We performed a comparison between Cisco Secure Endpoint and Kaspersky Endpoint Detection and Response Expert based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Ability to get forensics details and also memory exfiltration."
"Fortinet is very user-friendly for customers."
"The setup is pretty simple."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The solution was relatively easy to deploy."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"The best feature that we found most valuable, is actually the security product for the endpoint, formerly known as AMP. It has behavioral analytics, so you can be more proactive toward zero-day threats. I found that quite good."
"It is a very stable program."
"It doesn't impact the devices. It is an agent-based solution, and we see no performance knock on cell phones. That was a big thing for us, especially in the mobile world. We don't see battery degradation like you do with other solutions which really drain the battery, as they're constantly doing things. That can shorten the useful life of a device."
"The most valuable feature is signature-based malware detection."
"Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
"I like the tool’s response to malware and trojans."
"Has great behavior detection and a very good firmware scanner."
"Has some great features not available elsewhere."
"Version 14.0 comes with an SQL database, which gives great flexibility on control, reviewing logs, and viewing history."
"Encryption is the most valuable feature. It creates an encryption tunnel from your location to the delivery address."
"We have a central console and from there you can monitor all workstations via an agent."
"The solution provides high-end security that is critical for financial institutions and bankers."
"What I like best about Kaspersky Endpoint Detection and Response is that it can detect any cyber attack and that it's a reliable product in the cybersecurity space. My company has confidence in it as a product for detecting all cyber attacks. It's a reliable product."
More Kaspersky Endpoint Detection and Response Expert Pros →
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"FortiEDR can be improved by providing more detailed reporting."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Detections could be improved."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The technical support is very slow."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"Cisco is good in terms of threat intelligence plus machine learning-based solutions, but we feel Cisco is lagging behind in using artificial intelligence in its systems."
"We would like to have an API integration with a SIEM solution, because as far as I know, it currently hasn't yet been released."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product."
"It could be improved in connection with artificial intelligence and IoT."
"The installation process could be more streamlined."
"It is not easy to follow the kill chain of a potential infection or malware."
"There are some cases that take three days to deal with. It's too long."
"My opinion is that behavior detection could work better. This feature gets a high rate of false positives."
"If it covered more products, it would improve the XDR."
"The solution does not offer much support to its users in Spanish, so I would like to see them offer more support in Spanish."
"There's room for improvement in customer service and support. The response time when I open a ticket or communicate with the vendor could be faster."
"Installing Kaspersky is complex. It requires more work from system admins and takes almost one week to deploy, including integration and mapping with other solutions. You also have to configure Kaspersky EDR sandboxing then set up permissions for various teams and customers."
More Kaspersky Endpoint Detection and Response Expert Cons →
More Kaspersky Endpoint Detection and Response Expert Pricing and Cost Advice →
Cisco Secure Endpoint is ranked 9th in Endpoint Detection and Response (EDR) with 43 reviews while Kaspersky Endpoint Detection and Response Expert is ranked 17th in Endpoint Detection and Response (EDR) with 44 reviews. Cisco Secure Endpoint is rated 8.6, while Kaspersky Endpoint Detection and Response Expert is rated 8.2. The top reviewer of Cisco Secure Endpoint writes "Single dashboard management, quick infrastructure threat detection, and high level support". On the other hand, the top reviewer of Kaspersky Endpoint Detection and Response Expert writes "Solid security and performance; overall a useful tool". Cisco Secure Endpoint is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Check Point Harmony Endpoint and Cisco Umbrella, whereas Kaspersky Endpoint Detection and Response Expert is most compared with Trend Vision One, Microsoft Defender for Endpoint, Cynet, Symantec Endpoint Detection and Response and IBM Security QRadar. See our Cisco Secure Endpoint vs. Kaspersky Endpoint Detection and Response Expert report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
