Try our new research platform with insights from 80,000+ expert users

Cisco Secure Cloud Analytics [EOL] vs Microsoft Defender for Endpoint comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Secure Cloud Analytic...
Average Rating
8.6
Number of Reviews
7
Ranking in other categories
No ranking in other categories
Microsoft Defender for Endp...
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
197
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (4th), Anti-Malware Tools (1st), Endpoint Detection and Response (EDR) (3rd), Microsoft Security Suite (4th)
 

Featured Reviews

Olivier CHAMBELANT - PeerSpot reviewer
Beneficial cloud deployment
Opening a ticket with support can be difficult but once it is open the support does a good job. They want us to provide a lot of information, such as the order number and when it was bought. It takes a long time, they can improve by having a faster response time.
Sudhen Swami - PeerSpot reviewer
Easy to update with good protection and a useful cloud portal
We've mainly used it for endpoints. However, we've also used it for DLP as well. We're also in the process of implementing it for cloud and identity as well. However, it's very good for endpoints, and that's our main focus. The malware protection is good. The visibility it provides is very useful. We can combine visibility with wider security features and alerts around malware, misconfiguration, or any other kinds of threats. The cloud portal is quite good. From there, we are able to see alerts and have colleagues review issues and monitor to see if any patterns arise. It's serving us quite well overall. It allows us to look at other items, like application and browser control. It helps us prioritize threats. We have a process in place now where we can review issues and remediate them effectively. We have been able to integrate a variety of Microsoft security products together. We use Azure AD, for example, and we've begun to implement DLP, among other items. We're looking at labeling and tagging and will expand into that soon. Defender has more stringent system requirements than, for example, Check Point. So when we implemented the Check Point Endpoint agent, that solution didn't mind what version of Windows you were using. When we moved to Defender, Defender had certain system prerequisites that had to be met. So we had to make sure that we're on a minimum version of Windows when we're utilizing Office, and Office has to be a particular version as well. It has more stringent system requirements that have to be met before you can implement it. It works natively together with other Microsoft solutions. Once you get more and more of those different components across the environment, then you start to get better visibility. So, rather than having lots of different solutions, you have fewer solutions and a single vendor solution. That way, you start getting into a position where you get better visibility and integration as well. The standardization is good. It's important. It's helping me with monitoring and learning. Updates and upgrades are quite smooth and seamless. Defender helps us automate routine tasks. Quite a lot of Microsoft is straightforward for us now. Previously, we didn't have enough resources and were unable to look at the alerts. Having this in place makes things a lot more straightforward for us. We have both the technology and the people in place now, alongside the process. We do see the benefits in that, and that's why we're continuing our adoption across the estate in terms of client and server as well. It's helping us avoid looking at multiple dashboards and centralized monitoring. We're not fully there yet. We're getting there. While we haven't witnessed time saving yet, once it's fully deployed, it will. By then, we'll have standardized processes across a single solution. We have saved money, however, as we continue to reduce non-Mircosft systems. Since we won't be using various competing technologies, we can save on licensing costs. We've likely so far saved 15%. While it's hard to estimate exactly how much, the solution has helped us decrease time to detection and time to respond.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The tool's best feature is its ability to monitor network traffic. It will also inform users whether the traffic generated by a network is legitimate. The tool helps to capture and analyze the network traffic."
"Cisco Stealthwatch Cloud is scalable because it is on the cloud."
"When it comes to scalability, there's no size limit. It varies based on licenses and requirements."
"The logs in Cisco Stealthwatch Cloud are very good when doing the API integration in the team. It is able to give you important information for the correlations."
"Monitoring the traffic, making sure you have the visibility."
"The product helps me to see malware."
"It tells you if there is any communication going to command and control servers, or if there is any traffic that violates your internal policy, or if any data hoarding is happening where data is being dumped from your machine to outside of the environment. It provides all such meaningful reports to help you understand what's happening."
"It performs well. The stability is seamless."
"I like Defender's reporting and logging features. The email alerts are also helpful. It's hard sometimes to sift through the email, especially if you're an IT firm managing hundreds if not thousands of endpoints, but we find email reporting useful. For example, last Tuesday, we learned of new vulnerabilities that were discovered as a result of the previous patches. The endpoints without those patches triggered alerts in Defender."
"The most valuable aspect lies in its automation capabilities, particularly within security automation."
"It shows us the risky sign-ins, and if a user's password has been compromised."
"The EDR feature is most valuable."
"The patch management is very easy, as it can be done automatically or added to a schedule."
"Defender is stable, I haven't had any problems with viruses when using it, and it's easy to update."
"Investigators can trace back to find the root cause."
 

Cons

"Cisco Stealthwatch Cloud could improve the graphical user interface. It could be a more user-friendly graphical user interface. so that. Not everybody's a cyber security professional, most of the customers that I deal with are not very skilled. The terms that they use in the solution are quite understandable for a normal CIO."
"The product's price is high."
"If we migrate these things to an event or send us an email if there is any critical event, I would like to configure these things on the initial launch. Because if a system is compromised, there will be a lot of data movement from one post to another post to the outside. Then, we should also get an alert on email as well. We have since we have integrated these things. But a direct email for critical alerts should be there. So, I would like to enhance the critical event configuration."
"The initial setup of Cisco Stealthwatch Cloud is complex."
"The product needs to improve its user-friendliness. It is very tricky and you need to study it before using the standard functionalities."
"When I used to work on it, I just didn't see anything new happening for about a year and a half. Providing newer data and newer reports constantly would help. There should be more classifications and more interesting data."
"The initial setup is a bit complex in terms of deployment and configuration"
"On the Mac OS platform, there is no parity between Windows and Mac OS. The solution is very feature-rich and very well-integrated into Windows, and I guess baked into Windows 10 and Windows 11. Whereas, on the Mac OS platform, there is still some work there to give it a more feature-reach platform."
"Defender could be more secure and stable."
"The solution could be even more secure and provide an even higher level of security."
"There's a lot of manual effort involved to configure what we need."
"The only issue I would say is our mobile endpoints do not have Defender installed for part of them. An additional feature that could be included in the next release is free Copilot."
"The detection of viruses could be a little bit better."
"We encountered some issues when we were trying to enable automatic updates from our group policy."
"Microsoft Defender for Endpoint should include better automation that will make it faster to detect the latest threats happening across the world."
 

Pricing and Cost Advice

"The price of Cisco Stealthwatch Cloud is expensive."
"Cisco Stealthwatch Cloud is an expensive enterprise solution."
"The solution is quite expensive."
"It is free."
"I'm not too familiar with costs as I'm an architect, though I know about online pricing, as I help two teams with online purchasing and procurement. Nowadays, everyone has an enterprise agreement, such as an E3 license, which we provide to our customers."
"We went for Microsoft Defender once we were informed that it would be part of our Office 365 package. So, we combined the licensing for the OS with Office 365. Yeah. We thought it was a good bargain."
"The price is higher than others because it is doing more than what the others are doing."
"The solution comes free with Microsoft Windows 10."
"Given our extensive Microsoft licensing, transitioning to Defender for Endpoint did not affect licensing costs."
"If we are acquiring everything in a single place, the front end becomes cost-effective."
"The E5 license is the one that I recommend because it comes with Cloud App Security, which is a good thing to have on top of Microsoft Defender."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
860,168 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
35%
Financial Services Firm
10%
Government
7%
University
7%
Educational Organization
14%
Computer Software Company
13%
Government
8%
Financial Services Firm
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Cisco Stealthwatch Cloud?
When it comes to scalability, there's no size limit. It varies based on licenses and requirements.
What needs improvement with Cisco Stealthwatch Cloud?
There are two areas of improvement. Firstly, extend the log retrieval limit to at least three months. For example, there is a limit on the number of log messages that can be received. So, I would l...
What is your primary use case for Cisco Stealthwatch Cloud?
We are using Cisco Secure Cloud Analytics, also known as Cisco's WatchCloud, to monitor user activity in the cloud. Specifically, we are looking for users who are uploading or downloading data beyo...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

Cisco Stealthwatch Cloud, Observable Networks
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Options, Schneider Electric, Washington University in St Louis, Gotcha, Kraft Kennedy, PartnerRe, Sumologic, Veterans United, AFGE, Agraform, Artesys, Dynamic Ideas Financials, Department of Agriculture and Commerce
Petrofrac, Metro CSG, Christus Health
Find out what your peers are saying about Darktrace, Check Point Software Technologies, Fortinet and others in Intrusion Detection and Prevention Software (IDPS). Updated: June 2025.
860,168 professionals have used our research since 2012.