No more typing reviews! Try our Samantha, our new voice AI agent.

Kaspersky Next XDR Optimum vs Morphisec comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 9, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
4th
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
112
Ranking in other categories
Extended Detection and Response (XDR) (5th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Kaspersky Next XDR Optimum
Ranking in Endpoint Protection Platform (EPP)
8th
Ranking in Endpoint Detection and Response (EDR)
15th
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
124
Ranking in other categories
Endpoint Compliance (2nd), Extended Detection and Response (XDR) (11th)
Morphisec
Ranking in Endpoint Protection Platform (EPP)
48th
Ranking in Endpoint Detection and Response (EDR)
59th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (59th), Advanced Threat Protection (ATP) (31st), Cloud Workload Protection Platforms (CWPP) (36th), Threat Deception Platforms (16th)
 

Mindshare comparison

As of May 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Kaspersky Next XDR Optimum is 2.3%, down from 3.7% compared to the previous year. The mindshare of Morphisec is 0.9%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Kaspersky Next XDR Optimum2.3%
Morphisec0.9%
Other93.2%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
SR
Group CIO at Thal Industries Corporation Ltd
Have maintained strong endpoint protection through behavioral analysis and daily monitoring
I previously mentioned that Kaspersky Endpoint Security for Business doesn't have built-in DLP, which was a concern. I think they could add it in the future; however, antivirus cannot provide a proper DLP solution, but they can offer a mix of DLP, similar to Trend Micro Apex One, which provides some sort of DLP file management. Nonetheless, we need a proper DLP solution such as Forcepoint or Symantec, whichever suits us. We'll be conducting performance evaluation in the next quarter while working on other projects. More value means a better GUI, user interface, and comprehensive reporting capabilities. In Sophos, we receive a daily system-generated report about what is happening, plus an alert system. The reporting system in Trend Micro is also excellent; I receive an email every day at 10:00 AM with a report for the last 24 hours.
Rick Schibler - PeerSpot reviewer
VP of Information Technology at Kentucky Trailer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution's most valuable feature is its ability to rapidly detect certain hardware files."
"The protection offered by this product is good, as is the endpoint reporting."
"The dashboard is customizable."
"We think that this product will help us grow, as it meets our needs currently and we can grow with it over time."
"The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions."
"Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about."
"Threat identification and detection are the most valuable features of this solution."
"Cortex XDR by Palo Alto Networks's ability to block sophisticated threats in real time is quite good and is on par with SentinelOne's."
"As far as it functions, it works fine."
"We have over 1,000 users using the solution in our organization and the solution has been able to handle it."
"The admin capabilities are great."
"The solution is secure."
"The antivirus feature is very, very good."
"It has helped our company protect the confidential data of our customers."
"It is very reliable, user-friendly endpoint security software."
"Kaspersky performs well; while heavy on the client, it is very efficient."
"Morphisec is a straightforward solution that is efficient and very stable."
"Morphisec stops attacks without needing to know what type of threat it is, just that it is foreign. It is based on injections, so it would know when a software launches. If a software launches and something else also launches, then it would count that as anomalous and block it. Because the software looks at the code, and if it executes something else that is not related, then Morphisec would block it. That is how it works."
"Since using Morphisec we have seen a downturn in attacks because Morphisec protects us versus Defenders and whatnot that are signature-based. I know we have not had any issues with ransomware or other zero-day attacks that we've seen with machines that, all of a sudden, have become before we instituted the product. Now the machine had to be re-imaged and there was a loss of data because something was on the machine. You couldn't really determine what was on the machine because nothing was picking it up. The products we were using weren't picking it up."
"Morphisec Guard enables us to see at a glance whether our users have device control and disk encryption enabled properly. This is important because we are a global company operating with multiple entities. Previously, we didn't have that visibility. Now, we have visibility so we can pinpoint some locations where there are machines that are not really protected, offline, etc. It gives us visibility, which is good."
"It provides full visibility into security events and from both solutions in one dashboard. I'm not a big security guy, if I have a threat that looks like there's a problem, I will ask Morphisec to dissect it for me, and tell me what might be happening. Because it tends to be all hash codes, so I can tell what's going on. They've been pretty good with that."
"Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it."
"Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure."
"Morphisec makes use of deterministic attack prevention that doesn’t require investigation of security alerts. It changes the memory locations of where certain applications run. If you think of Excel, opening a PDF, running an Excel macro, or opening a webpage and clicking on a link, all of those actions run in a certain area of memory. Morphisec changes the memory locations of where those run."
 

Cons

"Managing the product should be easier."
"The solution should enhance the ADR and reporting."
"The MAC agent is not as robust feature-wise as the PC version."
"Currently, we are monitoring all USB drives and ports but we would like to improve our device control capabilities."
"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control."
"I would like to see them include NDR (Network Detection Response)."
"In general, the price could be more competitive."
"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint."
"There have been some performance issues. They provide good security, but this slows down the performance of machines' servers. The software is not updating as frequently as we need."
"The performance of our machines tended to slow down under Kaspersky. That definitely needs to be addressed. I remember I had a pretty good Dell Notebook, and this product slowed it down quite a bit."
"Areas for improvement include signature update management and selecting the respective features on the endpoint side."
"The application running speed consumes that of RAM, so performance speed is an issue."
"I would like to see better reporting."
"Some threats were able to bypass the solution's detection."
"Kaspersky Endpoint Security for Business’s interface could be easier to understand when displaying the activities during configuration processes."
"The licensing fees could be reduced."
"The only area that really needs improvement is the reporting functionality."
"I haven't seen ROI because I haven't seen a threat that it has protected against, exactly."
"We wanted to have multi-tenants in their cloud platform, so every entity can look into their own systems and not see other systems in other entities. I have a beta version on that now. I would like them to incorporate that in the cloud solution."
"It would be useful for them if they had some kind of network discovery."
"In the Windows Defender integration, they have put in a report of computers that need Windows Defender updates. If those updates could be kicked off directly from the dashboard, instead of having to go to another system entirely, that would be good."
"The dashboard is the area that requires the most improvement. We have about, I would say 5,500 computers currently, and searching through all of those takes some time to filter. So as soon as you apply the filter, it takes a few seconds. It crunches, it thinks, and then it brings up the clients that match."
"It would be nice if they could integrate Morphisec with other traditional antivirus solutions beyond Microsoft Defender. That is probably my biggest gripe."
"I haven't been able to get the cloud deployment to work."
 

Pricing and Cost Advice

"The pricing is a little high. It is per user per year."
"The price is on the higher side, but it's okay."
"I don't like that they have different types of licenses."
"The solution has one subscription for endpoint protection and one subscription for detection and response. The two licenses combined give you the BRO version."
"It has reasonable pricing for the use cases it provides to the company."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"For 300 nodes, we pay about 15,000 Malaysian Ringgit ($3,500 USD)."
"Kaspersky Endpoint Security for Business is an expensive solution."
"Kaspersky Endpoint Security for Business' pricing is reasonable, and licensing costs are annual."
"The licensing cost can be about $1,300 per year."
"We have approximately 700 licenses for this solution and we pay annually."
"We pay for licensing yearly."
"We have an annual license and there is a fee per device used. The price is fair compared to the latest EDR solution."
"We purchase the product's yearly license. I rate the pricing five out of ten."
"The pricing is definitely fair for what it does."
"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
896,034 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
12%
Construction Company
12%
Comms Service Provider
9%
Manufacturing Company
8%
Comms Service Provider
9%
Manufacturing Company
8%
Financial Services Firm
8%
Computer Software Company
6%
Outsourcing Company
16%
Manufacturing Company
10%
Construction Company
10%
Financial Services Firm
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business47
Midsize Enterprise20
Large Enterprise51
By reviewers
Company SizeCount
Small Business63
Midsize Enterprise27
Large Enterprise33
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What needs improvement with Kaspersky Endpoint Security?
Kaspersky Endpoint Security for Business does not have encryption tools. It uses the Windows BitLocker tool, which is...
What is your experience regarding pricing and costs for Kaspersky Endpoint Security for Business?
The pricing and licensing cost of Kaspersky Endpoint Security is cheaper compared to Trend Micro.
What is your primary use case for Kaspersky Endpoint Security for Business?
I have good experience in the sales part of Kaspersky Endpoint Security for Business, not the technical side. I am no...
Ask a question
Earn 20 points
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Kaspersky Work Space Security, Kaspersky Endpoint Security
Morphisec, Morphisec Moving Target Defense
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
ACMS, Arqiva, Pakistan International Airlines, RAO UES
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Find out what your peers are saying about Kaspersky Next XDR Optimum vs. Morphisec and other solutions. Updated: May 2026.
896,034 professionals have used our research since 2012.