Try our new research platform with insights from 80,000+ expert users

Cisco Secure Endpoint vs Morphisec comparison

Cisco and Morphisec are both solutions in the Endpoint Protection Platform (EPP) category. Cisco is ranked #34 with an average rating of 8.8, while Morphisec is ranked #54. Cisco holds a 1.4% mindshare in EPP, compared to Morphisec’s 0.5% mindshare. Additionally, 96% of Cisco users are willing to recommend the solution, compared to 100% of Morphisec users who would recommend it.
Cisco Secure Endpoint
Read 49 Cisco Secure Endpoint reviews
  • 4,953 Views
  • 3,319 Comparison Views
96% willing to recommend
Morphisec
Read 21 Morphisec reviews
  • 2,078 Views
  • 1,081 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

Cisco Secure Endpoint and Morphisec are leading endpoint security solutions. Cisco Secure Endpoint appears to have the upper hand due to its comprehensive support and pricing, while Morphisec is notable for its advanced features.

Features: Cisco Secure Endpoint offers robust security features such as advanced threat detection, remediation, and integration with other Cisco security products. Morphisec provides proactive prevention capabilities, a lightweight agent, and minimal impact on system performance.

Room for Improvement:Cisco Secure Endpoint could benefit from performance optimization, a more intuitive setup process, and enhanced user interface. Morphisec needs improvement in reporting capabilities, greater configuration flexibility, and better customer support documentation.

Ease of Deployment and Customer Service:Cisco Secure Endpoint is noted for straightforward deployment, though its configuration process is complex, with highly rated customer support. Morphisec offers easy deployment and minimal system disruption, but customer service receives mixed reviews compared to Cisco.

Pricing and ROI:Cisco Secure Endpoint is cost-effective with a good return on investment, though initial setup costs can be high. Morphisec is more expensive but users believe its superior features justify the cost and provide solid ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cisco Secure Endpoint vs. Morphisec Report (Updated: September 2025).
Buyer's Guide
Cisco Secure Endpoint vs. Morphisec
September 2025
Download the complete report
Helped 872,869 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Secure Endpoint
Ranking in Endpoint Protection Platform (EPP)
34th
Ranking in Endpoint Detection and Response (EDR)
29th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
49
Ranking in other categories
Cisco Security Portfolio (7th)
Morphisec
Ranking in Endpoint Protection Platform (EPP)
54th
Ranking in Endpoint Detection and Response (EDR)
60th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (60th), Advanced Threat Protection (ATP) (32nd), Cloud Workload Protection Platforms (CWPP) (31st), Threat Deception Platforms (18th)
 

Mindshare comparison

As of November 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cisco Secure Endpoint is 1.4%, down from 1.6% compared to the previous year. The mindshare of Morphisec is 0.5%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Market Share Distribution
ProductMarket Share (%)
Cisco Secure Endpoint1.4%
Morphisec0.5%
Other98.1%
Endpoint Protection Platform (EPP)
 

Featured Reviews

AKSHAYK - PeerSpot reviewer
Identifies the malicious content in an organization's network
We must install an agent on every laptop. We do not know how to do it for the network. We shouldn’t have to install agents individually if it's a corporate network. The product does not provide options like tunnel creation or virtual appliances. If there are 2000 users and only one network administrator, installing the agent on every laptop will be time-consuming.
Read full review
Rick Schibler - PeerSpot reviewer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"I am told that we get over 100 million emails a month. This filters them down and allows only somewhere about three million emails, which is a great help."
"appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. I can track everything that happens on our server from my PC or device. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"One of the best features of AMP is its cloud feature. It doesn't matter where the device is in regards to whether it's inside or outside of your network environment, especially right now when everybody's remote and taken their laptops home. You don't have to be VPNed into the environment for AMP to work. AMP will work anywhere in the world, as long as it has an Internet connection. You get protection and reporting with it. No matter where the device is, AMP has still got coverage on it and is protecting it. You still have the ability to manage and remediate things. The cloud feature is the magic bullet. This is what makes the solution a valuable tool as far as I'm concerned."
"There are several valuable features including strong prevention and exceptional reporting capabilities."
"The ability to detonate a particular problem in a sandbox environment and understand what the effects are, is helpful. We're trying, for example, to determine, when people send information in, if an attachment is legitimate or not. You just have to open it. If you can do that in a secure sandbox environment, that's an invaluable feature. What you would do otherwise would be very risky and tedious."
"Secure Endpoint has decreased our time to remediate by providing the tools and the integrations we need so we can quickly look across our entire network, look for those threats, and actually make good decisions."
More Cisco Secure Endpoint pros
"It provides full visibility into security events and from both solutions in one dashboard. I'm not a big security guy, if I have a threat that looks like there's a problem, I will ask Morphisec to dissect it for me, and tell me what might be happening. Because it tends to be all hash codes, so I can tell what's going on. They've been pretty good with that."
"The simplicity of the solution, how easy it is to deploy and how small it is when deployed as an agent on a device, is probably the biggest aspect, given what it can do."
"Morphisec makes use of deterministic attack prevention that doesn’t require investigation of security alerts. It changes the memory locations of where certain applications run. If you think of Excel, opening a PDF, running an Excel macro, or opening a webpage and clicking on a link, all of those actions run in a certain area of memory. Morphisec changes the memory locations of where those run."
"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."
"Morphisec is a straightforward solution that is efficient and very stable."
"The biggest feature is that it hides everything from your operating system that's running in-memory from anything to try to run against it. That's the most unique thing that's on the market. There's nothing else out there that's quite like that. That's a big selling point and why we went with it. It does exactly what the design does. If you can't find it, you can't execute against it."
"I really like the integration with Microsoft Defender. In addition to having third-party endpoint protection, we're also enabling Defender... I like the reporting that we get from Defender, when it comes in. I like that it's one console showing both Morphisec and Defender where it provides me with full visibility into security events from Defender and Morphisec."
"Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it."
More Morphisec pros
 

Cons

"In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."
"We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints."
"The initial setup is a bit complex because you need to execute existing antiviruses or security software that you have on your device."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"This product has issues with the number of false positives that it reports."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"I would recommend that the solution offer more availability in terms of the product portfolio and integration with third-party products."
"It does not include encryption and decryption of local file shares."
More Cisco Secure Endpoint cons
"In the Windows Defender integration, they have put in a report of computers that need Windows Defender updates. If those updates could be kicked off directly from the dashboard, instead of having to go to another system entirely, that would be good."
"The weakest point of this product is how difficult it is to understand the reasons for an alert. This is a problem because it is hard to determine whether an attack is real or not."
"We sometimes have to depend on the support team to know what action we should take. If the solution for an alert can be built into the report that we are getting, it will save time, and the interaction with support would be less. At times, corrective action is required, but at times, we don't need to take any action. It would be good if we get to know in the report that a particular infection doesn't require any action. It will save us time and effort."
"It would be nice if they could integrate Morphisec with other traditional antivirus solutions beyond Microsoft Defender. That is probably my biggest gripe."
"It would be useful for them if they had some kind of network discovery. That kind of functionality I think would give IT administrators a little bit more confidence that they have 100 percent coverage, and it gives them something to audit against. Network discovery would be one area I would definitely suggest that they put some effort into."
"We started in the Linux platform and we deployed to Linux. The licensing of that has been kind of confusing between Linux licensing and Windows licensing. The overall simplicity of licensing or offering an enterprise license to just cover everything and then we don't have to count needs improvement."
"Automating reports needs improvement. I would like to have better reporting capabilities within it or automated reporting to be a little bit more dynamic. That's something I know they're working on. We literally are in the process. We started the process a week and a half ago of going to their latest version, so I've not seen their latest one up and running yet."
"Sometimes it generates false positive alerts. They need to continue working on that. They have provided solutions for it and have fixed issues with updated versions. The service is quite good but they need to work on it more so that there are no false positive alerts."
More Morphisec cons
 

Pricing and Cost Advice

"The Enterprise Agreement is like an all-you-can-eat buffet of Cisco products. In that vein, it was very affordable."
"The solution is highly affordable; I believe we pay $2 or $3 per endpoint. It's significantly cheaper than the competitors on the market."
"It is an expensive solution."
"​Pricing can be more expensive than similar software that does less functionality, but not recognized by customers.​"
"It is a subscription-based product."
"Licensing fees are on a yearly basis and I am happy with the pricing."
"Whenever you are doing the licensing process, I would highly advise to look at what other Cisco solutions you have in your organization, then evaluate if an Enterprise Agreement is the best way to go. In our case, it was the best way to go. Since we had so many other Cisco products, we were able to tie those in. We were actually able to get several Cisco security solutions for less than if we had bought three or four Cisco security solutions independently or ad hoc."
"I rate the pricing a five or six on a scale of one to ten, where one is expensive, and ten is cheap."
More Cisco Secure Endpoint pricing and cost advice
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"The pricing is definitely fair for what it does."
"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
More Morphisec pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
872,869 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Manufacturing Company
9%
Government
8%
Healthcare Company
6%
Outsourcing Company
16%
Manufacturing Company
12%
Computer Software Company
9%
Financial Services Firm
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise14
Large Enterprise21
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
 

Questions from the Community

What do you like most about Cisco Secure Endpoint?
The product's initial setup phase was very simple.
See all answers
What is your experience regarding pricing and costs for Cisco Secure Endpoint?
Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdStrike, Microsoft Defender, or SentinelOne.
See all answers
What needs improvement with Cisco Secure Endpoint?
Cisco Secure Endpoint lacks features like DLP which other vendors offer. XDR is new, so integration capabilities with third-party tools need improvement. The forensic capabilities need enhancement,...
See all answers
Ask a question
Earn 20 points
 

Comparisons

Microsoft Defender for Endpoint vs Cisco Secure Endpoint Logo
Microsoft Defender for Endpoint vs Cisco Secure Endpoint
Compared 12% of the time
CrowdStrike Falcon vs Cisco Secure Endpoint Logo
CrowdStrike Falcon vs Cisco Secure Endpoint
Compared 9% of the time
SentinelOne Singularity Complete vs Cisco Secure Endpoint Logo
SentinelOne Singularity Complete vs Cisco Secure Endpoint
Compared 7% of the time
Cortex XDR by Palo Alto Networks vs Cisco Secure Endpoint Logo
Cortex XDR by Palo Alto Networks vs Cisco Secure Endpoint
Compared 5% of the time
Trellix Endpoint Security Platform vs Cisco Secure Endpoint Logo
Trellix Endpoint Security Platform vs Cisco Secure Endpoint
Compared 4% of the time
More Cisco Secure Endpoint Competitors
Halcyon vs Morphisec Logo
Halcyon vs Morphisec
Compared 19% of the time
CrowdStrike Falcon vs Morphisec Logo
CrowdStrike Falcon vs Morphisec
Compared 17% of the time
Deep Instinct Prevention Platform vs Morphisec Logo
Deep Instinct Prevention Platform vs Morphisec
Compared 12% of the time
SentinelOne Singularity Complete vs Morphisec Logo
SentinelOne Singularity Complete vs Morphisec
Compared 11% of the time
Microsoft Defender for Endpoint vs Morphisec Logo
Microsoft Defender for Endpoint vs Morphisec
Compared 6% of the time
More Morphisec Competitors
 

Product Reports

Buyer's Guide
Cisco Secure Endpoint
November 2025
Cisco Secure Endpoint reportDownload Cisco Secure Endpoint product report
Buyer's Guide
Morphisec
October 2025
Morphisec reportDownload Morphisec product report
 

Also Known As

Cisco AMP for Endpoints
Morphisec, Morphisec Moving Target Defense
 

Overview

Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities. Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.

Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.

Reviews from Real Users

Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.

Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."

Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."

Cisco

Morphisec integrates seamlessly with platforms like Microsoft Defender, offering signatureless protection against zero-day threats and ransomware. It enhances existing endpoint solutions with minimal maintenance through its set-and-forget deployment, providing heightened security and reduced false positives.

Morphisec strengthens defense strategies by merging memory morphing and signatureless protection to effectively block zero-day attacks and ransomware. It operates efficiently within existing infrastructure, reducing system impact and maintenance needs. Users find its full visibility dashboard invaluable. Despite its strengths, cloud deployment and reporting features can be improved. Stability, alerts, and integration with other systems pose challenges for users, impacting usability and support quality.

What are Morphisec's key features?

  • Seamless Integration: Works with Microsoft Defender for comprehensive dashboard visibility
  • Memory Morphing: Hides processes to reduce attack surfaces
  • Signatureless Protection: Prevents threats without impacting performance
  • Automatic Threat Blocking: Uses inbuilt intelligence to detect risks
  • Set-and-Forget Deployment: Simplifies management and reduces maintenance

What benefits should users consider in reviews?

  • Quick Deployment: Fast setup without disrupting operations
  • Enhanced Protection: Provides an additional defense layer against advanced threats
  • Cost-Effectiveness: Works with existing licenses, minimizing extra investments
  • Improved Compatibility: Integrates smoothly with current antivirus systems
  • Minimal System Impact: Operates efficiently without overloading resources

In security-focused industries, Morphisec is crucial for protecting workstations and servers against sophisticated attacks like ransomware. Its signatureless technology offers early threat detection, while compatibility with existing systems ensures seamless integration, providing advanced protection without additional licensing costs.

Morphisec
 

Sample Customers

Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Buyer's Guide
Cisco Secure Endpoint vs. Morphisec
September 2025
Free Report: Cisco Secure Endpoint vs. Morphisec
Find out what your peers are saying about Cisco Secure Endpoint vs. Morphisec and other solutions. Updated: September 2025.
DOWNLOAD NOW
872,869 professionals have used our research since 2012.
See our Cisco Secure Endpoint vs. Morphisec report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.