CylanceOPTICS vs Microsoft Defender XDR comparison

BlackBerry and Microsoft are both solutions in the Endpoint Detection and Response (EDR) category. BlackBerry is ranked #28 with an average rating of 7.8, while Microsoft is ranked #5 with an average rating of 8.4. BlackBerry holds a 0.2% mindshare in EDR, compared to Microsoft’s 3.2% mindshare. Additionally, 80% of BlackBerry users are willing to recommend the solution, compared to 97% of Microsoft users who would recommend it.

CylanceOPTICS

Read 11 CylanceOPTICS reviews

420 Views
200 Comparison Views

80% willing to recommend

Microsoft Defender XDR

Read 100 Microsoft Defender XDR reviews

6,401 Views
4,928 Comparison Views

97% willing to recommend

CylanceOPTICS

Microsoft Defender XDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

CylanceOPTICS and Microsoft Defender XDR compete in the cybersecurity solutions category. Microsoft Defender XDR appears to have the upper hand due to its comprehensive feature set and stronger deployment feedback.

Features: Users highlight CylanceOPTICS for its AI-driven threat detection, real-time alerting, and user-friendly interface. Microsoft Defender XDR is praised for its seamless integration within the Microsoft ecosystem, robust threat hunting capabilities, and extensive reporting tools.

Room for Improvement: Users suggest CylanceOPTICS could benefit from improved reporting tools, faster response times, and enhanced integration options. For Microsoft Defender XDR, users often mention the need for better cross-platform support, simpler user interface, and improved troubleshooting resources.

Ease of Deployment and Customer Service: CylanceOPTICS users find deployment straightforward but indicate occasional delays in customer support. Microsoft Defender XDR receives positive feedback for smooth deployment within Windows environments, though customer service quality varies.

Pricing and ROI: CylanceOPTICS users feel the product is fairly priced with a solid ROI. Microsoft Defender XDR users report higher pricing but believe the extensive feature set justifies the cost.

To learn more, read our detailed CylanceOPTICS vs. Microsoft Defender XDR Report (Updated: April 2025).

Buyer's Guide

CylanceOPTICS vs. Microsoft Defender XDR

April 2025

Download the complete report

Helped 850,028 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

CylanceOPTICS

Ranking in Endpoint Detection and Response (EDR)

28th

Average Rating

7.4

Reviews Sentiment

4.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Microsoft Defender XDR

Ranking in Endpoint Detection and Response (EDR)

5th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

100

Ranking in other categories

Extended Detection and Response (XDR) (4th), Microsoft Security Suite (3rd)

Mindshare comparison

As of May 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of CylanceOPTICS is 0.2%, up from 0.1% compared to the previous year. The mindshare of Microsoft Defender XDR is 3.2%, down from 3.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR)

Featured Reviews

HERNAN RODRIGUEZ

IT Security Engineer at Cybolt

Easy to use

CylanceOPTICS is easy to use. The product's technical support is slow. I have been using the product for three years. CylanceOPTICS is easy to use. I rate the solution a nine out of ten.

Read full review

Gabor Nyerd

Enterprise mobility and security evangelist at a financial services firm with 5,001-10,000 employees

Includes four services and four products, which can help organizations a lot

We found that sometimes integrations work, but testing them can take some time. Sometimes, configurations take much longer than expected. We have a configuration in place that needs to be synchronized with another server. However, the servers are four hours apart, so this can cause delays. In general, I believe that the time it takes to configure and test a service should be shorter. Sometimes, it can take a couple of hours to test a single configuration setting. Other times, it is only ten or fifteen minutes, which is normal. However, sometimes, even immediate actions can be triggered by configuration changes, and some settings can take up to eight hours to complete. I believe that this time can be improved. Microsoft is making a lot of improvements to its services in a short period of time. This is a good thing, as it means that the services are constantly being updated and improved. However, it can be challenging for customers to keep up with the changes. For example, a customer may read about an update, understand it, and share it with their colleagues and boss. However, it may take days or weeks to test the update and get the necessary approvals. This can be especially challenging for large customers with many users or machines. In some cases, Microsoft may change a service before the customer has had a chance to implement the previous update. This can be frustrating for customers, as it means that they have to constantly learn new things and adjust their workflows. On the one hand, it is important for Microsoft to keep updating and improving its services. This helps to ensure that the services are meeting the customers' needs and that they are staying ahead of the competition. Microsoft should also be mindful of the challenges that these changes can create for customers. One way to address this challenge is to provide customers with more time to implement changes. Microsoft could also provide more information about upcoming changes so that customers can plan ahead. Ultimately, Microsoft needs to strike a balance between keeping its services up-to-date and providing customers with a smooth transition to new features.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution has a high level of trust in the industry."

"The most valuable feature is the ability to respond to zero-day and unknown threats."

"I would rate the stability a nine out of ten. I would give it a close ten as possible because, like SentinelOne, I've seen incompatibility. Whereas Cylance, I've seen none."

"You can use the solution to query certain things."

"The initial setup was fairly straightforward. To get a large health care organization sorted, we had to create exemptions because some of the scripts and some of the automations were broken."

"It is a bit early in our evaluation process to give proper feedback, although so far, the overall feedback is good."

"CylanceOPTICS is easy to use."

"CylanceOPTICS is pretty stable."

More CylanceOPTICS pros

"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."

"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."

"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."

"The threat intelligence is excellent."

"On the Windows side, Microsoft Defender XDR is definitely integrated into the operating system. Once we have it on the security dashboard, we can see a real-time storyline."

"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."

"The most valuable features are spam filtering, attachment filtering, and antivirus protection."

"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."

More Microsoft Defender XDR pros

Cons

"CylanceOPTICS could benefit from more granular control in the timeline-building process. Ideally, users would be able to drill deeper into the analysis rather than have the machine dictate the direction."

"The technical support could be improved although it's probably better than you get with a lot of the other traditional antivirus solutions"

"The tools are ineffective. It flags a lot of things. To give you an example, it detected Google Chrome and blocked the user's access to it. That it mistook for malicious, which turned out to be a false positive."

"The product's initial setup process could be easy."

"One minor issue that somebody mentioned was that they didn't like their management console."

"Too many false positives are reported."

"The detection component is something that they have to work on."

"The product's technical support is slow."

More CylanceOPTICS cons

"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."

"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."

"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."

"The licensing process needs improvement and clarification, as it is currently difficult to understand which features are licensed to which users."

"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."

"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."

"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."

"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."

More Microsoft Defender XDR cons

Pricing and Cost Advice

"I would rate the pricing a three out of five."

"We pay for the number of endpoints we have and that is about it. On a monthly basis, the licensing cost is $55 per user."

"The pricing for CylanceOPTICS is very good; I would rate it around a nine on a scale of one to ten, with ten being the lowest. It's one of the most affordable options I've seen."

"CylanceOPTICS is probably priced equal to other EDRs in the market."

"On average, we pay around 55 euros per user for the services and features we receive."

"Sometimes 365 Defender is expensive, but it can be moderate, depending on the organization's size and the license type. We're satisfied with the cost because it gives us a product that protects our entire environment with DLP. To compromise some cost, of course, we are to complete the most secure environment."

"It can be complex to navigate since customers have varying licensing agreements across Microsoft. If they go straightforward with E5 for all users, it's simple, but combinations based on budget constraints can complicate things."

"Microsoft Defender falls within a mid-tier price range compared to other security solutions."

"Microsoft Defender XDR is expensive."

"It has consistently offered highly appealing academic pricing, with distinct rates for higher education and general educational purposes."

"I would like to have more security features in the lower licenses because not every customer is able to buy E5 licenses. The bundling isn't always easy for our customers to understand. Compared to other tools, it's a good price."

"The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."

More Microsoft Defender XDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

850,028 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

21%

Computer Software Company

19%

Government

Financial Services Firm

Computer Software Company

17%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Blackberry Optics?

I would rate the stability a nine out of ten. I would give it a close ten as possible because, like SentinelOne, I've seen incompatibility. Whereas Cylance, I've seen none.

See all answers

What is your experience regarding pricing and costs for Blackberry Optics?

CylanceOPTICS is probably priced equal to other EDRs in the market. Price-wise, considering what it has to offer, you could probably get a better product.

See all answers

What needs improvement with Blackberry Optics?

The solution's contextual analysis is sometimes not very clear compared to some modern EDRs like CrowdStrike. Compared to other EDR tools, CylanceOPTICS lacks some information. It takes more time t...

See all answers

What do you like most about Microsoft 365 Defender?

Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.

See all answers

What is your experience regarding pricing and costs for Microsoft 365 Defender?

Licensing is somewhat confusing, particularly when presenting our pitch decks to stakeholders and leveraging key features in premium SKUs, but we managed with some assistance from Microsoft.

See all answers

What needs improvement with Microsoft 365 Defender?

There is nothing I can think of at the moment that needs improvement. I am a contractor and finishing up soon, so I haven't encountered any issues requiring enhancements.

See all answers

Comparisons

CrowdStrike Falcon vs CylanceOPTICS

Compared 56% of the time

Rapid7 InsightIDR vs CylanceOPTICS

Compared 44% of the time

More CylanceOPTICS Competitors

CrowdStrike Falcon vs Microsoft Defender XDR

Compared 18% of the time

Wazuh vs Microsoft Defender XDR

Compared 10% of the time

Microsoft Defender for Cloud vs Microsoft Defender XDR

Compared 10% of the time

Trend Vision One vs Microsoft Defender XDR

Compared 5% of the time

Microsoft Purview Compliance Manager vs Microsoft Defender XDR

Compared 5% of the time

More Microsoft Defender XDR Competitors

Product Reports

Buyer's Guide

CylanceOPTICS

May 2025

Download CylanceOPTICS product report

Buyer's Guide

Microsoft Defender XDR

April 2025

Download Microsoft Defender XDR product report

Also Known As

No data available

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender

Overview

Our cloud-native BlackBerry® Optics provide visibility, on-device threat detection and remediation across your organization. In milliseconds. And our EDR approach effectively and efficiently hunts threats while eliminating response latency. It’s the difference between a minor security event—and one that’s widespread and uncontrolled.

BlackBerry

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Microsoft

Sample Customers

Cerdant, Washoe County School District

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.

Buyer's Guide

CylanceOPTICS vs. Microsoft Defender XDR

April 2025

Free Report: CylanceOPTICS vs. Microsoft Defender XDR

Find out what your peers are saying about CylanceOPTICS vs. Microsoft Defender XDR and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,028 professionals have used our research since 2012.

See our CylanceOPTICS vs. Microsoft Defender XDR report.

See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.