Cisco Secure Cloud Analytics [EOL] vs Microsoft Defender for Endpoint comparison

The compared Cisco and Microsoft solutions aren't in the same category. Microsoft is ranked #1 in EPP , with an average rating of 8.3, and holds a 10.4% mindshare. Additionally, 100% of Cisco users are willing to recommend the solution, compared to 94% of Microsoft users who would recommend it.

Cisco Secure Cloud Analytic...

Read 7 Cisco Secure Cloud Analytics [EOL] reviews

100% willing to recommend

Microsoft Defender for Endp...

Read 197 Microsoft Defender for Endpoint reviews

42,032 Views
25,640 Comparison Views

94% willing to recommend

Cisco Secure Cloud Analytic...

Microsoft Defender for Endp...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Secure Cloud Analytics [EOL] and Microsoft Defender for Endpoint based on real PeerSpot user reviews.

Find out what your peers are saying about Darktrace, Check Point Software Technologies, Fortinet and others in Intrusion Detection and Prevention Software (IDPS).

To learn more, read our detailed Intrusion Detection and Prevention Software (IDPS) Report (Updated: June 2025).

Buyer's Guide

Intrusion Detection and Prevention Software (IDPS)

June 2025

Download the complete report

Helped 861,390 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Secure Cloud Analytic...

Average Rating

8.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Microsoft Defender for Endp...

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

197

Ranking in other categories

Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (4th), Anti-Malware Tools (1st), Endpoint Detection and Response (EDR) (3rd), Microsoft Security Suite (4th)

Featured Reviews

Olivier CHAMBELANT

Global Network and Telecommunication Manager at Nemera Development S.A.

Beneficial cloud deployment

Opening a ticket with support can be difficult but once it is open the support does a good job. They want us to provide a lot of information, such as the order number and when it was bought. It takes a long time, they can improve by having a faster response time.

Read full review

Sudhen Swami

Senior Enterprise Architect at MTVH

Easy to update with good protection and a useful cloud portal

We've mainly used it for endpoints. However, we've also used it for DLP as well. We're also in the process of implementing it for cloud and identity as well. However, it's very good for endpoints, and that's our main focus. The malware protection is good. The visibility it provides is very useful. We can combine visibility with wider security features and alerts around malware, misconfiguration, or any other kinds of threats. The cloud portal is quite good. From there, we are able to see alerts and have colleagues review issues and monitor to see if any patterns arise. It's serving us quite well overall. It allows us to look at other items, like application and browser control. It helps us prioritize threats. We have a process in place now where we can review issues and remediate them effectively. We have been able to integrate a variety of Microsoft security products together. We use Azure AD, for example, and we've begun to implement DLP, among other items. We're looking at labeling and tagging and will expand into that soon. Defender has more stringent system requirements than, for example, Check Point. So when we implemented the Check Point Endpoint agent, that solution didn't mind what version of Windows you were using. When we moved to Defender, Defender had certain system prerequisites that had to be met. So we had to make sure that we're on a minimum version of Windows when we're utilizing Office, and Office has to be a particular version as well. It has more stringent system requirements that have to be met before you can implement it. It works natively together with other Microsoft solutions. Once you get more and more of those different components across the environment, then you start to get better visibility. So, rather than having lots of different solutions, you have fewer solutions and a single vendor solution. That way, you start getting into a position where you get better visibility and integration as well. The standardization is good. It's important. It's helping me with monitoring and learning. Updates and upgrades are quite smooth and seamless. Defender helps us automate routine tasks. Quite a lot of Microsoft is straightforward for us now. Previously, we didn't have enough resources and were unable to look at the alerts. Having this in place makes things a lot more straightforward for us. We have both the technology and the people in place now, alongside the process. We do see the benefits in that, and that's why we're continuing our adoption across the estate in terms of client and server as well. It's helping us avoid looking at multiple dashboards and centralized monitoring. We're not fully there yet. We're getting there. While we haven't witnessed time saving yet, once it's fully deployed, it will. By then, we'll have standardized processes across a single solution. We have saved money, however, as we continue to reduce non-Mircosft systems. Since we won't be using various competing technologies, we can save on licensing costs. We've likely so far saved 15%. While it's hard to estimate exactly how much, the solution has helped us decrease time to detection and time to respond.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Monitoring the traffic, making sure you have the visibility."

"It tells you if there is any communication going to command and control servers, or if there is any traffic that violates your internal policy, or if any data hoarding is happening where data is being dumped from your machine to outside of the environment. It provides all such meaningful reports to help you understand what's happening."

"The tool's best feature is its ability to monitor network traffic. It will also inform users whether the traffic generated by a network is legitimate. The tool helps to capture and analyze the network traffic."

"When it comes to scalability, there's no size limit. It varies based on licenses and requirements."

"The product helps me to see malware."

"The logs in Cisco Stealthwatch Cloud are very good when doing the API integration in the team. It is able to give you important information for the correlations."

"Cisco Stealthwatch Cloud is scalable because it is on the cloud."

"Microsoft Defender for Endpoint has significantly impacted our security posture."

"This product is flexible, and it is very easy to get updates from the Microsoft website."

"What I like most is the protection against phishing emails and anti-spam."

"Defender for Endpoint is a robust solution that works well out-of-the-box."

"The solution is highly scalable."

"We use Microsoft Defender for the antivirus."

"Microsoft Defender for Endpoint is beneficial because we are using Microsoft Windows and all the core solutions are made by Microsoft, such as the authentic platform, operating system, and antivirus protection. It is a heterogeneous environment. We had to use third-party solutions before and update everything separately. For example, the policy for antivirus. With Microsoft Defender for Endpoint, when Microsoft Windows receives updates it will update with it. This is one main advantage of this solution."

"Stable endpoint manager, antivirus, and antimalware, with fast technical support and a straightforward setup."

More Microsoft Defender for Endpoint pros

Cons

"The initial setup of Cisco Stealthwatch Cloud is complex."

"The product needs to improve its user-friendliness. It is very tricky and you need to study it before using the standard functionalities."

"When I used to work on it, I just didn't see anything new happening for about a year and a half. Providing newer data and newer reports constantly would help. There should be more classifications and more interesting data."

"The initial setup is a bit complex in terms of deployment and configuration"

"The product's price is high."

"If we migrate these things to an event or send us an email if there is any critical event, I would like to configure these things on the initial launch. Because if a system is compromised, there will be a lot of data movement from one post to another post to the outside. Then, we should also get an alert on email as well. We have since we have integrated these things. But a direct email for critical alerts should be there. So, I would like to enhance the critical event configuration."

"Cisco Stealthwatch Cloud could improve the graphical user interface. It could be a more user-friendly graphical user interface. so that. Not everybody's a cyber security professional, most of the customers that I deal with are not very skilled. The terms that they use in the solution are quite understandable for a normal CIO."

"Its interface can be improved a little bit. We would like to have some sort of centralization. It should have something like a central server that is managing all the other clients. There are solutions from Kaspersky or ESET NOD32 that are really doing this kind of thing currently. We would like to see something similar from Microsoft."

"I wish they would extend the use of the Security Central portal, even for the free option of Defender. Because, as companies grow, it is labor intensive to manage the AV and detection part of it. For companies already subscribed to Office 365, I think this would be a good enhancement."

"The interface isn't necessarily intuitive to a nontechnical person. You can get stuck in the little endpoint security portal. Sometimes, if you uninstall a competitive product, the end user doesn't always know if it's running or if they're protected even though it's silently running. There could be a notification, widget, or something that's resident on the screen for at least a bit, especially if you're doing remote support. You want to talk them through it, but sometimes, we're not allowed to look at the PCs we support."

"It's not quite a mature solution just yet. It needs more time to grow and develop."

"They're in the process of pulling more things together. They can continue with the integrations and provide a better way of seeing the impact of security changes, especially on the endpoint side. Before we actually flip the switch, we should be able to see the impact of security changes on the business or business applications. It would prevent breaking any business applications."

"Microsoft Defender for Endpoint should include better automation that will make it faster to detect the latest threats happening across the world."

"I would like the solution to be able to prevent unauthorized programs from installing and to block unauthorised URLs which is similar to web filtering product."

"The end-user also cannot do some advanced actions on it. It's a little bit complicated for our end-user, so it needs to be simplified."

More Microsoft Defender for Endpoint cons

Pricing and Cost Advice

"The solution is quite expensive."

"Cisco Stealthwatch Cloud is an expensive enterprise solution."

"The price of Cisco Stealthwatch Cloud is expensive."

"We sell this product as part of Office 365 and it is not expensive."

"Everybody would like to see a lower price on everything. The Slovenian market is basically an SME market with clients having up to 100 seat licenses, comprising 90% of the company. They're very price sensitive. So, the price could be cheaper."

"It is free."

"Microsoft Defender is an expensive product in my country."

"It is affordable and comes in the Office 365 bundle."

"The license cost is around $35 per machine, which is not expensive compared to other products."

"The base price for an E5 license, which includes Enterprise Mobility + Security E5, is $57 per user per month."

"The license for Microsoft Defender for Endpoint is included in the license for the Microsoft Windows operating system."

More Microsoft Defender for Endpoint pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

861,390 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

36%

Financial Services Firm

10%

Government

University

Computer Software Company

13%

Educational Organization

11%

Government

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cisco Stealthwatch Cloud?

When it comes to scalability, there's no size limit. It varies based on licenses and requirements.

See all answers

What needs improvement with Cisco Stealthwatch Cloud?

There are two areas of improvement. Firstly, extend the log retrieval limit to at least three months. For example, there is a limit on the number of log messages that can be received. So, I would l...

See all answers

What is your primary use case for Cisco Stealthwatch Cloud?

We are using Cisco Secure Cloud Analytics, also known as Cisco's WatchCloud, to monitor user activity in the cloud. Specifically, we are looking for users who are uploading or downloading data beyo...

See all answers

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...

See all answers

Which offers better endpoint security - Symantec or Microsoft Defender?

We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...

See all answers

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

See all answers

Comparisons

No data available

CrowdStrike Falcon vs Microsoft Defender for Endpoint

Compared 6% of the time

HP Wolf Security vs Microsoft Defender for Endpoint

Compared 5% of the time

F-Secure Total vs Microsoft Defender for Endpoint

Compared 5% of the time

Trellix Endpoint Security Platform vs Microsoft Defender for Endpoint

Compared 4% of the time

Symantec Endpoint Security vs Microsoft Defender for Endpoint

Compared 4% of the time

More Microsoft Defender for Endpoint Competitors

Product Reports

Buyer's Guide

Cisco Secure Cloud Analytics [EOL]

July 2025

Cisco Secure Cloud Analytics [EOL] report

Download Cisco Secure Cloud Analytics [EOL] product report

Buyer's Guide

Microsoft Defender for Endpoint

June 2025

Download Microsoft Defender for Endpoint product report

Also Known As

Cisco Stealthwatch Cloud, Observable Networks

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus

Interactive Demo

Demo not available

Cisco

Microsoft

Overview

Cisco Secure Cloud Analytics is a cloud-based security solution that provides visibility and threat detection for cloud environments. It offers software mapping and automation for incident response, forensic analysis, and segmentation of IT architecture. The solution can be used on-premise or on the cloud and is used in various sectors such as insurance and government.

The logs in Cisco Secure Cloud Analytics are valuable for API integration in a team as they provide important information for correlations. The solution also offers automated incident response and integration with next-generation firewalls and antivirus solutions."

Cisco

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft

Sample Customers

Options, Schneider Electric, Washington University in St Louis, Gotcha, Kraft Kennedy, PartnerRe, Sumologic, Veterans United, AFGE, Agraform, Artesys, Dynamic Ideas Financials, Department of Agriculture and Commerce

Petrofrac, Metro CSG, Christus Health

Buyer's Guide

Intrusion Detection and Prevention Software (IDPS)

June 2025

Download Free Report

Find out what your peers are saying about Darktrace, Check Point Software Technologies, Fortinet and others in Intrusion Detection and Prevention Software (IDPS). Updated: June 2025.

DOWNLOAD NOW

861,390 professionals have used our research since 2012.

We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.