS and the integration with ISE."
"I am really satisfied with the technical support."
More Cisco Secure Endpoint pros
"I enjoy using the live response feature, which allows me to remotely access different endpoints and investigate malicious files, such as malware that people may have downloaded, and other related issues."
"Auto-remediation: When the product sees malware, it resolves the issue immediately. This protects the machine."
"In terms of the installation, ease of use, and user interface, Defender has been great so far."
"We found that because the endpoint devices are based on Microsoft Windows devices and Windows Defender is integrated with the foundation and the core layer, it makes it more integrated and more agile in terms of responding to any security threats or changes or development"
"We had Norton Antivirus before, and with Norton, we didn't have a way to centrally manage a lot of features. Defender allowed us to deploy it from our Office 365 admin console. That is probably the biggest thing that made us go with Defender."
"The solution provides protections and reports about strange behavior and automatically blocks some of it. I love the way that statuses are represented."
"File protection is the most valuable feature. Antivirus security on the Level OS, Microsoft Defender, and Microsoft Guard for 2019."
"Defender is a part of Windows; you just need to enable it. There is no need to install anything."
More Microsoft Defender for Endpoint pros
 

Cons

"The technical support is very slow."
"Cisco Meraki could benefit from AI assistance or intelligent assistance features. Compared to competitors like Juniper, Cisco Meraki currently lacks a digital network assistant, which is an area Cisco is reportedly working on."
"One of the things that Cisco Secure Endpoint really needs is that it's not just Secure Endpoint, it's a point product, and I think we really need to move into solution-based selling, designing, and architecting. So that we're not worried about putting things on endpoints and selling 'x' amount of endpoints, but to provide a solution that covers all of the remote access and sell them as solutions that cover multiple things."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number."
"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."
"It does not include encryption and decryption of local file shares."
"The product does not provide options like tunnel creation or virtual appliances."
More Cisco Secure Endpoint cons
"I would like the solution to be able to prevent unauthorized programs from installing and to block unauthorised URLs which is similar to web filtering product."
"The solution can be more user-friendly."
"There is a lot of information to take in, and the portals tend to change quickly due to the fast-paced nature of the industry."
"I would like to see better integration with their other security products to give better visibility from a higher level."
"Defender is free for one year. Once that year is over, we will switch to Kaspersky."
"The file scanning has room for improvement. Many people use macros within their files, so there should be a mechanism that helps us to scan them for malicious payloads."
"Other vendors provide a lot of customization when it comes to integration, which every big organization requires. No big organization depends on one particular tool. Defender lacks that at this point."
"I wish they would extend the use of the Security Central portal, even for the free option of Defender. Because, as companies grow, it is labor intensive to manage the AV and detection part of it. For companies already subscribed to Office 365, I think this would be a good enhancement."
More Microsoft Defender for Endpoint cons
 

Pricing and Cost Advice

"I rate the pricing a five or six on a scale of one to ten, where one is expensive, and ten is cheap."
"...the licensing needs to be improved. All the product features we need are there. It's just a matter of the complexity and the different offerings and trying to figure things out."
"My company does make annual payments towards the licensing costs of the solution. Cisco Secure Endpoint is a little bit expensive."
"We can know if something bad is potentially happening instantaneously and prevent it from happening. We can go to a device and isolate it before it infects other devices. In our environment, that's millions of dollars saved in a matter of seconds."
"It is an expensive solution."
"The price is very fair to the customer."
"It can always be cheaper."
"Cisco's pricing is reasonable. We also do not need to opt for niche players, which would have charged us significantly more than Cisco for ecosystem solutions. We are highly satisfied with the pricing structure of Cisco's solutions they are reasonable."
More Cisco Secure Endpoint pricing and cost advice
"The solution comes as a part of Windows 10 and it is covered under its license."
"The solution is free."
"It is an expensive solution. It would be nice if it could be included with the Microsoft Office package."
"You don't need to worry about the renewal and purchase of antivirus products. It is bundled with Windows 10, so you don't need to worry about separately purchasing any antiviruses."
"The solution is free with Windows."
"As we operate in the educational sector, we are eligible for an educational discount."
"The nice thing about Defender and Sentinel is that the cost is based on the data logs that you ingest from the Defender endpoints and data connectors. I don't have to buy a 25- or 50- or 1,000-user or enterprise license. I can buy one license at a time."
"The pricing is competitive."
More Microsoft Defender for Endpoint pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
798,889 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Government
9%
Financial Services Firm
8%
Manufacturing Company
8%
Educational Organization
24%
Computer Software Company
13%
Government
8%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Cisco Secure Endpoint?
The product's initial setup phase was very simple.
See all answers
What is your experience regarding pricing and costs for Cisco Secure Endpoint?
It is an expensive solution.
See all answers
What needs improvement with Cisco Secure Endpoint?
Cisco Secure Endpoint is an expensive solution.
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
See all answers
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
See all answers
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
See all answers
 

Comparisons

CrowdStrike Falcon vs Cisco Secure Endpoint Logo
CrowdStrike Falcon vs Cisco Secure Endpoint
Compared 11% of the time
Cortex XDR by Palo Alto Networks vs Cisco Secure Endpoint Logo
Cortex XDR by Palo Alto Networks vs Cisco Secure Endpoint
Compared 9% of the time
Check Point Harmony Endpoint vs Cisco Secure Endpoint Logo
Check Point Harmony Endpoint vs Cisco Secure Endpoint
Compared 6% of the time
VMware Carbon Black Endpoint vs Cisco Secure Endpoint Logo
VMware Carbon Black Endpoint vs Cisco Secure Endpoint
Compared 4% of the time
Fortinet FortiEDR vs Cisco Secure Endpoint Logo
Fortinet FortiEDR vs Cisco Secure Endpoint
Compared 4% of the time
More Cisco Secure Endpoint Competitors
Symantec Endpoint Security vs Microsoft Defender for Endpoint Logo
Symantec Endpoint Security vs Microsoft Defender for Endpoint
Compared 7% of the time
CrowdStrike Falcon vs Microsoft Defender for Endpoint Logo
CrowdStrike Falcon vs Microsoft Defender for Endpoint
Compared 6% of the time
Cortex XDR by Palo Alto Networks vs Microsoft Defender for Endpoint Logo
Cortex XDR by Palo Alto Networks vs Microsoft Defender for Endpoint
Compared 5% of the time
Intercept X Endpoint vs Microsoft Defender for Endpoint Logo
Intercept X Endpoint vs Microsoft Defender for Endpoint
Compared 5% of the time
Trellix Endpoint Security vs Microsoft Defender for Endpoint Logo
Trellix Endpoint Security vs Microsoft Defender for Endpoint
Compared 5% of the time
More Microsoft Defender for Endpoint Competitors
 

Product Reports

Buyer's Guide
Cisco Secure Endpoint
August 2024
Cisco Secure Endpoint reportDownload Cisco Secure Endpoint product report
Buyer's Guide
Microsoft Defender for Endpoint
August 2024
Microsoft Defender for Endpoint reportDownload Microsoft Defender for Endpoint product report
 

Also Known As

Cisco AMP for Endpoints
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
 

Learn More

Video not available
Cisco
Microsoft
 

Interactive Demo

Demo not available
Cisco
Microsoft
 

Overview

Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities. Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.

Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.

Reviews from Real Users

Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.

Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."

Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

 

Sample Customers

Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
Petrofrac, Metro CSG, Christus Health
Buyer's Guide
Cisco Secure Endpoint vs. Microsoft Defender for Endpoint
August 2024
Free Report: Cisco Secure Endpoint vs. Microsoft Defender for Endpoint
Find out what your peers are saying about Cisco Secure Endpoint vs. Microsoft Defender for Endpoint and other solutions. Updated: August 2024.
DOWNLOAD NOW
798,889 professionals have used our research since 2012.
See our Cisco Secure Endpoint vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.