Cisco Secure Endpoint vs Morphisec comparison

Read 21 Morphisec reviews

1,161 Views
665 Comparison Views

100% willing to recommend

Cisco Secure Endpoint

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Cisco Secure Endpoint and Morphisec are leading endpoint security solutions. Cisco Secure Endpoint appears to have the upper hand due to its comprehensive support and pricing, while Morphisec is notable for its advanced features.

Features: Cisco Secure Endpoint offers robust security features such as advanced threat detection, remediation, and integration with other Cisco security products. Morphisec provides proactive prevention capabilities, a lightweight agent, and minimal impact on system performance.

Room for Improvement:Cisco Secure Endpoint could benefit from performance optimization, a more intuitive setup process, and enhanced user interface. Morphisec needs improvement in reporting capabilities, greater configuration flexibility, and better customer support documentation.

Ease of Deployment and Customer Service:Cisco Secure Endpoint is noted for straightforward deployment, though its configuration process is complex, with highly rated customer support. Morphisec offers easy deployment and minimal system disruption, but customer service receives mixed reviews compared to Cisco.

Pricing and ROI:Cisco Secure Endpoint is cost-effective with a good return on investment, though initial setup costs can be high. Morphisec is more expensive but users believe its superior features justify the cost and provide solid ROI.

To learn more, read our detailed Cisco Secure Endpoint vs. Morphisec Report (Updated: April 2025).

Cisco Secure Endpoint vs. Morphisec

Download the complete report

Helped 849,686 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Secure Endpoint

Ranking in Endpoint Protection Platform (EPP)

13th

Ranking in Endpoint Detection and Response (EDR)

12th

Average Rating

8.6

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Cisco Security Portfolio (5th)

Morphisec

Ranking in Endpoint Protection Platform (EPP)

56th

Ranking in Endpoint Detection and Response (EDR)

59th

Average Rating

9.2

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Vulnerability Management (58th), Advanced Threat Protection (ATP) (33rd), Cloud Workload Protection Platforms (CWPP) (36th), Threat Deception Platforms (14th)

Mindshare comparison

As of May 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cisco Secure Endpoint is 1.5%, down from 1.8% compared to the previous year. The mindshare of Morphisec is 0.4%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP)

Featured Reviews

Mark Broughton

Level 2 tech at a tech services company with 11-50 employees

Tighter integration with Umbrella and Firepower gave us eye-opening information

We were using a third-party help desk. One of the ways that they were fixing problems was to delete the client and then add the client back if there was an issue where the client had stopped communicating. Any improvement in the client communicating back to the server would be good, particularly for machines that are offline for a couple of weeks. A lot of our guys were working on a rotation where the machine might be offline for that long. They were also terrible about rebooting their machines, so those network connections didn't necessarily get refreshed. So, anything that could improve that communication would be good. Also, an easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful. If you could say, "Okay, we've got these two machines. This one says it's not reporting and this one says it's been reporting. Obviously, somebody did a reinstall," it would help. That way you could get a more accurate device count, so you're not having an inflated number. Not that Cisco was going to come down on you and say, "Oh, you're using too many licenses," right away. But to have a much more accurate license usage count by being able to better dedupe the records would be good. I also sent over a couple of other ideas to our technical rep. A lot of that had to do with the reporting options. It would be really nice to be able to do a lot more in the reporting. You can't really drill down into the reports that are there. The reporting and the need for the documentation to be updated and current would be my two biggest areas of complaint. Also, there was one section when I was playing with the automation where it was asking for the endpoint type rather than the machine name. If I could have just put in the machine name, that would have been great. So there are some opportunities, when it comes to searching, to have more options. If I wanted to search, for example, by a Mac address because, for some reason, I thought there was a duplication and I didn't have the machine name, how could I pull it up with the Mac address? When you're getting to that level, you're really starting to get into the ticky tacky. I would definitely put the reporting and documentation way ahead of that.

Read full review

Islam Shaikh

Senior Manager - IT at IndiGrid Limited

Lightweight, detects everything quickly, and takes corrective action

We sometimes have to depend on the support team to know what action we should take. If the solution for an alert can be built into the report that we are getting, it will save time, and the interaction with support would be less. At times, corrective action is required, but at times, we don't need to take any action. It would be good if we get to know in the report that a particular infection doesn't require any action. It will save us time and effort. Other than that, nothing else is required. They have taken care of everything. We are getting alerts, and we can have multiple admins. We get a good model with this view.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The product itself is pretty reliable. The security features that it has make it reliable."

"The most valuable feature of the solution is its technical support."

"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."

"appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. I can track everything that happens on our server from my PC or device. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us."

"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."

"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."

"The VPN is most valuable. It's the best thing in the market today. We can use two-factor authentication with another platform, and we can authenticate with two-factor."

"It's quite simple, and the advantage I see is that I get the trajectory of what happened inside the network, how a file has been transmitted to the workstation, and which files have got corrupted."

More Cisco Secure Endpoint pros

"Morphisec makes use of deterministic attack prevention that doesn’t require investigation of security alerts. It changes the memory locations of where certain applications run. If you think of Excel, opening a PDF, running an Excel macro, or opening a webpage and clicking on a link, all of those actions run in a certain area of memory. Morphisec changes the memory locations of where those run."

"I really like the integration with Microsoft Defender. In addition to having third-party endpoint protection, we're also enabling Defender... I like the reporting that we get from Defender, when it comes in. I like that it's one console showing both Morphisec and Defender where it provides me with full visibility into security events from Defender and Morphisec."

"Morphisec is a straightforward solution that is efficient and very stable."

"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."

"The fact that Morphisec uses deterministic attack prevention that does not require human intervention has affected our security team's operations by making things much simpler. We don't have to really track down various alerts anymore, they've just stopped. At that point, we can go in and we can clean up whatever needs to be cleaned up. There are some things that Morphisec detects that we can't really remove, it's parts of Internet Explorer, but it's being blocked anyway. So we're happy with that."

"Morphisec also provides full visibility into security events for Microsoft Defender and Morphisec in one dashboard... in the single pane of glass provided by Morphisec, it's all right there at your fingertips: easy to access and easy to understand. And if you choose to go down further to know everything from the process to the hash behind it, you can."

"It also provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. We've always had that capability with Morphisec. The more recent version appears to do that even a little bit more natively and it's given us visibility that we didn't have otherwise."

"We have seen it successfully block attacks that a traditional antivirus did not pick up."

More Morphisec pros

Cons

"I would like them to add whatever makes filtering more advanced in scanning and blocking for malware in emails."

"It does not include encryption and decryption of local file shares."

"The connector updates are very easily done now, and that's improving. Previously, the connector had an issue, where almost every time it needed to be updated, it required a machine reboot. This was always a bit of an inconvenience and a bug. Because with a lot of software now, you don't need to do that and shouldn't need to be rebooting all the time."

"Cisco Secure Endpoint lacks features like DLP which other vendors offer. XDR is new, so integration capabilities with third-party tools need improvement."

"In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."

"We have had some problems with updates not playing nice with our environment. This is important, because if there is a new version, we need to test it thoroughly before it goes into production. We cannot just say, "There's a new version. It's not going to give us any problems." With the complexity of the solution using multiple engines for multiple tasks, it can sometimes cause performance issues on our endpoints. Therefore, we need to test it before we deploy. That takes one to three days before we can be certain that the new version plays nice with our environment."

"One of the things that Cisco Secure Endpoint really needs is that it's not just Secure Endpoint, it's a point product, and I think we really need to move into solution-based selling, designing, and architecting. So that we're not worried about putting things on endpoints and selling 'x' amount of endpoints, but to provide a solution that covers all of the remote access and sell them as solutions that cover multiple things."

"The initial setup is a bit complex because you need to execute existing antiviruses or security software that you have on your device."

More Cisco Secure Endpoint cons

"If anything, tech support might be their weakest link. The process of getting someone involved sometimes takes a little time. It seems to me that they should have all the data they need to let me know whether an alert is legitimate or not, but they tend to need a lot of information from me to get to the bottom of something. It usually takes a little longer than I would expect."

"We sometimes have to depend on the support team to know what action we should take. If the solution for an alert can be built into the report that we are getting, it will save time, and the interaction with support would be less. At times, corrective action is required, but at times, we don't need to take any action. It would be good if we get to know in the report that a particular infection doesn't require any action. It will save us time and effort."

"We started in the Linux platform and we deployed to Linux. The licensing of that has been kind of confusing between Linux licensing and Windows licensing. The overall simplicity of licensing or offering an enterprise license to just cover everything and then we don't have to count needs improvement."

"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity."

"The weakest point of this product is how difficult it is to understand the reasons for an alert. This is a problem because it is hard to determine whether an attack is real or not."

"We have discovered some bugs in the new releases that they've had to fix, so I would like to see more testing and QA on their side before they release."

"Right now, it's just their auto-update feature. I know they are currently working on that. When they release a new version of the threat prevention platform, I do have to update that, rolling out to every computer. They have said, "From version 5, you would be able to do an auto-update." While this is very minor, that is the only thing that I would say needs to be upgraded. It would just make life a lot easier for other IT teams. However, I have simplified the process, so all I need to do is just download one file."

"It might be a bit much to ask, but we are now beginning to use Morphisec Scout, which provides vulnerability information. At this time, it's recognizing vulnerabilities and reporting them to us, but it's not necessarily resolving them. There's still a separate manual process to resolve those vulnerabilities, primarily through upgrades. We have to do that outside of Morphisec. If Morphisec could somehow have that capability built into it, that would be very effective."

More Morphisec cons

Pricing and Cost Advice

"The price is very good."

"The solution is highly affordable; I believe we pay $2 or $3 per endpoint. It's significantly cheaper than the competitors on the market."

"In our case, it is a straightforward annual payment through our Enterprise Agreement."

"It is a subscription-based product."

"The pricing and licensing are reasonable. The cost of AMP for Endpoints is inline with all the other software that has a monthly endpoint cost. It might be a little bit higher than other antivirus type products, but we're only talking about a dollar a month per user. I don't see that cost as being an issue if it's going to give us the confidence and security that we're looking for. We have had a lot of success and happiness with what we're using, so there's no point in changing."

"There are a couple of different consumption models: Pay up front, or if you have an enterprise agreement, you can do a monthly thing. Check your licensing possibilities and see what's best for your organization."

"The visibility that we have into the endpoint and the forensics that we're able to collect give us value for the price. This is not an overly expensive solution, considering all the things that are provided. You get great performance and value for the cost."

"We have a license for 3,000 users and if we get up to 3,100 users, it doesn't stop working, but on the next renewal date you're supposed to go in there and add that extra 100 licenses. It's really good that they let you grow and expand and then pay for it. Sometimes, with other products, you overuse a license and they just don't work."

More Cisco Secure Endpoint pricing and cost advice

"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."

"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."

"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."

"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."

"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."

"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."

"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."

"The pricing is definitely fair for what it does."

More Morphisec pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

849,686 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

18%

Government

Financial Services Firm

Manufacturing Company

Outsourcing Company

14%

Computer Software Company

13%

Financial Services Firm

12%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cisco Secure Endpoint?

The product's initial setup phase was very simple.

See all answers

What is your experience regarding pricing and costs for Cisco Secure Endpoint?

Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdStrike, Microsoft Defender, or SentinelOne.

See all answers

What needs improvement with Cisco Secure Endpoint?

Cisco Secure Endpoint lacks features like DLP which other vendors offer. XDR is new, so integration capabilities with third-party tools need improvement. The forensic capabilities need enhancement,...

See all answers

Ask a question

Earn 20 points

Comparisons

Microsoft Defender for Endpoint vs Cisco Secure Endpoint

Compared 15% of the time

CrowdStrike Falcon vs Cisco Secure Endpoint

Compared 12% of the time

SentinelOne Singularity Complete vs Cisco Secure Endpoint

Compared 6% of the time

Check Point Harmony Endpoint vs Cisco Secure Endpoint

Compared 5% of the time

Cortex XDR by Palo Alto Networks vs Cisco Secure Endpoint

Compared 5% of the time

More Cisco Secure Endpoint Competitors

CrowdStrike Falcon vs Morphisec

Compared 35% of the time

Halcyon vs Morphisec

Compared 15% of the time

SentinelOne Singularity Complete vs Morphisec

Compared 13% of the time

Hyver vs Morphisec

Compared 8% of the time

Tanium vs Morphisec

Compared 6% of the time

More Morphisec Competitors

Product Reports

Cisco Secure Endpoint

Download Cisco Secure Endpoint product report

Download Morphisec product report

Also Known As

Cisco AMP for Endpoints

Morphisec, Morphisec Moving Target Defense

Overview

Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities. Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.

Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.

Reviews from Real Users

Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.

Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."

Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."

Cisco

Morphisec integrates seamlessly with platforms like Microsoft Defender, offering signatureless protection against zero-day threats and ransomware. It enhances existing endpoint solutions with minimal maintenance through its set-and-forget deployment, providing heightened security and reduced false positives.

Morphisec strengthens defense strategies by merging memory morphing and signatureless protection to effectively block zero-day attacks and ransomware. It operates efficiently within existing infrastructure, reducing system impact and maintenance needs. Users find its full visibility dashboard invaluable. Despite its strengths, cloud deployment and reporting features can be improved. Stability, alerts, and integration with other systems pose challenges for users, impacting usability and support quality.

What are Morphisec's key features?

Seamless Integration: Works with Microsoft Defender for comprehensive dashboard visibility
Memory Morphing: Hides processes to reduce attack surfaces
Signatureless Protection: Prevents threats without impacting performance
Automatic Threat Blocking: Uses inbuilt intelligence to detect risks
Set-and-Forget Deployment: Simplifies management and reduces maintenance

What benefits should users consider in reviews?

Quick Deployment: Fast setup without disrupting operations
Enhanced Protection: Provides an additional defense layer against advanced threats
Cost-Effectiveness: Works with existing licenses, minimizing extra investments
Improved Compatibility: Integrates smoothly with current antivirus systems
Minimal System Impact: Operates efficiently without overloading resources

In security-focused industries, Morphisec is crucial for protecting workstations and servers against sophisticated attacks like ransomware. Its signatureless technology offers early threat detection, while compatibility with existing systems ensures seamless integration, providing advanced protection without additional licensing costs.

Sample Customers

Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank

Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center

Cisco Secure Endpoint vs. Morphisec