Cisco Secure Endpoint vs Kaspersky Anti-Targeted Attack Platform comparison

Cisco and Kaspersky are both solutions in the Endpoint Detection and Response (EDR) category. Cisco is ranked #13 with an average rating of 8.5, while Kaspersky is ranked #55 with an average rating of 6.7. Cisco holds a 1.6% mindshare in EDR, compared to Kaspersky’s 0.2% mindshare. Additionally, 96% of Cisco users are willing to recommend the solution, compared to 66% of Kaspersky users who would recommend it.

Cisco Secure Endpoint

Read 49 Cisco Secure Endpoint reviews

3,929 Views
2,622 Comparison Views

96% willing to recommend

Kaspersky Anti-Targeted Att...

Read 6 Kaspersky Anti-Targeted Attack Platform reviews

299 Views
152 Comparison Views

66% willing to recommend

Cisco Secure Endpoint

Kaspersky Anti-Targeted Att...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Cisco Secure Endpoint and Kaspersky Anti-Targeted Attack Platform compete in the security solutions category. Kaspersky Anti-Targeted Attack Platform seems to have the upper hand due to its more robust feature set despite the higher cost.

Features: Cisco Secure Endpoint is integrated with other Cisco products, offers effective endpoint protection, and has comprehensive support. Kaspersky Anti-Targeted Attack Platform boasts advanced threat detection capabilities, a robust feature set, and higher accuracy in detection.

Room for Improvement: Cisco Secure Endpoint faces challenges with scalability, detailed reporting, and occasional user interface issues. Kaspersky Anti-Targeted Attack Platform needs better integration with third-party tools, enhanced user training resources, and an improved user interface.

Ease of Deployment and Customer Service: Cisco Secure Endpoint is recognized for a straightforward deployment process and reliable customer service. Kaspersky Anti-Targeted Attack Platform's deployment is more complex, but it benefits from highly responsive and knowledgeable customer service.

Pricing and ROI: Cisco Secure Endpoint comes with reasonable setup costs and satisfactory ROI. Kaspersky Anti-Targeted Attack Platform presents higher setup costs, but users find significant long-term benefits and substantial ROI due to its advanced features.

To learn more, read our detailed Cisco Secure Endpoint vs. Kaspersky Anti-Targeted Attack Platform Report (Updated: April 2025).

Buyer's Guide

Cisco Secure Endpoint vs. Kaspersky Anti-Targeted Attack Platform

April 2025

Download the complete report

Helped 850,349 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Secure Endpoint

Ranking in Endpoint Detection and Response (EDR)

13th

Average Rating

8.6

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (12th), Cisco Security Portfolio (5th)

Kaspersky Anti-Targeted Att...

Ranking in Endpoint Detection and Response (EDR)

55th

Average Rating

6.6

Reviews Sentiment

6.1

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of May 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Cisco Secure Endpoint is 1.6%, down from 2.1% compared to the previous year. The mindshare of Kaspersky Anti-Targeted Attack Platform is 0.2%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR)

Featured Reviews

Mark Broughton

Level 2 tech at a tech services company with 11-50 employees

Tighter integration with Umbrella and Firepower gave us eye-opening information

We were using a third-party help desk. One of the ways that they were fixing problems was to delete the client and then add the client back if there was an issue where the client had stopped communicating. Any improvement in the client communicating back to the server would be good, particularly for machines that are offline for a couple of weeks. A lot of our guys were working on a rotation where the machine might be offline for that long. They were also terrible about rebooting their machines, so those network connections didn't necessarily get refreshed. So, anything that could improve that communication would be good. Also, an easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful. If you could say, "Okay, we've got these two machines. This one says it's not reporting and this one says it's been reporting. Obviously, somebody did a reinstall," it would help. That way you could get a more accurate device count, so you're not having an inflated number. Not that Cisco was going to come down on you and say, "Oh, you're using too many licenses," right away. But to have a much more accurate license usage count by being able to better dedupe the records would be good. I also sent over a couple of other ideas to our technical rep. A lot of that had to do with the reporting options. It would be really nice to be able to do a lot more in the reporting. You can't really drill down into the reports that are there. The reporting and the need for the documentation to be updated and current would be my two biggest areas of complaint. Also, there was one section when I was playing with the automation where it was asking for the endpoint type rather than the machine name. If I could have just put in the machine name, that would have been great. So there are some opportunities, when it comes to searching, to have more options. If I wanted to search, for example, by a Mac address because, for some reason, I thought there was a duplication and I didn't have the machine name, how could I pull it up with the Mac address? When you're getting to that level, you're really starting to get into the ticky tacky. I would definitely put the reporting and documentation way ahead of that.

Read full review

FarkhundAbbas

Security Engineer at adcb

The tool provides excellent sandboxing and email security features, but the backup and recovery features are not good

If my primary solution is down, no backup solution is available to restore it. It is one of the biggest weaknesses of the platform. If I need to update the solution, there is no option to pick the events and the logs from it and deploy it in another solution. The backup and recovery features of the product are not good. I need backup. If the tool is down for some time, I cannot get the logs at that particular time.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The VPN is most valuable. It's the best thing in the market today. We can use two-factor authentication with another platform, and we can authenticate with two-factor."

"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."

"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."

"The visibility and insight this solution gives you into threats is pretty granular. It has constant monitoring. You can get onto the device trajectory to look at a threat, but you can also see what happened prior to the threat. You can see what happened after the threat. You can see what other applications were incorporated into the execution of the threat. For example, you have the event, but you see that the event was launched by Google Chrome, which was launched by something else. Then, after the event, something else was launched by whatever the threat was. Therefore, it gives you great detail, a timeline, and continuity of events leading up to whatever the incident is, and then, after. This helps you understand and nail down what the threat is and how to fix it."

"The most valuable features of this solution are the IPS and the integration with ISE."

"The solution is easy to deploy and applies multi-factor authentication."

"It used to take us a month to find out that something is infected, we now know that same day, as soon it is infected."

"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."

More Cisco Secure Endpoint pros

"The product's deployment phase is easy."

"The solution is very easy to use. Its interface is very simple, and you can build IOC's indicators. You can use your rules to detect these attacks because you can leverage threat intelligence. Y"

"The most valuable use is detailing metadata collection from the endpoint and network."

"I feel the anti-ransomware update is one of the tool's valuable features."

"The email security feature is really good."

"Kaspersky Anti-Targeted Attack Platform is stable and runs all the time."

Cons

"Due to the complexity of the technology that is used and its advanced threat detection capabilities, it is possible to encounter many delays in operation."

"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."

"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."

"I would like more seamless integration."

"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."

"Integration and dashboard are areas with certain shortcomings in Cisco Secure Endpoint."

"I would recommend that the solution offer more availability in terms of the product portfolio and integration with third-party products."

"In the next version of this solution, I would like to see the addition of local authentication."

More Cisco Secure Endpoint cons

"The backup and recovery features of the product are not good."

"In some of the places I have come across, even though they use Kaspersky, the ransomware enters their system."

"The blind spot or gap in the platform is network analysis functionality."

"Kaspersky Anti-Targeted Attack Platform is not a good product. We had problems with endpoints and the solution did not detect it. We didn't get any alerts about the attack."

"The solution lacks cloud integrations."

"I think the tool is still not really good enough for integration compared to other products."

Pricing and Cost Advice

"Our company was very happy with the price of Cisco AMP. It was about a third of what we were paying for System Center Endpoint Protection."

"There are a couple of different consumption models: Pay up front, or if you have an enterprise agreement, you can do a monthly thing. Check your licensing possibilities and see what's best for your organization."

"The pricing and licensing fees are okay."

"Whenever you are doing the licensing process, I would highly advise to look at what other Cisco solutions you have in your organization, then evaluate if an Enterprise Agreement is the best way to go. In our case, it was the best way to go. Since we had so many other Cisco products, we were able to tie those in. We were actually able to get several Cisco security solutions for less than if we had bought three or four Cisco security solutions independently or ad hoc."

"It is quite cost-effective. I would rate it ten out of ten."

"My company does make annual payments towards the licensing costs of the solution. Cisco Secure Endpoint is a little bit expensive."

"Pricing can be more expensive than similar software that does less functionality, but not recognized by customers."

"I rate the pricing a five or six on a scale of one to ten, where one is expensive, and ten is cheap."

More Cisco Secure Endpoint pricing and cost advice

"Kaspersky is one of the cheaper solutions."

"Kaspersky Anti-Targeted Attack Platform is cheap."

"The solution has competitive pricing."

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

850,349 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

18%

Government

Financial Services Firm

Manufacturing Company

Educational Organization

33%

Computer Software Company

17%

Financial Services Firm

10%

Government

10%

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Cisco Secure Endpoint?

The product's initial setup phase was very simple.

See all answers

What is your experience regarding pricing and costs for Cisco Secure Endpoint?

Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdStrike, Microsoft Defender, or SentinelOne.

See all answers

What needs improvement with Cisco Secure Endpoint?

Cisco Secure Endpoint lacks features like DLP which other vendors offer. XDR is new, so integration capabilities with third-party tools need improvement. The forensic capabilities need enhancement,...

See all answers

What do you like most about Kaspersky Anti-Targeted Attack Platform?

The solution is very easy to use. Its interface is very simple, and you can build IOC's indicators. You can use your rules to detect these attacks because you can leverage threat intelligence. Y

See all answers

What is your experience regarding pricing and costs for Kaspersky Anti-Targeted Attack Platform?

Its price is reasonable; it's neither very high nor very low, considering its capabilities.

See all answers

What needs improvement with Kaspersky Anti-Targeted Attack Platform?

I think the tool is still not really good enough for integration compared to other products. If you need to integrate with the ecosystem of the Kaspersky primary, and if we are going to the third p...

See all answers

Comparisons

Microsoft Defender for Endpoint vs Cisco Secure Endpoint

Compared 15% of the time

CrowdStrike Falcon vs Cisco Secure Endpoint

Compared 12% of the time

SentinelOne Singularity Complete vs Cisco Secure Endpoint

Compared 6% of the time

Cortex XDR by Palo Alto Networks vs Cisco Secure Endpoint

Compared 5% of the time

Check Point Harmony Endpoint vs Cisco Secure Endpoint

Compared 5% of the time

More Cisco Secure Endpoint Competitors

Darktrace vs Kaspersky Anti-Targeted Attack Platform

Compared 56% of the time

Trend Vision One vs Kaspersky Anti-Targeted Attack Platform

Compared 44% of the time

More Kaspersky Anti-Targeted Attack Platform Competitors

Product Reports

Buyer's Guide

Cisco Secure Endpoint

May 2025

Download Cisco Secure Endpoint product report

Buyer's Guide

Kaspersky Anti-Targeted Attack Platform

April 2025

Kaspersky Anti-Targeted Attack Platform report

Download Kaspersky Anti-Targeted Attack Platform product report

Also Known As

Cisco AMP for Endpoints

Kaspersky Anti Targeted Attack

Overview

Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities. Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.

Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.

Reviews from Real Users

Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.

Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."

Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."

Cisco

Today’s cybercriminals constantly design unique and innovative methods of penetration and compromise. To avoid perimeter prevention technologies they use social engineering, non-malware and supply chain attacks to operate under the radar of security designed to catch ‘bad’ traces. It’s not enough to just ‘know’ what’s bad or dangerous – enterprises need to understand what’s normal, and use AI-driven techniques that simplify and automate this process. Targeted Attack Analyzer is a machine learning engine that involves self-learning to establish the baseline of normal, legitimate activities of an entire network. Through continuous network telemetry collection it finds deviations, detects suspicious activities and predicts further malicious actions at the initial stages of multilayered attacks.

Kaspersky

Sample Customers

Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank

Republic of Serbia, Goods.ru, Tael, Insolar

Buyer's Guide

Cisco Secure Endpoint vs. Kaspersky Anti-Targeted Attack Platform

April 2025

Free Report: Cisco Secure Endpoint vs. Kaspersky Anti-Targeted Attack Platform

Find out what your peers are saying about Cisco Secure Endpoint vs. Kaspersky Anti-Targeted Attack Platform and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,349 professionals have used our research since 2012.

See our Cisco Secure Endpoint vs. Kaspersky Anti-Targeted Attack Platform report.

See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.