Cisco Secure Cloud Analytics [EOL] vs Microsoft Defender for Endpoint comparison

The compared Cisco and Microsoft solutions aren't in the same category. Microsoft is ranked #1 in EPP , with an average rating of 8.3, and holds a 10.4% mindshare. Additionally, 100% of Cisco users are willing to recommend the solution, compared to 94% of Microsoft users who would recommend it.

Cisco Secure Cloud Analytic...

Read 7 Cisco Secure Cloud Analytics [EOL] reviews

100% willing to recommend

Microsoft Defender for Endp...

Read 197 Microsoft Defender for Endpoint reviews

42,032 Views
25,640 Comparison Views

94% willing to recommend

Cisco Secure Cloud Analytic...

Microsoft Defender for Endp...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Secure Cloud Analytics [EOL] and Microsoft Defender for Endpoint based on real PeerSpot user reviews.

Find out what your peers are saying about Darktrace, Check Point Software Technologies, Fortinet and others in Intrusion Detection and Prevention Software (IDPS).

To learn more, read our detailed Intrusion Detection and Prevention Software (IDPS) Report (Updated: June 2025).

Buyer's Guide

Intrusion Detection and Prevention Software (IDPS)

June 2025

Download the complete report

Helped 861,524 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Secure Cloud Analytic...

Average Rating

8.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Microsoft Defender for Endp...

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

197

Ranking in other categories

Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (4th), Anti-Malware Tools (1st), Endpoint Detection and Response (EDR) (3rd), Microsoft Security Suite (4th)

Featured Reviews

Olivier CHAMBELANT

Global Network and Telecommunication Manager at Nemera Development S.A.

Beneficial cloud deployment

Opening a ticket with support can be difficult but once it is open the support does a good job. They want us to provide a lot of information, such as the order number and when it was bought. It takes a long time, they can improve by having a faster response time.

Read full review

John Rallo

IT Security Engineer at a financial services firm with 1,001-5,000 employees

Offers excellent visibility into vulnerabilities and the attack surface itself

Attack surface reduction and limiting attack surface vectors are valuable features. It's helpful to isolate specific devices and get super granular with the features they offer. The visibility into the attack surface is good. It gets highly granular. I don't work on that side, but the people who do tell me they get more visibility.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The tool's best feature is its ability to monitor network traffic. It will also inform users whether the traffic generated by a network is legitimate. The tool helps to capture and analyze the network traffic."

"It tells you if there is any communication going to command and control servers, or if there is any traffic that violates your internal policy, or if any data hoarding is happening where data is being dumped from your machine to outside of the environment. It provides all such meaningful reports to help you understand what's happening."

"The logs in Cisco Stealthwatch Cloud are very good when doing the API integration in the team. It is able to give you important information for the correlations."

"The product helps me to see malware."

"Monitoring the traffic, making sure you have the visibility."

"When it comes to scalability, there's no size limit. It varies based on licenses and requirements."

"Cisco Stealthwatch Cloud is scalable because it is on the cloud."

"Microsoft Defender for Endpoint's WCS function, a content filtering solution, has proven to be the most useful, stable, and reliable option for our current needs."

"Microsoft Defender for Endpoint is a robust platform."

"The patch updates and version updates are very good. Those happen on an automated basis whenever I'm connecting to the organization network, either through LAN or through the VPN."

"The solution has good performance, I have not seen a problem."

"It is already integrated with Windows 10, so you don't need to worry about that."

"It's pretty easy to use, works with compliance issues, and is reliable."

"It's effective against most types of infection, and the firewall is perfect for protection."

"One of the main features is the solution is very light on resources and we do not have any problems with it."

More Microsoft Defender for Endpoint pros

Cons

"If we migrate these things to an event or send us an email if there is any critical event, I would like to configure these things on the initial launch. Because if a system is compromised, there will be a lot of data movement from one post to another post to the outside. Then, we should also get an alert on email as well. We have since we have integrated these things. But a direct email for critical alerts should be there. So, I would like to enhance the critical event configuration."

"When I used to work on it, I just didn't see anything new happening for about a year and a half. Providing newer data and newer reports constantly would help. There should be more classifications and more interesting data."

"The initial setup of Cisco Stealthwatch Cloud is complex."

"The product needs to improve its user-friendliness. It is very tricky and you need to study it before using the standard functionalities."

"Cisco Stealthwatch Cloud could improve the graphical user interface. It could be a more user-friendly graphical user interface. so that. Not everybody's a cyber security professional, most of the customers that I deal with are not very skilled. The terms that they use in the solution are quite understandable for a normal CIO."

"The product's price is high."

"The initial setup is a bit complex in terms of deployment and configuration"

"Microsoft Defender in the basic form is not very useful for managing the security environment. The free version is not capable of covering the needs of centralized management, EDR, and behavioral analysis. If you don't have the commercial version, you can't have centralized management and set up the policies and other things. Each client is a standalone installation, which is not useful for security in an enterprise model."

"The time it takes to implement policies has room for improvement."

"Microsoft Defender for Endpoint could improve by adding more security features."

"The solution could use improvement on the interface."

"A challenge is that it is not a multi-tenant solution. Microsoft's tenant is a licensed tenant. I'm an MSSP. So, I have multiple customers. In Microsoft's world, that means that I can't just buy an E5 license and give that out to all my customers. That won't work because all of the customer data resides within a single tenant in Microsoft's world. Other products—such as SentinelOne, Palo Alto Cortex, CrowdStrike, et cetera—are multi-tenant. So, I can have it at the top of the pyramid for my analyst to look into it and see all the customers, but each customer's data is separate. If the customer wants to look at what we see, they would only see their data, whereas in the Microsoft world, if I've got multiple customers connected to the same Microsoft tenant, they would see everybody else's data, which is a privacy problem in Europe. It is not possible to share the data, and it is a breach of privacy."

"Threat intelligence has the potential for improvement, particularly by integrating more sources."

"On the Mac OS platform, there is no parity between Windows and Mac OS. The solution is very feature-rich and very well-integrated into Windows, and I guess baked into Windows 10 and Windows 11. Whereas, on the Mac OS platform, there is still some work there to give it a more feature-reach platform."

"I would like to see integrations with other products, such as Spunk and other CM solutions. That would create possibilities for me, and for a SOC, to consolidate all events in an older console, not one provided by Microsoft but provided by a third party, and use it to create more insights."

More Microsoft Defender for Endpoint cons

Pricing and Cost Advice

"The price of Cisco Stealthwatch Cloud is expensive."

"The solution is quite expensive."

"Cisco Stealthwatch Cloud is an expensive enterprise solution."

"When compared with other vendors, the pricing is very high."

"This solution is part of an enterprise license we have."

"It's included with the Windows Operating System, I don't pay for any licensing fees."

"Microsoft Defender ATP is expensive."

"There is not a license required for this particular solution."

"We have the E5 security license, and the solution comes with that."

"As we operate in the educational sector, we are eligible for an educational discount."

"You need a license to use this solution."

More Microsoft Defender for Endpoint pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

861,524 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

35%

Financial Services Firm

10%

Government

University

Computer Software Company

13%

Educational Organization

10%

Financial Services Firm

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cisco Stealthwatch Cloud?

When it comes to scalability, there's no size limit. It varies based on licenses and requirements.

See all answers

What needs improvement with Cisco Stealthwatch Cloud?

There are two areas of improvement. Firstly, extend the log retrieval limit to at least three months. For example, there is a limit on the number of log messages that can be received. So, I would l...

See all answers

What is your primary use case for Cisco Stealthwatch Cloud?

We are using Cisco Secure Cloud Analytics, also known as Cisco's WatchCloud, to monitor user activity in the cloud. Specifically, we are looking for users who are uploading or downloading data beyo...

See all answers

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...

See all answers

Which offers better endpoint security - Symantec or Microsoft Defender?

We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...

See all answers

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

See all answers

Comparisons

No data available

CrowdStrike Falcon vs Microsoft Defender for Endpoint

Compared 6% of the time

HP Wolf Security vs Microsoft Defender for Endpoint

Compared 5% of the time

F-Secure Total vs Microsoft Defender for Endpoint

Compared 5% of the time

Trellix Endpoint Security Platform vs Microsoft Defender for Endpoint

Compared 4% of the time

Symantec Endpoint Security vs Microsoft Defender for Endpoint

Compared 4% of the time

More Microsoft Defender for Endpoint Competitors

Product Reports

Buyer's Guide

Cisco Secure Cloud Analytics [EOL]

July 2025

Cisco Secure Cloud Analytics [EOL] report

Download Cisco Secure Cloud Analytics [EOL] product report

Buyer's Guide

Microsoft Defender for Endpoint

June 2025

Download Microsoft Defender for Endpoint product report

Also Known As

Cisco Stealthwatch Cloud, Observable Networks

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus

Interactive Demo

Demo not available

Cisco

Microsoft

Overview

Cisco Secure Cloud Analytics is a cloud-based security solution that provides visibility and threat detection for cloud environments. It offers software mapping and automation for incident response, forensic analysis, and segmentation of IT architecture. The solution can be used on-premise or on the cloud and is used in various sectors such as insurance and government.

The logs in Cisco Secure Cloud Analytics are valuable for API integration in a team as they provide important information for correlations. The solution also offers automated incident response and integration with next-generation firewalls and antivirus solutions."

Cisco

Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.

With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.

Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.

Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.

Microsoft

Sample Customers

Options, Schneider Electric, Washington University in St Louis, Gotcha, Kraft Kennedy, PartnerRe, Sumologic, Veterans United, AFGE, Agraform, Artesys, Dynamic Ideas Financials, Department of Agriculture and Commerce

Petrofrac, Metro CSG, Christus Health

Buyer's Guide

Intrusion Detection and Prevention Software (IDPS)

June 2025

Download Free Report

Find out what your peers are saying about Darktrace, Check Point Software Technologies, Fortinet and others in Intrusion Detection and Prevention Software (IDPS). Updated: June 2025.

DOWNLOAD NOW

861,524 professionals have used our research since 2012.

We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.