Try our new research platform with insights from 80,000+ expert users

CylanceOPTICS vs Microsoft Defender for Endpoint comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CylanceOPTICS
Ranking in Endpoint Detection and Response (EDR)
28th
Average Rating
7.4
Reviews Sentiment
4.5
Number of Reviews
11
Ranking in other categories
No ranking in other categories
Microsoft Defender for Endp...
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
192
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Microsoft Security Suite (5th)
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of CylanceOPTICS is 0.2%, up from 0.1% compared to the previous year. The mindshare of Microsoft Defender for Endpoint is 10.6%, down from 14.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

HERNAN RODRIGUEZ - PeerSpot reviewer
Easy to use
CylanceOPTICS is easy to use.  The product's technical support is slow.  I have been using the product for three years.  CylanceOPTICS is easy to use.  I rate the solution a nine out of ten. 
AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"CylanceOPTICS is easy to use."
"You can use the solution to query certain things."
"The solution has a high level of trust in the industry."
"It is a bit early in our evaluation process to give proper feedback, although so far, the overall feedback is good."
"It automatically blocks the threats, helping us investigate if they harm the environment."
"It's pretty unintrusive"
"I would rate the stability a nine out of ten. I would give it a close ten as possible because, like SentinelOne, I've seen incompatibility. Whereas Cylance, I've seen none."
"The initial setup was fairly straightforward. To get a large health care organization sorted, we had to create exemptions because some of the scripts and some of the automations were broken."
"Defender is integrated into the operating system. It's integrated with everything. You don't have to spend time analyzing what you have to do to be sure that the integration is okay between the security tool and all the other apps. This, from my point of view, is the main advantage."
"Defender for Endpoint has significantly reduced our SOC team's workload by automating threat detection and response, allowing them to focus on other critical projects."
"Ensures that I'm working with a product that gets updated regularly without me having to remember to do it. Since it's a Microsoft product, I'm confident that it requires a low use of system resources. The benefit of that being that my computer isn't constantly being drained."
"Stable endpoint manager, antivirus, and antimalware, with fast technical support and a straightforward setup."
"The folders and files protection are its most valuable features. These have been valuable because of the increase in ransomware attacks. With these two features, I can ensure that no changes have been made to our system or endpoint folders and files without the user being aware."
"The patch updates and version updates are very good. Those happen on an automated basis whenever I'm connecting to the organization network, either through LAN or through the VPN."
"It's great for investigating what's happening on a machine. They show a whole bunch of machine timeline events that are related to a security incident. They have quite good details on the things related to threat and vulnerability management, such as any weakness that has been disclosed publicly, assets that are exposed, and if there is an exploit active in the wild for that vulnerability. It can provide you with all such information, which is cool."
"The best part is that it is built into Windows, whether it is a server base or a desktop base, which gives more control over the operating system. Because Defender, the operating system, and the Office solution are by Microsoft, everything is working like hand-in-glove. Its administrative overhead is less because a desktop user has already got some experience of how to handle a Microsoft Defender notification or administer it."
 

Cons

"The detection component is something that they have to work on."
"The product's initial setup process could be easy."
"One minor issue that somebody mentioned was that they didn't like their management console."
"The reporting is very weak and not very good at all."
"The product's technical support is slow."
"It takes more time to investigate or dig up and understand what's going on."
"The tools are ineffective. It flags a lot of things. To give you an example, it detected Google Chrome and blocked the user's access to it. That it mistook for malicious, which turned out to be a false positive."
"Our customers would like to see more automation with respect to how threats are handled once they have been detected."
"There are likely some technical improvements or features that could be added, however, I cannot say, off the top of my head, what they would be."
"The application control feature requires improvement."
"I would like to have a dashboard that shows an overview of the results for the enterprise."
"I would just like them to have more consistency, and that's a comment that's across the board with Microsoft. They change things a lot."
"Sometimes, there are difficulties in downloading a file considered as malicious."
"Microsoft Defender for Endpoint can improve by providing more and different types of reports."
"The time it takes to restore the application could be improved. It has a lot of dependencies. It's not like the Microsoft security that comes with the OS. Updating through the command prompt, most of the time, it takes some time to download some of these dependencies."
"We would like more customization."
 

Pricing and Cost Advice

"The pricing for CylanceOPTICS is very good; I would rate it around a nine on a scale of one to ten, with ten being the lowest. It's one of the most affordable options I've seen."
"We pay for the number of endpoints we have and that is about it. On a monthly basis, the licensing cost is $55 per user."
"CylanceOPTICS is probably priced equal to other EDRs in the market."
"I would rate the pricing a three out of five."
"We sell this product as part of Office 365 and it is not expensive."
"The base price for an E5 license, which includes Enterprise Mobility + Security E5, is $57 per user per month."
"The price is fair for the features Microsoft delivers. If you want tailor-made features, you have to mix different licenses. It isn't straightforward."
"It is within the same range as other products. It is not too expensive, and it is also not cheap. Its price can be better, but, well, it is Microsoft."
"The cost is high, compared to other products in the market, if you look at it as a separate product. If you look at the cost where it is part of a bundle, the cost is okay."
"It is free."
"When compared with other vendors, the pricing is very high."
"I pay for it through the Windows Professional or Standard license. It is a one-time cost for me, and I use the same license."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
21%
Computer Software Company
18%
Government
9%
Financial Services Firm
7%
Educational Organization
26%
Computer Software Company
11%
Government
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Blackberry Optics?
I would rate the stability a nine out of ten. I would give it a close ten as possible because, like SentinelOne, I've seen incompatibility. Whereas Cylance, I've seen none.
What is your experience regarding pricing and costs for Blackberry Optics?
CylanceOPTICS is probably priced equal to other EDRs in the market. Price-wise, considering what it has to offer, you could probably get a better product.
What needs improvement with Blackberry Optics?
The solution's contextual analysis is sometimes not very clear compared to some modern EDRs like CrowdStrike. Compared to other EDR tools, CylanceOPTICS lacks some information. It takes more time t...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

No data available
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Cerdant, Washoe County School District
Petrofrac, Metro CSG, Christus Health
Find out what your peers are saying about CylanceOPTICS vs. Microsoft Defender for Endpoint and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.