Find out what your peers are saying about Microsoft, CrowdStrike, SentinelOne and others in Endpoint Protection Platform (EPP).
CrowdStrike Falcon saves time and offers good value for money, especially for enterprise companies, because it can stop breaches.
It's very easy to deploy without many IT admins, saving time.
Cisco has good technical support, especially considering these are newer solutions compared to traditional routing and switching products.
On a scale of one to ten, I would rate the technical support as a 10 because they resolve many issues for us.
The CrowdStrike team is very efficient; I would rate them ten out of ten.
They could improve by initiating calls for high-priority cases instead of just opening tickets.
Cisco Secure Endpoint is definitely scalable.
It has adequate coverage and is easy to deploy.
In terms of scalability, I find CrowdStrike to be stable, and I have not encountered any limitations with it.
There's no scalability limitation from CrowdStrike itself, as it just requires agent deployment.
We have not encountered any problems.
I have never seen instability in the CrowdStrike tool.
We are following N-1 versions across our environment, which is stable.
The biggest issue occurred when every computer worldwide experienced a blue screen.
The forensic capabilities need enhancement, especially for deep forensic data collection.
Simplifying the querying process, such as using double quote queries or directly obtaining logs based on IP addresses or usernames, would be beneficial.
Another concern is CrowdStrike's GUI. It changes annually, making it hard to work and find options.
Threat prevention should be their first priority.
Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdStrike, Microsoft Defender, or SentinelOne.
It is expensive compared to SentinelOne, but as the market leader, it is worth it.
The licensing cost and setup costs are affordable.
The solution is a bit expensive.
Cisco Secure Endpoint is very good in machine learning, which allows it to secure offline contents even if not connected to the internet.
I can investigate by accessing the customer's host based on the RTR environment and utilize host search to know details for the past seven days, including logins, processes, file installations, malicious processes, and network connections.
The real-time analytics aspect of CrowdStrike performs well because we get all logs in real-time, with no delay, allowing us to take action immediately.
Being an EDR solution, it helps us identify attacks in real-time.
| Product | Market Share (%) |
|---|---|
| CrowdStrike Falcon | 8.2% |
| Cisco Secure Endpoint | 1.5% |
| VMware Carbon Black Endpoint | 1.7% |
| Other | 88.6% |
| Company Size | Count |
|---|---|
| Small Business | 21 |
| Midsize Enterprise | 14 |
| Large Enterprise | 21 |
| Company Size | Count |
|---|---|
| Small Business | 46 |
| Midsize Enterprise | 34 |
| Large Enterprise | 61 |
| Company Size | Count |
|---|---|
| Small Business | 31 |
| Midsize Enterprise | 9 |
| Large Enterprise | 30 |
Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities. Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.
Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.
Reviews from Real Users
Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.
Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."
Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
CrowdStrike Falcon offers comprehensive endpoint protection with real-time threat detection, AI-driven capabilities, and seamless integration with other platforms. Its cloud-native design provides robust security across diverse environments, making it a reliable choice for modern cybersecurity needs.
CrowdStrike Falcon is heralded for features like robust endpoint visibility, threat detection, and AI-driven capabilities. Users value its efficient real-time monitoring, which maintains low impact on performance while offering seamless integration with platforms. The lightweight design, coupled with comprehensive dashboards and automated threat responses, enhances security operations while reducing resource strain. CrowdStrike's cloud-native architecture ensures flexible, always-on protection, making it adaptable to a wide range of environments. However, improvements can be made in log management, compatibility with diverse operating systems, and integration with third-party technologies. Users also seek more robust reporting features, fewer false positives, and better support for legacy systems. Enhanced policy application, AI capabilities, and extended on-demand scanning are desired, while pricing and technical support responsiveness are concerns.
What are CrowdStrike Falcon's key features?CrowdStrike Falcon is implemented widely in industries relying on robust endpoint protection for monitoring, securing endpoints, forensic analysis, and malware detection. Its cloud-based AI capabilities ensure comprehensive security across devices, making it a preferred choice for networks, servers, and workstations globally. The efficient management of security threats and compliance with regulations is achieved with minimal resource consumption.
VMware Carbon Black Endpoint enhances endpoint security with its robust EDR, threat detection, and live response features. The cloud-based architecture supports remote management and easy setup while behavioral monitoring and dynamic grouping minimize security risks.
VMware Carbon Black Endpoint is designed for those seeking comprehensive endpoint protection. With its cloud-based deployment, organizations experience streamlined remote control and simplified rollout processes. Its behavioral monitoring, incident response capabilities, and firewall integration deliver advanced security measures. Although it addresses many security challenges, areas like manual alert management, on-demand scanning, and integration with systems like AlienVault USM require refinement. Improved UI, EDR components, and flexible pricing models would enhance user satisfaction. On-premise deployment infrastructure and compatibility issues with some operating systems need attention. Enhanced reporting, container security, and multi-tenancy support are also essential for fulfilling industry needs. AI-driven analysis and threat isolation empower companies by fostering proactive management.
What are the key features of VMware Carbon Black Endpoint?
What benefits should users look for when evaluating VMware Carbon Black Endpoint?
VMware Carbon Black Endpoint finds extensive application in industries focused on stringent security requirements. Managed security service providers leverage its capabilities to deliver comprehensive protection to multiple clients worldwide. Organizations use it primarily for antivirus protection and incident management, integrating it with their existing security frameworks to strengthen endpoint visibility and real-time threat prevention. Its advanced detection and application control features make it a preferred choice in industries that prioritize robust security measures. However, it requires improvements in terms of system compatibility and customization flexibility to better serve diverse industry environments.
