CylanceOPTICS vs Microsoft Defender XDR comparison

BlackBerry and Microsoft are both solutions in the Endpoint Detection and Response (EDR) category. BlackBerry is ranked #42 with an average rating of 7.8, while Microsoft is ranked #5 with an average rating of 8.4. BlackBerry holds a 0.2% mindshare in EDR, compared to Microsoft’s 3.0% mindshare. Additionally, 80% of BlackBerry users are willing to recommend the solution, compared to 97% of Microsoft users who would recommend it.

CylanceOPTICS

Read 11 CylanceOPTICS reviews

417 Views
66 Comparison Views

80% willing to recommend

Microsoft Defender XDR

Read 101 Microsoft Defender XDR reviews

6,625 Views
903 Comparison Views

97% willing to recommend

CylanceOPTICS

Microsoft Defender XDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

CylanceOPTICS and Microsoft Defender XDR compete in the cybersecurity solutions category. Microsoft Defender XDR appears to have the upper hand due to its comprehensive feature set and stronger deployment feedback.

Features: Users highlight CylanceOPTICS for its AI-driven threat detection, real-time alerting, and user-friendly interface. Microsoft Defender XDR is praised for its seamless integration within the Microsoft ecosystem, robust threat hunting capabilities, and extensive reporting tools.

Room for Improvement: Users suggest CylanceOPTICS could benefit from improved reporting tools, faster response times, and enhanced integration options. For Microsoft Defender XDR, users often mention the need for better cross-platform support, simpler user interface, and improved troubleshooting resources.

Ease of Deployment and Customer Service: CylanceOPTICS users find deployment straightforward but indicate occasional delays in customer support. Microsoft Defender XDR receives positive feedback for smooth deployment within Windows environments, though customer service quality varies.

Pricing and ROI: CylanceOPTICS users feel the product is fairly priced with a solid ROI. Microsoft Defender XDR users report higher pricing but believe the extensive feature set justifies the cost.

To learn more, read our detailed CylanceOPTICS vs. Microsoft Defender XDR Report (Updated: June 2025).

Buyer's Guide

CylanceOPTICS vs. Microsoft Defender XDR

June 2025

Download the complete report

Helped 859,438 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

CylanceOPTICS

Ranking in Endpoint Detection and Response (EDR)

42nd

Average Rating

7.4

Reviews Sentiment

4.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Microsoft Defender XDR

Ranking in Endpoint Detection and Response (EDR)

5th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

101

Ranking in other categories

Extended Detection and Response (XDR) (3rd), Microsoft Security Suite (3rd)

Mindshare comparison

As of June 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of CylanceOPTICS is 0.2%, up from 0.1% compared to the previous year. The mindshare of Microsoft Defender XDR is 3.0%, down from 3.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR)

Featured Reviews

HERNAN RODRIGUEZ

IT Security Engineer at Cybolt

Easy to use

CylanceOPTICS is easy to use. The product's technical support is slow. I have been using the product for three years. CylanceOPTICS is easy to use. I rate the solution a nine out of ten.

Read full review

Gabor Nyerd

Enterprise mobility and security evangelist at a financial services firm with 5,001-10,000 employees

Includes four services and four products, which can help organizations a lot

We found that sometimes integrations work, but testing them can take some time. Sometimes, configurations take much longer than expected. We have a configuration in place that needs to be synchronized with another server. However, the servers are four hours apart, so this can cause delays. In general, I believe that the time it takes to configure and test a service should be shorter. Sometimes, it can take a couple of hours to test a single configuration setting. Other times, it is only ten or fifteen minutes, which is normal. However, sometimes, even immediate actions can be triggered by configuration changes, and some settings can take up to eight hours to complete. I believe that this time can be improved. Microsoft is making a lot of improvements to its services in a short period of time. This is a good thing, as it means that the services are constantly being updated and improved. However, it can be challenging for customers to keep up with the changes. For example, a customer may read about an update, understand it, and share it with their colleagues and boss. However, it may take days or weeks to test the update and get the necessary approvals. This can be especially challenging for large customers with many users or machines. In some cases, Microsoft may change a service before the customer has had a chance to implement the previous update. This can be frustrating for customers, as it means that they have to constantly learn new things and adjust their workflows. On the one hand, it is important for Microsoft to keep updating and improving its services. This helps to ensure that the services are meeting the customers' needs and that they are staying ahead of the competition. Microsoft should also be mindful of the challenges that these changes can create for customers. One way to address this challenge is to provide customers with more time to implement changes. Microsoft could also provide more information about upcoming changes so that customers can plan ahead. Ultimately, Microsoft needs to strike a balance between keeping its services up-to-date and providing customers with a smooth transition to new features.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The initial setup was fairly straightforward. To get a large health care organization sorted, we had to create exemptions because some of the scripts and some of the automations were broken."

"The most valuable feature is the ability to respond to zero-day and unknown threats."

"It automatically blocks the threats, helping us investigate if they harm the environment."

"It's pretty unintrusive"

"I would rate the stability a nine out of ten. I would give it a close ten as possible because, like SentinelOne, I've seen incompatibility. Whereas Cylance, I've seen none."

"CylanceOPTICS is pretty stable."

"You can use the solution to query certain things."

"The solution has a high level of trust in the industry."

More CylanceOPTICS pros

"It reduces the risk of users accidentally clicking on phishing emails."

"Microsoft Defender XDR has significantly improved our operational security."

"The most valuable aspect is undoubtedly the exploration capability"

"The best feature is probably the alert generation. When I do a security reset, the other session triggers instantly from the Defender console, and I can work on it. The policies are three times, but they are also ready to install it."

"What I like most about the product is its all-in-one solution. With Microsoft Defender XDR, we get coverage for various aspects like endpoint security, cloud security, and image-related cases, all within a single platform. This eliminates the need for multiple products or technical controls to address incidents. The main benefit became evident immediately after deployment, especially in its ability to analyze files and phishing emails quickly. By submitting suspicious files or emails, we receive quick results on whether they are legitimate, suspicious, or malicious, saving time."

"Defender XDR can stop advanced attacks, like ransomware or business email compromise."

"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."

"Microsoft Defender XDR is a complete package of different Defender solutions, including Defender for Endpoint, Defender for Office 365, Defender for Cloud, and Sentinel SIEM, among others."

More Microsoft Defender XDR pros

Cons

"One minor issue that somebody mentioned was that they didn't like their management console."

"It takes more time to investigate or dig up and understand what's going on."

"Too many false positives are reported."

"The tools are ineffective. It flags a lot of things. To give you an example, it detected Google Chrome and blocked the user's access to it. That it mistook for malicious, which turned out to be a false positive."

"Our customers would like to see more automation with respect to how threats are handled once they have been detected."

"The product's initial setup process could be easy."

"CylanceOPTICS could benefit from more granular control in the timeline-building process. Ideally, users would be able to drill deeper into the analysis rather than have the machine dictate the direction."

"The detection component is something that they have to work on."

More CylanceOPTICS cons

"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."

"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."

"The licensing process needs improvement and clarification, as it is currently difficult to understand which features are licensed to which users."

"The mobile app support for Android and iOS is difficult and needs improvement."

"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."

"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."

"It would be beneficial to reduce the number of clicks required to navigate between blades, as the current navigation and breadcrumb system can be a bit confusing. Some inconsistencies exist between blades, which could be improved for a more seamless user and UI experience."

"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."

More Microsoft Defender XDR cons

Pricing and Cost Advice

"CylanceOPTICS is probably priced equal to other EDRs in the market."

"I would rate the pricing a three out of five."

"We pay for the number of endpoints we have and that is about it. On a monthly basis, the licensing cost is $55 per user."

"The pricing for CylanceOPTICS is very good; I would rate it around a nine on a scale of one to ten, with ten being the lowest. It's one of the most affordable options I've seen."

"365 Defender can get expensive because you pay per gigabyte of data ingested. On the other hand, much of the data available in the other Microsoft security solutions are made available relatively cheaply—sometimes at cost or for free. Integrating only a limited set of third-party solutions with Sentinel would be cost-effective. It's much more affordable if companies only have Microsoft stuff."

"The bundling of software makes it easier to manage our setup, but Microsoft purposefully obfuscates this through marketing ploys to hide costs."

"Microsoft Defender XDR is already included in our Office 365 licensing. It is better because we're saving money by using it."

"The solutions price is fair for what they offer."

"All I can say again is the E5 gives you all the capabilities that it offers. It also gives Office 365 and one terabyte of storage. All in all, the E5 license model makes sense. There are some people who say it's quite costly, but rather than paying different vendors, it makes sense to go all in with Microsoft if you've got that licensing. From that perspective, it's cost-effective, but I can't comment much on that."

"It is 15 dollars per server per month. It is worth it, but it can be costly. It depends on the company's size."

"The product is fairly priced for what we get from it."

"While the standalone price of Defender XDR might seem high, its value becomes clear when considering the ease of implementation and smooth integration with our existing Microsoft infrastructure, especially when bundled with other Microsoft products."

More Microsoft Defender XDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

859,438 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

19%

Computer Software Company

18%

Financial Services Firm

Insurance Company

Computer Software Company

17%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Blackberry Optics?

I would rate the stability a nine out of ten. I would give it a close ten as possible because, like SentinelOne, I've seen incompatibility. Whereas Cylance, I've seen none.

See all answers

What is your experience regarding pricing and costs for Blackberry Optics?

CylanceOPTICS is probably priced equal to other EDRs in the market. Price-wise, considering what it has to offer, you could probably get a better product.

See all answers

What needs improvement with Blackberry Optics?

The solution's contextual analysis is sometimes not very clear compared to some modern EDRs like CrowdStrike. Compared to other EDR tools, CylanceOPTICS lacks some information. It takes more time t...

See all answers

What do you like most about Microsoft 365 Defender?

Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.

See all answers

What is your experience regarding pricing and costs for Microsoft 365 Defender?

The pricing for Microsoft Sentinel operates on a pay-as-you-go model based on data ingestion. I recall that Defender XDR pricing is based on the number of endpoints.

See all answers

What needs improvement with Microsoft 365 Defender?

For Microsoft Defender XDR ( /categories/extended-detection-and-response-xdr ), there is currently no ability to reset passwords for on-premises accounts, which is a key challenge. Incident managem...

See all answers

Comparisons

CrowdStrike Falcon vs CylanceOPTICS

Compared 52% of the time

Rapid7 InsightIDR vs CylanceOPTICS

Compared 48% of the time

More CylanceOPTICS Competitors

CrowdStrike Falcon vs Microsoft Defender XDR

Compared 15% of the time

Wazuh vs Microsoft Defender XDR

Compared 10% of the time

Microsoft Defender for Cloud vs Microsoft Defender XDR

Compared 9% of the time

Trend Vision One vs Microsoft Defender XDR

Compared 5% of the time

Microsoft Purview Compliance Manager vs Microsoft Defender XDR

Compared 4% of the time

More Microsoft Defender XDR Competitors

Product Reports

Buyer's Guide

CylanceOPTICS

June 2025

Download CylanceOPTICS product report

Buyer's Guide

Microsoft Defender XDR

June 2025

Download Microsoft Defender XDR product report

Also Known As

No data available

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender

Overview

Our cloud-native BlackBerry® Optics provide visibility, on-device threat detection and remediation across your organization. In milliseconds. And our EDR approach effectively and efficiently hunts threats while eliminating response latency. It’s the difference between a minor security event—and one that’s widespread and uncontrolled.

BlackBerry

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Microsoft

Sample Customers

Cerdant, Washoe County School District

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.

Buyer's Guide

CylanceOPTICS vs. Microsoft Defender XDR

June 2025

Free Report: CylanceOPTICS vs. Microsoft Defender XDR

Find out what your peers are saying about CylanceOPTICS vs. Microsoft Defender XDR and other solutions. Updated: June 2025.

DOWNLOAD NOW

859,438 professionals have used our research since 2012.

See our CylanceOPTICS vs. Microsoft Defender XDR report.

See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.