We performed a comparison between Cisco Secure Endpoint vs Microsoft Defender for Endpoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Cisco Secure Endpoint received more favorable ratings in every comparison category.
"Forensics is a valuable feature of Fortinet FortiEDR."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"It is stable and scalable."
"The stability is very good."
"One of the best features of AMP is its cloud feature. It doesn't matter where the device is in regards to whether it's inside or outside of your network environment, especially right now when everybody's remote and taken their laptops home. You don't have to be VPNed into the environment for AMP to work. AMP will work anywhere in the world, as long as it has an Internet connection. You get protection and reporting with it. No matter where the device is, AMP has still got coverage on it and is protecting it. You still have the ability to manage and remediate things. The cloud feature is the magic bullet. This is what makes the solution a valuable tool as far as I'm concerned."
"The console feature gives a centralized management of what's going on, and if something happens, it gives you an alert. So, that's the most important feature for me."
"The product itself is pretty reliable. The security features that it has make it reliable."
"It used to take us a month to find out that something is infected, we now know that same day, as soon it is infected."
"The most valuable feature of the solution is its technical support."
"Real-time threat prevention using sandboxing, file trajectory, and retrospective security."
"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"Its most valuable features are its scalability and advanced threat protection for customers."
"The virus scanning capability is excellent, and it feeds all the logs into the Microsoft 365 Defender portal, making them easy to search for."
"Defender's analytics are much better than CrowdStrike's."
"The detection features are valuable, as is the fact that it is easier to port these logs into Sentinel. That is also useful for us. It is more comprehensive."
"The best part is that it is built into Windows, whether it is a server base or a desktop base, which gives more control over the operating system. Because Defender, the operating system, and the Office solution are by Microsoft, everything is working like hand-in-glove. Its administrative overhead is less because a desktop user has already got some experience of how to handle a Microsoft Defender notification or administer it."
"We found that because the endpoint devices are based on Microsoft Windows devices and Windows Defender is integrated with the foundation and the core layer, it makes it more integrated and more agile in terms of responding to any security threats or changes or development"
"What I found most valuable in Microsoft Defender for Endpoint is that it's out-of-the-box, which brings more value to the customer. The technical support for the product is also one of the best parts, because it's good, in terms of the product knowledge of the technical engineers."
"The threat hunting service is very useful for a security professional."
"It's great for investigating what's happening on a machine. They show a whole bunch of machine timeline events that are related to a security incident. They have quite good details on the things related to threat and vulnerability management, such as any weakness that has been disclosed publicly, assets that are exposed, and if there is an exploit active in the wild for that vulnerability. It can provide you with all such information, which is cool."
"ZTNA can improve latency."
"Cannot be used on mobile devices with a secure connection."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"Detections could be improved."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"In terms of the user experience, if the UX design could be much simpler [that would improve things]... if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something."
"I would like to see integration with Cisco Analytics."
"The product does not provide options like tunnel creation or virtual appliances."
"It's pretty good as it is, but its cost could be improved."
"We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints."
"I would like them to add whatever makes filtering more advanced in scanning and blocking for malware in emails."
"The technical support is very slow."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"It is inexpensive but could be cheaper like anything else."
"There's a lot of manual effort involved to configure what we need."
"On the Mac OS platform, there is no parity between Windows and Mac OS. The solution is very feature-rich and very well-integrated into Windows, and I guess baked into Windows 10 and Windows 11. Whereas, on the Mac OS platform, there is still some work there to give it a more feature-reach platform."
"Its price could be better."
"The integration and effectiveness of email security could be better. It's already built-in to the solution and checks emails, scans the links they contain etc."
"Microsoft Defender for Endpoint can improve by making the reporting faster. It takes some time to reflect back to the administration portal of what has been updated. For example, out of 100 Computers, approximately 90 computers received updates, but when you check the administration portal over one or two days, you will only see 75, even though 90 were updated."
"The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices."
"From an audit point of view, our auditors would like to have more reports on how things are used, if things go wrong, and how they went wrong. For example, if something got a warning, "Why?" So, we would like more versatility for tracing and reporting. That would improve the product, as long as the user interface doesn't get bogged down."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Cisco Secure Endpoint is ranked 9th in Endpoint Protection Platform (EPP) with 44 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Cisco Secure Endpoint is rated 8.6, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Cisco Secure Endpoint writes "Single dashboard management, quick infrastructure threat detection, and high level support". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Cisco Secure Endpoint is most compared with Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Check Point Harmony Endpoint, VMware Carbon Black Endpoint and Cisco Umbrella, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune. See our Cisco Secure Endpoint vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.