Try our new research platform with insights from 80,000+ expert users

CylanceOPTICS vs Microsoft Defender for Endpoint comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CylanceOPTICS
Ranking in Endpoint Detection and Response (EDR)
28th
Average Rating
7.4
Reviews Sentiment
4.5
Number of Reviews
11
Ranking in other categories
No ranking in other categories
Microsoft Defender for Endp...
Ranking in Endpoint Detection and Response (EDR)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
192
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Microsoft Security Suite (5th)
 

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of CylanceOPTICS is 0.2%, up from 0.1% compared to the previous year. The mindshare of Microsoft Defender for Endpoint is 10.6%, down from 14.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

HERNAN RODRIGUEZ - PeerSpot reviewer
Easy to use
CylanceOPTICS is easy to use.  The product's technical support is slow.  I have been using the product for three years.  CylanceOPTICS is easy to use.  I rate the solution a nine out of ten. 
AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cylance is not a signature-based protection solution and instead works proactively using AI and ML models to patrol for malicious behavior."
"The most valuable feature is the ability to respond to zero-day and unknown threats."
"CylanceOPTICS is easy to use."
"It automatically blocks the threats, helping us investigate if they harm the environment."
"You can use the solution to query certain things."
"The initial setup was fairly straightforward. To get a large health care organization sorted, we had to create exemptions because some of the scripts and some of the automations were broken."
"The solution has a high level of trust in the industry."
"CylanceOPTICS is pretty stable."
"It performs well. The stability is seamless."
"It depends on the licensing. Most of the customers have got at least a 365 E3 license, and they can use most of the features of Windows 10 Defender. So, anyone who has got an enterprise license can start using those features. Some of the customers have got E5 licenses, and they can use all advanced features. Customers with E5 licenses use the advanced site protection (ATP) features and web content filtering without going via a proxy, which gives the benefit of replacing the proxy. They can get the benefit of MCAS and integration with Intune and the endpoint manager. It is a kind of single platform for all 365 technologies. It helps customers in managing everything through a unified portal."
"The EDR feature is most valuable."
"We use Microsoft Defender for the antivirus."
"It does not make Windows slow, as compared to all of the third part antiviruses."
"Real-time detection and cloud-based delivery of detections are highly efficient."
"The solution provides protections and reports about strange behavior and automatically blocks some of it. I love the way that statuses are represented."
"Stable endpoint manager, antivirus, and antimalware, with fast technical support and a straightforward setup."
 

Cons

"Our customers would like to see more automation with respect to how threats are handled once they have been detected."
"The tools are ineffective. It flags a lot of things. To give you an example, it detected Google Chrome and blocked the user's access to it. That it mistook for malicious, which turned out to be a false positive."
"The technical support could be improved although it's probably better than you get with a lot of the other traditional antivirus solutions"
"The reporting is very weak and not very good at all."
"The product's technical support is slow."
"One minor issue that somebody mentioned was that they didn't like their management console."
"CylanceOPTICS could benefit from more granular control in the timeline-building process. Ideally, users would be able to drill deeper into the analysis rather than have the machine dictate the direction."
"Too many false positives are reported."
"The time to generate certain alerts on our dashboard can take between 45 minutes to an hour, and I am unsure of the factors that influence this duration."
"Right now, there's a portal for Azure, portals for Microsoft Office, and portals for endpoints. It would be good to have only one portal and integrate everything."
"I miss having an executive dashboard or a simple view for viewing things. Everything is extensive in this solution. Everything is configurable and manageable, but the environment of Microsoft 365 has about 13 administrative dashboards, and in each of the dashboards, there are a gazillion things to set up. It is good for a large enterprise, but for a 200-seat client, you need to see 5% of that."
"Its user interface (UI) can be improved. Currently, in the console, you have to dig down for certain things. They've got many different layers to get to things instead of having it all on the surface. You have to go three folds lower to get to specific functionality or click a particular option. It would be good if we can manage the console through menus and instead of three clicks, we can do things in one click. They need to change the UI and work on it in terms of a better user experience."
"I would like the solution to be able to prevent unauthorized programs from installing and to block unauthorised URLs which is similar to web filtering product."
"I would like to see improvements made to how it secures activities on web pages."
"I wish they would extend the use of the Security Central portal, even for the free option of Defender. Because, as companies grow, it is labor intensive to manage the AV and detection part of it. For companies already subscribed to Office 365, I think this would be a good enhancement."
"Microsoft Defender for Endpoint should have more transparency. In the latest edition of Windows, Windows 11, it is a compulsory requirement to connect to a Microsoft account, which in turn has implications for Defender. This should be removed."
 

Pricing and Cost Advice

"CylanceOPTICS is probably priced equal to other EDRs in the market."
"The pricing for CylanceOPTICS is very good; I would rate it around a nine on a scale of one to ten, with ten being the lowest. It's one of the most affordable options I've seen."
"We pay for the number of endpoints we have and that is about it. On a monthly basis, the licensing cost is $55 per user."
"I would rate the pricing a three out of five."
"The solution is free."
"This solution is part of Windows and comes included with it."
"Microsoft Defender for Endpoint is included with a Microsoft E5 license."
"We went for Microsoft Defender once we were informed that it would be part of our Office 365 package. So, we combined the licensing for the OS with Office 365. Yeah. We thought it was a good bargain."
"We pay a yearly license for Microsoft Defender. We also have a support contract with them."
"When customers haven't deployed the solution and don't have licenses, it can be expensive to start from scratch."
"We have an enterprise agreement so from my perspective, this is a product that ships with Windows and it is not priced standalone."
"Microsoft Defender is an expensive product in my country."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
21%
Computer Software Company
17%
Government
9%
Insurance Company
7%
Educational Organization
27%
Computer Software Company
11%
Government
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Blackberry Optics?
I would rate the stability a nine out of ten. I would give it a close ten as possible because, like SentinelOne, I've seen incompatibility. Whereas Cylance, I've seen none.
What is your experience regarding pricing and costs for Blackberry Optics?
CylanceOPTICS is probably priced equal to other EDRs in the market. Price-wise, considering what it has to offer, you could probably get a better product.
What needs improvement with Blackberry Optics?
The solution's contextual analysis is sometimes not very clear compared to some modern EDRs like CrowdStrike. Compared to other EDR tools, CylanceOPTICS lacks some information. It takes more time t...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

No data available
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Cerdant, Washoe County School District
Petrofrac, Metro CSG, Christus Health
Find out what your peers are saying about CylanceOPTICS vs. Microsoft Defender for Endpoint and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.