Cisco Secure Cloud Analytics [EOL] vs Microsoft Defender for Endpoint comparison

Intrusion Detection and Prevention Software (IDPS)

Download the complete report

Helped 860,168 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Secure Cloud Analytic...

Average Rating

8.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Microsoft Defender for Endp...

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

197

Ranking in other categories

Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (4th), Anti-Malware Tools (1st), Endpoint Detection and Response (EDR) (3rd), Microsoft Security Suite (4th)

Featured Reviews

Olivier CHAMBELANT

Global Network and Telecommunication Manager at Nemera Development S.A.

Beneficial cloud deployment

Opening a ticket with support can be difficult but once it is open the support does a good job. They want us to provide a lot of information, such as the order number and when it was bought. It takes a long time, they can improve by having a faster response time.

Read full review

Sudhen Swami

Senior Enterprise Architect at MTVH

Easy to update with good protection and a useful cloud portal

We've mainly used it for endpoints. However, we've also used it for DLP as well. We're also in the process of implementing it for cloud and identity as well. However, it's very good for endpoints, and that's our main focus. The malware protection is good. The visibility it provides is very useful. We can combine visibility with wider security features and alerts around malware, misconfiguration, or any other kinds of threats. The cloud portal is quite good. From there, we are able to see alerts and have colleagues review issues and monitor to see if any patterns arise. It's serving us quite well overall. It allows us to look at other items, like application and browser control. It helps us prioritize threats. We have a process in place now where we can review issues and remediate them effectively. We have been able to integrate a variety of Microsoft security products together. We use Azure AD, for example, and we've begun to implement DLP, among other items. We're looking at labeling and tagging and will expand into that soon. Defender has more stringent system requirements than, for example, Check Point. So when we implemented the Check Point Endpoint agent, that solution didn't mind what version of Windows you were using. When we moved to Defender, Defender had certain system prerequisites that had to be met. So we had to make sure that we're on a minimum version of Windows when we're utilizing Office, and Office has to be a particular version as well. It has more stringent system requirements that have to be met before you can implement it. It works natively together with other Microsoft solutions. Once you get more and more of those different components across the environment, then you start to get better visibility. So, rather than having lots of different solutions, you have fewer solutions and a single vendor solution. That way, you start getting into a position where you get better visibility and integration as well. The standardization is good. It's important. It's helping me with monitoring and learning. Updates and upgrades are quite smooth and seamless. Defender helps us automate routine tasks. Quite a lot of Microsoft is straightforward for us now. Previously, we didn't have enough resources and were unable to look at the alerts. Having this in place makes things a lot more straightforward for us. We have both the technology and the people in place now, alongside the process. We do see the benefits in that, and that's why we're continuing our adoption across the estate in terms of client and server as well. It's helping us avoid looking at multiple dashboards and centralized monitoring. We're not fully there yet. We're getting there. While we haven't witnessed time saving yet, once it's fully deployed, it will. By then, we'll have standardized processes across a single solution. We have saved money, however, as we continue to reduce non-Mircosft systems. Since we won't be using various competing technologies, we can save on licensing costs. We've likely so far saved 15%. While it's hard to estimate exactly how much, the solution has helped us decrease time to detection and time to respond.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Monitoring the traffic, making sure you have the visibility."

"Cisco Stealthwatch Cloud is scalable because it is on the cloud."

"The logs in Cisco Stealthwatch Cloud are very good when doing the API integration in the team. It is able to give you important information for the correlations."

"It tells you if there is any communication going to command and control servers, or if there is any traffic that violates your internal policy, or if any data hoarding is happening where data is being dumped from your machine to outside of the environment. It provides all such meaningful reports to help you understand what's happening."

"The tool's best feature is its ability to monitor network traffic. It will also inform users whether the traffic generated by a network is legitimate. The tool helps to capture and analyze the network traffic."

"When it comes to scalability, there's no size limit. It varies based on licenses and requirements."

"The product helps me to see malware."

"It's not really visible for the user - which is a benefit."

"Investigators can trace back to find the root cause."

"It is stable and very easy to use."

"The visibility into threats that the solution provides is pretty awesome... This is something that makes me think, "Wow, okay. If I had my own organization, I would probably get this too." It stops the threat before an employee gets phished or something gets downloaded to their computer."

"Microsoft Defender is always running. It is doing its job, so it is fine. I don't have any issues with the way it was implemented or how we are running it. We have been upgrading IT throughout the years, but there have been no issues."

"Microsoft Defender for Endpoint's WCS function, a content filtering solution, has proven to be the most useful, stable, and reliable option for our current needs."

"The best feature is the fact that for certain mobiles you can control your corporate profiles versus your personal profiles. That is amazingly important. Apple just supported the separation of corporate and personal profiles, whereas Android has been doing that for quite some time... Because Android supports that, if an Android phone is lost or stolen, I can wipe out all the corporate-related information from that phone and not touch the personal side. I can separate the apps and I can separate the ability to cut and paste between apps."

"Overall, I recommend Microsoft Defender for Endpoint due to its features and capabilities, which cover more loopholes than other EDR solutions."

More Microsoft Defender for Endpoint pros

Cons

"If we migrate these things to an event or send us an email if there is any critical event, I would like to configure these things on the initial launch. Because if a system is compromised, there will be a lot of data movement from one post to another post to the outside. Then, we should also get an alert on email as well. We have since we have integrated these things. But a direct email for critical alerts should be there. So, I would like to enhance the critical event configuration."

"The initial setup of Cisco Stealthwatch Cloud is complex."

"The initial setup is a bit complex in terms of deployment and configuration"

"The product's price is high."

"The product needs to improve its user-friendliness. It is very tricky and you need to study it before using the standard functionalities."

"Cisco Stealthwatch Cloud could improve the graphical user interface. It could be a more user-friendly graphical user interface. so that. Not everybody's a cyber security professional, most of the customers that I deal with are not very skilled. The terms that they use in the solution are quite understandable for a normal CIO."

"When I used to work on it, I just didn't see anything new happening for about a year and a half. Providing newer data and newer reports constantly would help. There should be more classifications and more interesting data."

"Right now, the solution provides some recommendations on the dashboard but we don't have any priorities. It's a mix of all the vulnerabilities and all the security recommendations. I would like to see some priority or categorization of high, medium, and low so that we can fix the high ones first."

"With increase of cyber threats and cybersecurity issues, I would recommend that the product be developed like an AI product with more features which can counter any threat in the coming eras."

"The product itself does not necessarily need improvement, but the support and implementation of the product are the disaster cases."

"The file scanning has room for improvement. Many people use macros within their files, so there should be a mechanism that helps us to scan them for malicious payloads."

"A concern is ransomware, whether people can penetrate and encrypt my data or steal my credit card/banking information."

"If the solution could be integrated more with Defender for Cloud, to be more unified, that would help. It is good now, but even more integration could be done with Defender for Cloud. We see two different portals. If Defender for Endpoint could be ported to the CSPM, Defender for Cloud, that would make things even easier for us."

"Microsoft should improve support for third-party platforms, because not all functionality is available for all of them. It's a good product, but they should just extend the functionality for all platforms."

"There are alternative solutions that offer a greater range of dashboard insights when compared to Microsoft Defender for Endpoint."

More Microsoft Defender for Endpoint cons

Pricing and Cost Advice

"The price of Cisco Stealthwatch Cloud is expensive."

"Cisco Stealthwatch Cloud is an expensive enterprise solution."

"The solution is quite expensive."

"The solution is an open source version and was free with a paid version of Windows 10."

"The subscription is part of Windows, so we don't have to pay anything extra for this product."

"The solution is free."

"The solutions price could be cheaper."

"Compared to ESET, the pricing for Microsoft Defender for Endpoint is on the higher side."

"The nice thing about Defender and Sentinel is that the cost is based on the data logs that you ingest from the Defender endpoints and data connectors. I don't have to buy a 25- or 50- or 1,000-user or enterprise license. I can buy one license at a time."

"Licensing fees are paid annually through a partner."

"The solution comes as part of Microsoft Windows."

More Microsoft Defender for Endpoint pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

860,168 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

35%

Financial Services Firm

10%

Government

University

Educational Organization

14%

Computer Software Company

13%

Government

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cisco Stealthwatch Cloud?

When it comes to scalability, there's no size limit. It varies based on licenses and requirements.

What needs improvement with Cisco Stealthwatch Cloud?

There are two areas of improvement. Firstly, extend the log retrieval limit to at least three months. For example, there is a limit on the number of log messages that can be received. So, I would l...

What is your primary use case for Cisco Stealthwatch Cloud?

We are using Cisco Secure Cloud Analytics, also known as Cisco's WatchCloud, to monitor user activity in the cloud. Specifically, we are looking for users who are uploading or downloading data beyo...

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...

Which offers better endpoint security - Symantec or Microsoft Defender?

We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

CrowdStrike Falcon vs Microsoft Defender for Endpoint

Comparisons

No data available

Compared 6% of the time

HP Wolf Security vs Microsoft Defender for Endpoint

Compared 5% of the time

F-Secure Total vs Microsoft Defender for Endpoint

Compared 5% of the time

Trellix Endpoint Security Platform vs Microsoft Defender for Endpoint

Compared 4% of the time

Symantec Endpoint Security vs Microsoft Defender for Endpoint

Compared 4% of the time

More Microsoft Defender for Endpoint Competitors

Product Reports

Cisco Secure Cloud Analytics [EOL]

Download Cisco Secure Cloud Analytics [EOL] product report

Cisco Secure Cloud Analytics [EOL] report

Microsoft Defender for Endpoint

Download Microsoft Defender for Endpoint product report

Also Known As

Cisco Stealthwatch Cloud, Observable Networks

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus

Interactive Demo

Demo not available

Cisco

Microsoft

Overview

Cisco Secure Cloud Analytics is a cloud-based security solution that provides visibility and threat detection for cloud environments. It offers software mapping and automation for incident response, forensic analysis, and segmentation of IT architecture. The solution can be used on-premise or on the cloud and is used in various sectors such as insurance and government.

The logs in Cisco Secure Cloud Analytics are valuable for API integration in a team as they provide important information for correlations. The solution also offers automated incident response and integration with next-generation firewalls and antivirus solutions."

Cisco

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft

Sample Customers

Options, Schneider Electric, Washington University in St Louis, Gotcha, Kraft Kennedy, PartnerRe, Sumologic, Veterans United, AFGE, Agraform, Artesys, Dynamic Ideas Financials, Department of Agriculture and Commerce

Petrofrac, Metro CSG, Christus Health

Intrusion Detection and Prevention Software (IDPS)