No more typing reviews! Try our Samantha, our new voice AI agent.

Cisco Secure Endpoint vs CompassOne by Blackpoint Cyber comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 15, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Cisco Secure Endpoint
Ranking in Endpoint Detection and Response (EDR)
26th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
49
Ranking in other categories
Endpoint Protection Platform (EPP) (29th), Cisco Security Portfolio (8th)
CompassOne by Blackpoint Cyber
Ranking in Endpoint Detection and Response (EDR)
39th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
5
Ranking in other categories
Security Information and Event Management (SIEM) (37th), Vulnerability Management (47th), Application Control (10th), Managed Detection and Response (MDR) (11th), Identity Threat Detection and Response (ITDR) (14th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Cisco Secure Endpoint is 1.3%, down from 1.6% compared to the previous year. The mindshare of CompassOne by Blackpoint Cyber is 0.8%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Cisco Secure Endpoint1.3%
CompassOne by Blackpoint Cyber0.8%
Other94.3%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
JavedHashmi - PeerSpot reviewer
Chief Technology Officer at Future Point Technologies
Reliable threat protection is achieved while integration and analysis capabilities need refinement
Cisco Secure Endpoint is very good in machine learning, which allows it to secure offline contents even if not connected to the internet. We haven't encountered a single breach after it's deployed. It controls USB devices and has a separate antivirus solution called Tetra, providing security even for real-time, day-zero attacks through its strong Talos threat intelligence platform.
Gary Herbstman - PeerSpot reviewer
Owner at Byte Solutions Inc.
Experienced reduced alert fatigue with streamlined notifications
We use Blackpoint Cyber MDR for our higher-end clients who need a higher level of control over security I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real. This feature ensures that I am notified only…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution's most valuable feature is the user interface."
"It blocks malicious files, prevents attacks, and doesn't require many updates because it is a very light application."
"Cortex is the best solution for avoiding security breaches, malware attacks, and other kinds of security issues."
"On a scale from one to ten, I would rate Cortex XDR by Palo Alto Networks a nine."
"Stability-wise, it is good; I did not hear about any issues in terms of stability, and Cortex XDR by Palo Alto Networks can be trusted completely."
"Overall, it's a great platform; it integrates very well with other solutions from Palo Alto and also with our vendors, the ease of use is excellent, I love the root cause analysis from Cortex, which is amazing, and in a few clicks you can have the full root cause."
"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"Cortex covers everything I need. It's a perfect solution. Cortex provides a different level of visibility because it's an extended EDR, allowing you to grab logs from the network and firewalls. Palo Alto invented the concept of the extended EDR or XDR."
"One of the best features of AMP is its cloud feature; it doesn't matter where the device is in regards to whether it's inside or outside of your network environment, especially right now when everybody's remote and taking their laptops home, because you don't have to be VPNed into the environment for AMP to work and AMP will work anywhere in the world as long as it has an Internet connection, giving you protection and reporting so no matter where the device is, AMP has still got coverage on it and is protecting it while you still have the ability to manage and remediate things, making the cloud feature the magic bullet and what makes the solution a valuable tool as far as I'm concerned."
"It is reasonably easy to remediate issues using Cisco Secure Endpoint, in part because I don't have to visit the physical machines to remediate them, and as such, the time it takes for remediation has been decreased."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"The integration with other Cisco products seemed to be really effective. We had Umbrella in place and we were using AnyConnect as well as Firepower. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"With Cisco AMP, Threat Response, and Orbital, we are 100 percent certain that we got every trace of malicious software."
"The solution is easy to deploy and applies multi-factor authentication."
"If you are looking for a long term security solution, this particular solution is going to add value to your cybersecurity strategy."
"On a scale from one to ten, I would rate the overall solution as a ten."
"Their SOC is phenomenal in not monitoring and responding and taking action."
"On my end, the most valuable feature of this solution is that I can install it and forget about it. After that, their SOC team takes over and they only call me when there's a problem."
"The solution also watches over Microsoft 365 and keeps a copy of logs."
"The solution is all encompassing and can incorporate email monitoring."
"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."
 

Cons

"Managing the product should be easier."
"Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats."
"The encryption is not up to the mark."
"The main issue I could point out is the offline agents and the way that it is missing."
"The setup is quite easy. We had appropriate support from the manager. One thing that was missing was the integration part."
"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."
"To jump from the partner to Palo Alto directly was challenging."
"There are some limitations on the Traps agents."
"The initial setup of Cisco Secure Endpoint is complex."
"The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers, and we didn't find a fix during troubleshooting, and Cisco couldn't offer one either."
"Cisco is good in terms of threat intelligence plus machine learning-based solutions, but we feel Cisco is lagging behind in using artificial intelligence in its systems."
"The reporting and analytics areas of the solution need to be improved."
"Integration and dashboard are areas with certain shortcomings in Cisco Secure Endpoint."
"The reporting and the need for the documentation to be updated and current would be my two biggest areas of complaint."
"We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints."
"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."
"Some texts seem to report items as normal too quickly."
"The feature we keep asking for is a vulnerability scan."
"The solution does not tie into other EDR products like CyberArk or CrowdStrike but that might be more useful."
"The interface could be more intuitive."
"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."
"The interface could be more intuitive. More transparency is needed in the interface as a lot of details are hidden behind the scenes, making them difficult or impossible to access."
 

Pricing and Cost Advice

"This is an expensive solution."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"The pricing is a little bit on the expensive side."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"The price was fine."
"I don't have any issues with the pricing. We are satisfied with the price."
"I feel it is fairly priced."
"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"The visibility that we have into the endpoint and the forensics that we're able to collect give us value for the price. This is not an overly expensive solution, considering all the things that are provided. You get great performance and value for the cost."
"There are a couple of different consumption models: Pay up front, or if you have an enterprise agreement, you can do a monthly thing. Check your licensing possibilities and see what's best for your organization."
"It is quite cost-effective. I would rate it ten out of ten."
"The solution's price is about the same as that of Palo Alto solutions."
"We have a license for 3,000 users and if we get up to 3,100 users, it doesn't stop working, but on the next renewal date you're supposed to go in there and add that extra 100 licenses. It's really good that they let you grow and expand and then pay for it. Sometimes, with other products, you overuse a license and they just don't work."
"​Pricing can be more expensive than similar software that does less functionality, but not recognized by customers.​"
"Licensing fees are on a yearly basis and I am happy with the pricing."
"Because we do see the value of what it's bringing, I think they have priced it well."
"The pricing is in line with other products."
"The pricing is reasonable."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Manufacturing Company
10%
Financial Services Firm
8%
Construction Company
7%
Government
7%
Computer Software Company
10%
Financial Services Firm
9%
Outsourcing Company
7%
Healthcare Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise15
Large Enterprise21
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Cisco Secure Endpoint?
Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdS...
What needs improvement with Cisco Secure Endpoint?
Cisco Secure Endpoint lacks features like DLP which other vendors offer. XDR is new, so integration capabilities with...
What is your primary use case for Cisco Secure Endpoint?
We deployed Cisco Secure Endpoint for our customers two to three years back. The use case was to secure their endpoin...
What needs improvement with Blackpoint Cyber MDR?
While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a b...
What is your primary use case for Blackpoint Cyber MDR?
The solution serves as a baseline security offering. We have implemented it for every client that we do business with.
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Cisco AMP for Endpoints
Blackpoint Cyber Managed Detection + Response, Blackpoint Cyber Managed Detection and Response
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
CoreRecon, Peerless Tech Solutions, Lorien Health
Find out what your peers are saying about Cisco Secure Endpoint vs. CompassOne by Blackpoint Cyber and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.