Try our new research platform with insights from 80,000+ expert users

CylanceOPTICS vs Microsoft Defender for Endpoint comparison

BlackBerry and Microsoft are both solutions in the Endpoint Detection and Response (EDR) category. BlackBerry is ranked #42 with an average rating of 7.8, while Microsoft is ranked #3 with an average rating of 8.3. BlackBerry holds a 0.3% mindshare in EDR, compared to Microsoft’s 10.5% mindshare. Additionally, 80% of BlackBerry users are willing to recommend the solution, compared to 94% of Microsoft users who would recommend it.
CylanceOPTICS
Read 11 CylanceOPTICS reviews
  • 456 Views
  • 75 Comparison Views
80% willing to recommend
Microsoft Defender for Endp...
Read 197 Microsoft Defender for Endpoint reviews
  • 19,755 Views
  • 3,983 Comparison Views
94% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

Microsoft Defender for Endpoint and CylanceOPTICS are prominent endpoint security solutions. Microsoft Defender for Endpoint is favored for its ease of use and integration, while CylanceOPTICS stands out for its advanced AI-driven threat detection capabilities.

Features: Microsoft Defender for Endpoint offers seamless integration with other Microsoft services, comprehensive threat intelligence, and a user-friendly interface. CylanceOPTICS is known for its advanced AI-driven threat detection, proactive threat prevention, and unique machine learning capabilities.

Room for Improvement: Microsoft Defender for Endpoint could benefit from improved remediation capabilities, more granular reporting, and enhanced cross-platform support. CylanceOPTICS needs better reporting tools, improved user interface, and more streamlined deployment processes.

Ease of Deployment and Customer Service: Microsoft Defender for Endpoint is reported to have a straightforward deployment process, particularly for organizations already using Microsoft products, and receives positive feedback on its support services. CylanceOPTICS users note a more technical deployment process but also commend its customer support.

Pricing and ROI: Microsoft Defender for Endpoint is seen as cost-effective, especially for enterprises within the Microsoft ecosystem. CylanceOPTICS, though considered to have a higher initial setup cost, delivers excellent ROI thanks to its proactive threat prevention capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed CylanceOPTICS vs. Microsoft Defender for Endpoint Report (Updated: June 2025).
Buyer's Guide
CylanceOPTICS vs. Microsoft Defender for Endpoint
June 2025
Download the complete report
Helped 860,592 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CylanceOPTICS
Ranking in Endpoint Detection and Response (EDR)
42nd
Average Rating
7.4
Reviews Sentiment
4.5
Number of Reviews
11
Ranking in other categories
No ranking in other categories
Microsoft Defender for Endp...
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
197
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (4th), Anti-Malware Tools (1st), Microsoft Security Suite (4th)
 

Mindshare comparison

As of July 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of CylanceOPTICS is 0.3%, up from 0.1% compared to the previous year. The mindshare of Microsoft Defender for Endpoint is 10.5%, down from 13.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

HERNAN RODRIGUEZ - PeerSpot reviewer
Easy to use
CylanceOPTICS is easy to use.  The product's technical support is slow.  I have been using the product for three years.  CylanceOPTICS is easy to use.  I rate the solution a nine out of ten. 
Read full review
Sudhen Swami - PeerSpot reviewer
Easy to update with good protection and a useful cloud portal
We've mainly used it for endpoints. However, we've also used it for DLP as well. We're also in the process of implementing it for cloud and identity as well. However, it's very good for endpoints, and that's our main focus. The malware protection is good. The visibility it provides is very useful. We can combine visibility with wider security features and alerts around malware, misconfiguration, or any other kinds of threats. The cloud portal is quite good. From there, we are able to see alerts and have colleagues review issues and monitor to see if any patterns arise. It's serving us quite well overall. It allows us to look at other items, like application and browser control. It helps us prioritize threats. We have a process in place now where we can review issues and remediate them effectively. We have been able to integrate a variety of Microsoft security products together. We use Azure AD, for example, and we've begun to implement DLP, among other items. We're looking at labeling and tagging and will expand into that soon. Defender has more stringent system requirements than, for example, Check Point. So when we implemented the Check Point Endpoint agent, that solution didn't mind what version of Windows you were using. When we moved to Defender, Defender had certain system prerequisites that had to be met. So we had to make sure that we're on a minimum version of Windows when we're utilizing Office, and Office has to be a particular version as well. It has more stringent system requirements that have to be met before you can implement it. It works natively together with other Microsoft solutions. Once you get more and more of those different components across the environment, then you start to get better visibility. So, rather than having lots of different solutions, you have fewer solutions and a single vendor solution. That way, you start getting into a position where you get better visibility and integration as well. The standardization is good. It's important. It's helping me with monitoring and learning. Updates and upgrades are quite smooth and seamless. Defender helps us automate routine tasks. Quite a lot of Microsoft is straightforward for us now. Previously, we didn't have enough resources and were unable to look at the alerts. Having this in place makes things a lot more straightforward for us. We have both the technology and the people in place now, alongside the process. We do see the benefits in that, and that's why we're continuing our adoption across the estate in terms of client and server as well. It's helping us avoid looking at multiple dashboards and centralized monitoring. We're not fully there yet. We're getting there. While we haven't witnessed time saving yet, once it's fully deployed, it will. By then, we'll have standardized processes across a single solution. We have saved money, however, as we continue to reduce non-Mircosft systems. Since we won't be using various competing technologies, we can save on licensing costs. We've likely so far saved 15%. While it's hard to estimate exactly how much, the solution has helped us decrease time to detection and time to respond.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It automatically blocks the threats, helping us investigate if they harm the environment."
"You can use the solution to query certain things."
"The most valuable feature is the ability to respond to zero-day and unknown threats."
"Cylance is not a signature-based protection solution and instead works proactively using AI and ML models to patrol for malicious behavior."
"CylanceOPTICS is easy to use."
"The solution has a high level of trust in the industry."
"CylanceOPTICS is pretty stable."
"The initial setup was fairly straightforward. To get a large health care organization sorted, we had to create exemptions because some of the scripts and some of the automations were broken."
More CylanceOPTICS pros
"It performs well. The stability is seamless."
"We are able to productively integrate with existing on-prem, hybrid, or cloud applications."
"It's pretty easy to use, works with compliance issues, and is reliable."
"Because it has been integrated with the OS, we get the entire software inventories, and we even get access to the registries. Those are the primary features."
"There are some competitive products on the market, but the best is Microsoft Defender because it's very easy to integrate. That's one reason a lot of clients want Microsoft Defender. It's also very easy to implement compared to other solutions."
"Technical support has been great."
"Defender for Endpoint is a robust solution that works well out-of-the-box."
"What I like most is the protection against phishing emails and anti-spam."
More Microsoft Defender for Endpoint pros
 

Cons

"The technical support could be improved although it's probably better than you get with a lot of the other traditional antivirus solutions"
"Our customers would like to see more automation with respect to how threats are handled once they have been detected."
"The product's technical support is slow."
"One minor issue that somebody mentioned was that they didn't like their management console."
"It takes more time to investigate or dig up and understand what's going on."
"CylanceOPTICS could benefit from more granular control in the timeline-building process. Ideally, users would be able to drill deeper into the analysis rather than have the machine dictate the direction."
"The tools are ineffective. It flags a lot of things. To give you an example, it detected Google Chrome and blocked the user's access to it. That it mistook for malicious, which turned out to be a false positive."
"The detection component is something that they have to work on."
More CylanceOPTICS cons
"Where we stand right now, compared to other products that are there in the market, they still have to work on their threat intelligence and the overall maturity of detecting the malware."
"In terms of the architecture of the management infrastructure, we found that other technologies are more simple. Microsoft Defender could be simpler too."
"The solution could always be more secure."
"The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices."
"It needs to improve the cybersecurity for lateral movements. For example, when a hacker tries to enter a machine, they try to get the password by doing a lateral movement."
"They can improve it on the online protection front since people nowadays are moving online and working from home."
"At times, the other antivirus products are now doing AI, in terms of understanding the behavior of the system and determining when there's an anomaly. This is something that Defender can improve on."
"Additional security would be beneficial."
More Microsoft Defender for Endpoint cons
 

Pricing and Cost Advice

"We pay for the number of endpoints we have and that is about it. On a monthly basis, the licensing cost is $55 per user."
"The pricing for CylanceOPTICS is very good; I would rate it around a nine on a scale of one to ten, with ten being the lowest. It's one of the most affordable options I've seen."
"I would rate the pricing a three out of five."
"CylanceOPTICS is probably priced equal to other EDRs in the market."
"This is an expensive product and licensing for all Microsoft products is a big issue."
"The base price for an E5 license, which includes Enterprise Mobility + Security E5, is $57 per user per month."
"We have been using the free version."
"The solution is free and comes with Windows."
"Everybody would like to see a lower price on everything. The Slovenian market is basically an SME market with clients having up to 100 seat licenses, comprising 90% of the company. They're very price sensitive. So, the price could be cheaper."
"It is free."
"Pricing for Microsoft Defender for Endpoint is competitive. Out of the bundle, you will get a lot of security, if I talk about Microsoft E5, for example, and get a lot of benefits. If the customer goes and purchases a different solution, it will cost more, so pricing for Microsoft Defender for Endpoint is quite reasonable at the moment. There isn't any challenge in terms of pricing, for example, I didn't see a customer who pulled back because of the price. Some prices could be negotiable, and sometimes, as a sales point, the two become negotiable, but they don't bill one and pull back because of the pricing. If you have an E5 license, you get everything."
"This solution is part of an enterprise license we have."
More Microsoft Defender for Endpoint pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
See recommendations
860,592 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
19%
Computer Software Company
17%
Financial Services Firm
8%
Insurance Company
6%
Educational Organization
14%
Computer Software Company
13%
Government
8%
Financial Services Firm
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Blackberry Optics?
I would rate the stability a nine out of ten. I would give it a close ten as possible because, like SentinelOne, I've seen incompatibility. Whereas Cylance, I've seen none.
See all answers
What is your experience regarding pricing and costs for Blackberry Optics?
CylanceOPTICS is probably priced equal to other EDRs in the market. Price-wise, considering what it has to offer, you could probably get a better product.
See all answers
What needs improvement with Blackberry Optics?
The solution's contextual analysis is sometimes not very clear compared to some modern EDRs like CrowdStrike. Compared to other EDR tools, CylanceOPTICS lacks some information. It takes more time t...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
See all answers
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
See all answers
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
See all answers
 

Comparisons

CrowdStrike Falcon vs CylanceOPTICS Logo
CrowdStrike Falcon vs CylanceOPTICS
Compared 50% of the time
Rapid7 InsightIDR vs CylanceOPTICS Logo
Rapid7 InsightIDR vs CylanceOPTICS
Compared 50% of the time
More CylanceOPTICS Competitors
CrowdStrike Falcon vs Microsoft Defender for Endpoint Logo
CrowdStrike Falcon vs Microsoft Defender for Endpoint
Compared 6% of the time
HP Wolf Security vs Microsoft Defender for Endpoint Logo
HP Wolf Security vs Microsoft Defender for Endpoint
Compared 5% of the time
F-Secure Total vs Microsoft Defender for Endpoint Logo
F-Secure Total vs Microsoft Defender for Endpoint
Compared 5% of the time
Trellix Endpoint Security Platform vs Microsoft Defender for Endpoint Logo
Trellix Endpoint Security Platform vs Microsoft Defender for Endpoint
Compared 4% of the time
Symantec Endpoint Security vs Microsoft Defender for Endpoint Logo
Symantec Endpoint Security vs Microsoft Defender for Endpoint
Compared 4% of the time
More Microsoft Defender for Endpoint Competitors
 

Product Reports

Buyer's Guide
CylanceOPTICS
June 2025
CylanceOPTICS reportDownload CylanceOPTICS product report
Buyer's Guide
Microsoft Defender for Endpoint
June 2025
Microsoft Defender for Endpoint reportDownload Microsoft Defender for Endpoint product report
 

Also Known As

No data available
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
 

Interactive Demo

Demo not available
BlackBerry
Microsoft
 

Overview

Our cloud-native BlackBerry® Optics provide visibility, on-device threat detection and remediation across your organization. In milliseconds. And our EDR approach effectively and efficiently hunts threats while eliminating response latency. It’s the difference between a minor security event—and one that’s widespread and uncontrolled.

BlackBerry

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft
 

Sample Customers

Cerdant, Washoe County School District
Petrofrac, Metro CSG, Christus Health
Buyer's Guide
CylanceOPTICS vs. Microsoft Defender for Endpoint
June 2025
Free Report: CylanceOPTICS vs. Microsoft Defender for Endpoint
Find out what your peers are saying about CylanceOPTICS vs. Microsoft Defender for Endpoint and other solutions. Updated: June 2025.
DOWNLOAD NOW
860,592 professionals have used our research since 2012.
See our CylanceOPTICS vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.