Try our new research platform with insights from 80,000+ expert users

Cisco Secure Endpoint vs Morphisec comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Secure Endpoint
Ranking in Endpoint Protection Platform (EPP)
34th
Ranking in Endpoint Detection and Response (EDR)
26th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
49
Ranking in other categories
Cisco Security Portfolio (8th)
Morphisec
Ranking in Endpoint Protection Platform (EPP)
52nd
Ranking in Endpoint Detection and Response (EDR)
60th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (53rd), Advanced Threat Protection (ATP) (34th), Cloud Workload Protection Platforms (CWPP) (34th), Threat Deception Platforms (19th)
 

Mindshare comparison

As of January 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cisco Secure Endpoint is 1.3%, down from 1.5% compared to the previous year. The mindshare of Morphisec is 0.6%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Market Share Distribution
ProductMarket Share (%)
Cisco Secure Endpoint1.3%
Morphisec0.6%
Other98.1%
Endpoint Protection Platform (EPP)
 

Featured Reviews

JavedHashmi - PeerSpot reviewer
Chief Technology Officer at Future Point Technologies
Reliable threat protection is achieved while integration and analysis capabilities need refinement
Cisco Secure Endpoint is very good in machine learning, which allows it to secure offline contents even if not connected to the internet. We haven't encountered a single breach after it's deployed. It controls USB devices and has a separate antivirus solution called Tetra, providing security even for real-time, day-zero attacks through its strong Talos threat intelligence platform.
Rick Schibler - PeerSpot reviewer
VP of Information Technology at Kentucky Trailer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The integration with other Cisco products seemed to be really effective. We had Umbrella in place and we were using AnyConnect as well as Firepower. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"Definitely, the best feature for Cisco Secure Endpoint is the integration with Talos. On the backend, Talos checks all the signatures, all the malware, and for any attacks going on around the world... Because Secure Endpoint has a connection to it, we get protected by it right then and there."
"The console feature gives a centralized management of what's going on, and if something happens, it gives you an alert. So, that's the most important feature for me."
"The VPN is most valuable. It's the best thing in the market today. We can use two-factor authentication with another platform, and we can authenticate with two-factor."
"The most valuable feature is signature-based malware detection."
"For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors."
"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."
"The fact that Morphisec uses deterministic attack prevention that does not require human intervention has affected our security team's operations by making things much simpler. We don't have to really track down various alerts anymore, they've just stopped. At that point, we can go in and we can clean up whatever needs to be cleaned up. There are some things that Morphisec detects that we can't really remove, it's parts of Internet Explorer, but it's being blocked anyway. So we're happy with that."
"Morphisec provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. Defender and Morphisec are integrated. It's important because it lowers the total cost of maintenance on the engineer's time, more or less. So the administrative time is dramatically reduced in maintaining the product. This saves an engineer around four to five hours a week."
"The simplicity of the solution, how easy it is to deploy and how small it is when deployed as an agent on a device, is probably the biggest aspect, given what it can do."
"The biggest feature is that it hides everything from your operating system that's running in-memory from anything to try to run against it. That's the most unique thing that's on the market. There's nothing else out there that's quite like that. That's a big selling point and why we went with it. It does exactly what the design does. If you can't find it, you can't execute against it."
"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."
"Morphisec stops attacks without needing to know what type of threat it is, just that it is foreign. It is based on injections, so it would know when a software launches. If a software launches and something else also launches, then it would count that as anomalous and block it. Because the software looks at the code, and if it executes something else that is not related, then Morphisec would block it. That is how it works."
"We have seen it successfully block attacks that a traditional antivirus did not pick up."
"Morphisec also provides full visibility into security events for Microsoft Defender and Morphisec in one dashboard... in the single pane of glass provided by Morphisec, it's all right there at your fingertips: easy to access and easy to understand. And if you choose to go down further to know everything from the process to the hash behind it, you can."
 

Cons

"It's pretty good as it is, but its cost could be improved."
"I would like to see integration with Cisco Analytics."
"Its price is okay for us, but it can always be better. There's always room for improvement when it comes to pricing."
"Integration and dashboard are areas with certain shortcomings in Cisco Secure Endpoint."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"It does not include encryption and decryption of local file shares."
"The product does not provide options like tunnel creation or virtual appliances."
"In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."
"It would be useful for them if they had some kind of network discovery. That kind of functionality I think would give IT administrators a little bit more confidence that they have 100 percent coverage, and it gives them something to audit against. Network discovery would be one area I would definitely suggest that they put some effort into."
"We sometimes have to depend on the support team to know what action we should take. If the solution for an alert can be built into the report that we are getting, it will save time, and the interaction with support would be less. At times, corrective action is required, but at times, we don't need to take any action. It would be good if we get to know in the report that a particular infection doesn't require any action. It will save us time and effort."
"From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time."
"Some of the filters for the console need improvement. There are alerts that show up and just being able to acknowledge that we've seen those and not turn them off, but dismiss them, would be a huge benefit."
"In the Windows Defender integration, they have put in a report of computers that need Windows Defender updates. If those updates could be kicked off directly from the dashboard, instead of having to go to another system entirely, that would be good."
"I haven't been able to get the cloud deployment to work. When there's an update, I'm supposed to be able to roll it out for the cloud solution, but right now I'm continuing to use our SCCM solution to update it."
"We have only had four attacks in the last year, "attacks" being some benign PDF from a vendor that, for some reason, were triggered. There were no actual attacks. They were just four false positives, or something lowly like adware. There have been false positives with both the on-premises solution and the cloud solution."
"Right now, it's just their auto-update feature. I know they are currently working on that. When they release a new version of the threat prevention platform, I do have to update that, rolling out to every computer. They have said, "From version 5, you would be able to do an auto-update." While this is very minor, that is the only thing that I would say needs to be upgraded. It would just make life a lot easier for other IT teams. However, I have simplified the process, so all I need to do is just download one file."
 

Pricing and Cost Advice

"It is a subscription-based product."
"Cisco's pricing is reasonable. We also do not need to opt for niche players, which would have charged us significantly more than Cisco for ecosystem solutions. We are highly satisfied with the pricing structure of Cisco's solutions they are reasonable."
"We can know if something bad is potentially happening instantaneously and prevent it from happening. We can go to a device and isolate it before it infects other devices. In our environment, that's millions of dollars saved in a matter of seconds."
"Cisco Secure Endpoint is not too expensive and it's not cheap. It's quite fair."
"There is also the Cisco annual subscription plus my management time in terms of what I do with the Cisco product. I spend a minimal amount of time on it though, just rolling out updates as they need them and monitoring the console a couple of times a day to ensure nothing is out of control. Cost-wise, we are quite happy with it."
"The Enterprise Agreement is like an all-you-can-eat buffet of Cisco products. In that vein, it was very affordable."
"It is an expensive solution."
"The visibility that we have into the endpoint and the forensics that we're able to collect give us value for the price. This is not an overly expensive solution, considering all the things that are provided. You get great performance and value for the cost."
"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."
"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"The pricing is definitely fair for what it does."
"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."
"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
881,114 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Manufacturing Company
10%
Government
9%
Healthcare Company
6%
Outsourcing Company
17%
Manufacturing Company
12%
Financial Services Firm
9%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise14
Large Enterprise21
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
 

Questions from the Community

What do you like most about Cisco Secure Endpoint?
The product's initial setup phase was very simple.
What is your experience regarding pricing and costs for Cisco Secure Endpoint?
Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdStrike, Microsoft Defender, or SentinelOne.
What needs improvement with Cisco Secure Endpoint?
Cisco Secure Endpoint lacks features like DLP which other vendors offer. XDR is new, so integration capabilities with third-party tools need improvement. The forensic capabilities need enhancement,...
Ask a question
Earn 20 points
 

Also Known As

Cisco AMP for Endpoints
Morphisec, Morphisec Moving Target Defense
 

Overview

 

Sample Customers

Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Find out what your peers are saying about Cisco Secure Endpoint vs. Morphisec and other solutions. Updated: January 2026.
881,114 professionals have used our research since 2012.