Cisco Secure Endpoint and Trellix Active Response are key contenders in endpoint protection. User data indicates that Trellix Active Response has the upper hand due to superior features, despite higher costs.
Features: Cisco Secure Endpoint includes strong malware detection, integration capabilities, and comprehensive detection. Trellix Active Response offers advanced threat intelligence, response automation, and proactive threat management.
Room for Improvement:Cisco Secure Endpoint needs better endpoint detection and response capabilities, user interface enhancements, and improved reporting. Trellix requires streamlined reporting, simpler dashboard navigation, and better documentation.
Ease of Deployment and Customer Service: Cisco Secure Endpoint is noted for easy deployment and responsive support. Trellix Active Response, though more complex to deploy, also has positive support feedback.
Pricing and ROI: Cisco Secure Endpoint is budget-friendly with swift ROI. Trellix Active Response, with higher setup costs, delivers higher perceived value through advanced features.
While we haven't yet quantified the financial benefits, we recognize that there has been a return on investment, particularly with operational efficiencies provided by the alerts.
Cisco has good technical support, especially considering these are newer solutions compared to traditional routing and switching products.
I would rate technical support from Trellix Active Response as a seven because sometimes we face difficulties finding engineers quickly, leading to customer frustration.
Cisco Secure Endpoint is definitely scalable.
The scalability of Active Response is satisfactory.
We have not encountered any problems.
The forensic capabilities need enhancement, especially for deep forensic data collection.
We would like Trellix to optimize the technology for these systems similarly to how it is deployed for normal endpoints.
There is room for improvement in the platform area and security area to make the dashboard visibility clearer and easier for customers to monitor malicious activities occurring in their environment.
Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdStrike, Microsoft Defender, or SentinelOne.
Based on our evaluations, Trellix Active Response's pricing was the most feasible from a cost perspective.
Cisco Secure Endpoint is very good in machine learning, which allows it to secure offline contents even if not connected to the internet.
They notify us immediately of any vulnerabilities on the endpoints, allowing us to deploy a response quickly.
The most valuable feature of Trellix Active Response is that whenever any incident occurs, it allows us to disconnect from that particular network or area and shut down the system using commands.
| Product | Market Share (%) |
|---|---|
| Cisco Secure Endpoint | 1.6% |
| Trellix Active Response | 0.3% |
| Other | 98.1% |
| Company Size | Count |
|---|---|
| Small Business | 21 |
| Midsize Enterprise | 14 |
| Large Enterprise | 21 |
Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities. Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.
Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.
Reviews from Real Users
Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.
Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."
Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
Continuous Visibility into Your Endpoints:
Capture and monitor events, files, host flows, process objects, context, and system state changes that may be indicators of attack or dormant attack components.
Identify and Remediate Breaches Faster:
Access tools you need to quickly correct security issues. Send intelligence to analytics, operations, and forensic teams.
Target Critical Threats:
Get preconfigured and customizable actions when triggered, so you can target and eliminate threats.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
