Cisco Secure Cloud Analytics [EOL] vs Microsoft Defender for Endpoint comparison

Intrusion Detection and Prevention Software (IDPS)

Download the complete report

Helped 860,168 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Secure Cloud Analytic...

Average Rating

8.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Microsoft Defender for Endp...

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

197

Ranking in other categories

Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (4th), Anti-Malware Tools (1st), Endpoint Detection and Response (EDR) (3rd), Microsoft Security Suite (4th)

Featured Reviews

Olivier CHAMBELANT

Global Network and Telecommunication Manager at Nemera Development S.A.

Beneficial cloud deployment

Opening a ticket with support can be difficult but once it is open the support does a good job. They want us to provide a lot of information, such as the order number and when it was bought. It takes a long time, they can improve by having a faster response time.

Read full review

Sudhen Swami

Senior Enterprise Architect at MTVH

Easy to update with good protection and a useful cloud portal

We've mainly used it for endpoints. However, we've also used it for DLP as well. We're also in the process of implementing it for cloud and identity as well. However, it's very good for endpoints, and that's our main focus. The malware protection is good. The visibility it provides is very useful. We can combine visibility with wider security features and alerts around malware, misconfiguration, or any other kinds of threats. The cloud portal is quite good. From there, we are able to see alerts and have colleagues review issues and monitor to see if any patterns arise. It's serving us quite well overall. It allows us to look at other items, like application and browser control. It helps us prioritize threats. We have a process in place now where we can review issues and remediate them effectively. We have been able to integrate a variety of Microsoft security products together. We use Azure AD, for example, and we've begun to implement DLP, among other items. We're looking at labeling and tagging and will expand into that soon. Defender has more stringent system requirements than, for example, Check Point. So when we implemented the Check Point Endpoint agent, that solution didn't mind what version of Windows you were using. When we moved to Defender, Defender had certain system prerequisites that had to be met. So we had to make sure that we're on a minimum version of Windows when we're utilizing Office, and Office has to be a particular version as well. It has more stringent system requirements that have to be met before you can implement it. It works natively together with other Microsoft solutions. Once you get more and more of those different components across the environment, then you start to get better visibility. So, rather than having lots of different solutions, you have fewer solutions and a single vendor solution. That way, you start getting into a position where you get better visibility and integration as well. The standardization is good. It's important. It's helping me with monitoring and learning. Updates and upgrades are quite smooth and seamless. Defender helps us automate routine tasks. Quite a lot of Microsoft is straightforward for us now. Previously, we didn't have enough resources and were unable to look at the alerts. Having this in place makes things a lot more straightforward for us. We have both the technology and the people in place now, alongside the process. We do see the benefits in that, and that's why we're continuing our adoption across the estate in terms of client and server as well. It's helping us avoid looking at multiple dashboards and centralized monitoring. We're not fully there yet. We're getting there. While we haven't witnessed time saving yet, once it's fully deployed, it will. By then, we'll have standardized processes across a single solution. We have saved money, however, as we continue to reduce non-Mircosft systems. Since we won't be using various competing technologies, we can save on licensing costs. We've likely so far saved 15%. While it's hard to estimate exactly how much, the solution has helped us decrease time to detection and time to respond.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The tool's best feature is its ability to monitor network traffic. It will also inform users whether the traffic generated by a network is legitimate. The tool helps to capture and analyze the network traffic."

"Cisco Stealthwatch Cloud is scalable because it is on the cloud."

"When it comes to scalability, there's no size limit. It varies based on licenses and requirements."

"The logs in Cisco Stealthwatch Cloud are very good when doing the API integration in the team. It is able to give you important information for the correlations."

"Monitoring the traffic, making sure you have the visibility."

"The product helps me to see malware."

"It tells you if there is any communication going to command and control servers, or if there is any traffic that violates your internal policy, or if any data hoarding is happening where data is being dumped from your machine to outside of the environment. It provides all such meaningful reports to help you understand what's happening."

"It performs well. The stability is seamless."

"I like Defender's reporting and logging features. The email alerts are also helpful. It's hard sometimes to sift through the email, especially if you're an IT firm managing hundreds if not thousands of endpoints, but we find email reporting useful. For example, last Tuesday, we learned of new vulnerabilities that were discovered as a result of the previous patches. The endpoints without those patches triggered alerts in Defender."

"The most valuable aspect lies in its automation capabilities, particularly within security automation."

"It shows us the risky sign-ins, and if a user's password has been compromised."

"The EDR feature is most valuable."

"The patch management is very easy, as it can be done automatically or added to a schedule."

"Defender is stable, I haven't had any problems with viruses when using it, and it's easy to update."

"Investigators can trace back to find the root cause."

More Microsoft Defender for Endpoint pros

Cons

"Cisco Stealthwatch Cloud could improve the graphical user interface. It could be a more user-friendly graphical user interface. so that. Not everybody's a cyber security professional, most of the customers that I deal with are not very skilled. The terms that they use in the solution are quite understandable for a normal CIO."

"The product's price is high."

"If we migrate these things to an event or send us an email if there is any critical event, I would like to configure these things on the initial launch. Because if a system is compromised, there will be a lot of data movement from one post to another post to the outside. Then, we should also get an alert on email as well. We have since we have integrated these things. But a direct email for critical alerts should be there. So, I would like to enhance the critical event configuration."

"The initial setup of Cisco Stealthwatch Cloud is complex."

"The product needs to improve its user-friendliness. It is very tricky and you need to study it before using the standard functionalities."

"When I used to work on it, I just didn't see anything new happening for about a year and a half. Providing newer data and newer reports constantly would help. There should be more classifications and more interesting data."

"The initial setup is a bit complex in terms of deployment and configuration"

"On the Mac OS platform, there is no parity between Windows and Mac OS. The solution is very feature-rich and very well-integrated into Windows, and I guess baked into Windows 10 and Windows 11. Whereas, on the Mac OS platform, there is still some work there to give it a more feature-reach platform."

"Defender could be more secure and stable."

"The solution could be even more secure and provide an even higher level of security."

"There's a lot of manual effort involved to configure what we need."

"The only issue I would say is our mobile endpoints do not have Defender installed for part of them. An additional feature that could be included in the next release is free Copilot."

"The detection of viruses could be a little bit better."

"We encountered some issues when we were trying to enable automatic updates from our group policy."

"Microsoft Defender for Endpoint should include better automation that will make it faster to detect the latest threats happening across the world."

More Microsoft Defender for Endpoint cons

Pricing and Cost Advice

"The price of Cisco Stealthwatch Cloud is expensive."

"Cisco Stealthwatch Cloud is an expensive enterprise solution."

"The solution is quite expensive."

"It is free."

"I'm not too familiar with costs as I'm an architect, though I know about online pricing, as I help two teams with online purchasing and procurement. Nowadays, everyone has an enterprise agreement, such as an E3 license, which we provide to our customers."

"We went for Microsoft Defender once we were informed that it would be part of our Office 365 package. So, we combined the licensing for the OS with Office 365. Yeah. We thought it was a good bargain."

"The price is higher than others because it is doing more than what the others are doing."

"The solution comes free with Microsoft Windows 10."

"Given our extensive Microsoft licensing, transitioning to Defender for Endpoint did not affect licensing costs."

"If we are acquiring everything in a single place, the front end becomes cost-effective."

"The E5 license is the one that I recommend because it comes with Cloud App Security, which is a good thing to have on top of Microsoft Defender."

More Microsoft Defender for Endpoint pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

860,168 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

35%

Financial Services Firm

10%

Government

University

Educational Organization

14%

Computer Software Company

13%

Government

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cisco Stealthwatch Cloud?

When it comes to scalability, there's no size limit. It varies based on licenses and requirements.

What needs improvement with Cisco Stealthwatch Cloud?

There are two areas of improvement. Firstly, extend the log retrieval limit to at least three months. For example, there is a limit on the number of log messages that can be received. So, I would l...

What is your primary use case for Cisco Stealthwatch Cloud?

We are using Cisco Secure Cloud Analytics, also known as Cisco's WatchCloud, to monitor user activity in the cloud. Specifically, we are looking for users who are uploading or downloading data beyo...

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...

Which offers better endpoint security - Symantec or Microsoft Defender?

We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

CrowdStrike Falcon vs Microsoft Defender for Endpoint

Comparisons

No data available

Compared 6% of the time

HP Wolf Security vs Microsoft Defender for Endpoint

Compared 5% of the time

F-Secure Total vs Microsoft Defender for Endpoint

Compared 5% of the time

Trellix Endpoint Security Platform vs Microsoft Defender for Endpoint

Compared 4% of the time

Symantec Endpoint Security vs Microsoft Defender for Endpoint

Compared 4% of the time

More Microsoft Defender for Endpoint Competitors

Product Reports

Cisco Secure Cloud Analytics [EOL]

Download Cisco Secure Cloud Analytics [EOL] product report

Cisco Secure Cloud Analytics [EOL] report

Microsoft Defender for Endpoint

Download Microsoft Defender for Endpoint product report

Also Known As

Cisco Stealthwatch Cloud, Observable Networks

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus

Interactive Demo

Demo not available

Cisco

Microsoft

Overview

Cisco Secure Cloud Analytics is a cloud-based security solution that provides visibility and threat detection for cloud environments. It offers software mapping and automation for incident response, forensic analysis, and segmentation of IT architecture. The solution can be used on-premise or on the cloud and is used in various sectors such as insurance and government.

The logs in Cisco Secure Cloud Analytics are valuable for API integration in a team as they provide important information for correlations. The solution also offers automated incident response and integration with next-generation firewalls and antivirus solutions."

Cisco

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft

Sample Customers

Options, Schneider Electric, Washington University in St Louis, Gotcha, Kraft Kennedy, PartnerRe, Sumologic, Veterans United, AFGE, Agraform, Artesys, Dynamic Ideas Financials, Department of Agriculture and Commerce

Petrofrac, Metro CSG, Christus Health

Intrusion Detection and Prevention Software (IDPS)