No more typing reviews! Try our Samantha, our new voice AI agent.

Cisco Secure Endpoint vs N-able EDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Cisco Secure Endpoint
Ranking in Endpoint Detection and Response (EDR)
26th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
49
Ranking in other categories
Endpoint Protection Platform (EPP) (29th), Cisco Security Portfolio (8th)
N-able EDR
Ranking in Endpoint Detection and Response (EDR)
50th
Average Rating
7.6
Reviews Sentiment
7.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Cisco Secure Endpoint is 1.3%, down from 1.6% compared to the previous year. The mindshare of N-able EDR is 0.7%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Cisco Secure Endpoint1.3%
N-able EDR0.7%
Other94.4%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
JavedHashmi - PeerSpot reviewer
Chief Technology Officer at Future Point Technologies
Reliable threat protection is achieved while integration and analysis capabilities need refinement
Cisco Secure Endpoint is very good in machine learning, which allows it to secure offline contents even if not connected to the internet. We haven't encountered a single breach after it's deployed. It controls USB devices and has a separate antivirus solution called Tetra, providing security even for real-time, day-zero attacks through its strong Talos threat intelligence platform.
NM
Senior Operations Specialist at Tagit cc
Reporting effectiveness and advanced AI capabilities improve threat awareness while needing pricing simplification and licensing self-service
With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process. If they could bundle it as one solution and show the capabilities or features, they would be able to sell it more effectively, and as resellers, we could sell it to customers more easily. The technical support is responsive, but sometimes we experience limitations regarding the ability to add licensing. They could implement a self-service platform for assigning new licenses or ordering more. Currently, we depend on contacting someone who sends a new contract to sign through the process. They could change their licensing model, though I am not the right person to comment on functionality. On the reporting side, everything is covered.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Threat identification and detection are the most valuable features of this solution."
"The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"The best feature of Cortex XDR by Palo Alto Networks is that it collects logs from different sections such as the endpoint, the network, and the cloud, making it easy to investigate alerts, collect some of the investigation packages related to the infected machines, and provide live response."
"Traps pays for itself within the first 16 months of a three-year subscription."
"The stability is pretty good except for one or two cases, and based on the performance, it's been okay with pretty high performance, no bugs or glitches, and it doesn't crash or freeze."
"One thing that I like about Cortex XDR by Palo Alto Networks, it is detecting all the suspicious or malicious binaries, and it has integration with Palo Alto Firewall."
"My advice for anybody who is considering Cortex XDR is that it is a complete solution, and has very good features."
"One of the best features of AMP is its cloud feature; it doesn't matter where the device is in regards to whether it's inside or outside of your network environment, especially right now when everybody's remote and taking their laptops home, because you don't have to be VPNed into the environment for AMP to work and AMP will work anywhere in the world as long as it has an Internet connection, giving you protection and reporting so no matter where the device is, AMP has still got coverage on it and is protecting it while you still have the ability to manage and remediate things, making the cloud feature the magic bullet and what makes the solution a valuable tool as far as I'm concerned."
"The most valuable feature at this moment is that Cisco AMP or Cisco Secure Endpoint solution is delivering a lot of things, and I always say to a lot of customers that if we didn't have Cisco AMP, we probably would have had ransomware somewhere. So, it's protecting us very well from a lot of hackers, malware, and especially ransomware."
"We are estimating 5 to 10 percent staff productivity increases."
"Cisco Secure Endpoint enables us to stop a threat before it spreads across our system, which is a massive improvement for us as we couldn't follow threats and respond to them as rapidly when we used other solutions."
"It is reasonably easy to remediate issues using Cisco Secure Endpoint, in part because I don't have to visit the physical machines to remediate them, and as such, the time it takes for remediation has been decreased."
"We have seen a measurable decrease in the mean time to detect or respond to threats by 90 percent, blocking a vast majority of threats."
"The solution is easy to deploy and applies multi-factor authentication."
"Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
"It provides visibility and a storyline to track the virus or malware's activities, showing infected processes and changes made."
"The most valuable feature, which I can describe as the '360 vision' of the inventory device, provides a complete view of all the devices."
"The most valuable features are the rollback feature, it's important for us. The AI models and are good."
"We have been using this solution for quite some time, and the AI functionality is quite advanced; we are able to provide insights on different aspects and read the reports easily."
 

Cons

"Additionally, I think the price is very high, and if it can be adjusted, I believe it will be a very good solution."
"A little bit more automation would be nice."
"The connection to the internet has not performed as expected."
"I would like to see some additional features related to email protection included."
"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
"Basically, they don't provide customer support tools just to investigate the logs."
"There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly."
"The downside to the solution is that there are a large number of false positives."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"I would like to see integration with Cisco Analytics."
"Cisco Secure Endpoint lacks features like DLP which other vendors offer. XDR is new, so integration capabilities with third-party tools need improvement."
"We have had some problems with updates not playing nice with our environment."
"It does not include encryption and decryption of local file shares."
"Its price is okay for us, but it can always be better. There's always room for improvement when it comes to pricing."
"Pricing can be more expensive than similar software that does less functionality, but not recognized by customers."
"It's pretty good as it is, but its cost could be improved."
"We have a lot of false positives we see in the dashboard. I think this is the only problem we are facing."
"I would like to see them add support for both Android and iOS smartphones."
"I would rate the scalability as seven out of ten. The capability is useful. Concerning the license, if I add one more device without a license, it will automatically subscribe to a license. I do not appreciate that."
"With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process."
 

Pricing and Cost Advice

"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"The pricing is okay, although direct support can be expensive."
"The solution is expensive. It's pricing is on a yearly-basis."
"Its pricing is kind of in line with its competitors and everybody else out there."
"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"The price of the product is not very economical."
"The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."
"Cisco's pricing is reasonable. We also do not need to opt for niche players, which would have charged us significantly more than Cisco for ecosystem solutions. We are highly satisfied with the pricing structure of Cisco's solutions they are reasonable."
"The pricing and licensing are reasonable. The cost of AMP for Endpoints is inline with all the other software that has a monthly endpoint cost. It might be a little bit higher than other antivirus type products, but we're only talking about a dollar a month per user. I don't see that cost as being an issue if it's going to give us the confidence and security that we're looking for. We have had a lot of success and happiness with what we're using, so there's no point in changing."
"The price is very good."
"Our company was very happy with the price of Cisco AMP. It was about a third of what we were paying for System Center Endpoint Protection."
"The solution is highly affordable; I believe we pay $2 or $3 per endpoint. It's significantly cheaper than the competitors on the market."
"The solution's price is about the same as that of Palo Alto solutions."
"Pricing is a big issue."
"It is quite cost-effective. I would rate it ten out of ten."
"The pricing is average."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Manufacturing Company
10%
Financial Services Firm
8%
Construction Company
7%
Government
7%
Manufacturing Company
20%
Comms Service Provider
14%
Transportation Company
11%
Healthcare Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise15
Large Enterprise21
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Cisco Secure Endpoint?
Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdS...
What needs improvement with Cisco Secure Endpoint?
Cisco Secure Endpoint lacks features like DLP which other vendors offer. XDR is new, so integration capabilities with...
What is your primary use case for Cisco Secure Endpoint?
We deployed Cisco Secure Endpoint for our customers two to three years back. The use case was to secure their endpoin...
What needs improvement with N-able EDR?
With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process. If t...
What is your primary use case for N-able EDR?
We are using N-able EDR, but I think Sophos makes sense because of the environment we operate in. The localization an...
What advice do you have for others considering N-able EDR?
I am more focused on operations and procurement. The decision to use this solution was made before I joined the compa...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Cisco AMP for Endpoints
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
Information Not Available
Find out what your peers are saying about Cisco Secure Endpoint vs. N-able EDR and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.