Cisco Secure Endpoint vs Morphisec comparison

Read 21 Morphisec reviews

2,420 Views
1,137 Comparison Views

100% willing to recommend

Cisco Secure Endpoint

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Cisco Secure Endpoint and Morphisec are leading endpoint security solutions. Cisco Secure Endpoint appears to have the upper hand due to its comprehensive support and pricing, while Morphisec is notable for its advanced features.

Features: Cisco Secure Endpoint offers robust security features such as advanced threat detection, remediation, and integration with other Cisco security products. Morphisec provides proactive prevention capabilities, a lightweight agent, and minimal impact on system performance.

Room for Improvement:Cisco Secure Endpoint could benefit from performance optimization, a more intuitive setup process, and enhanced user interface. Morphisec needs improvement in reporting capabilities, greater configuration flexibility, and better customer support documentation.

Ease of Deployment and Customer Service:Cisco Secure Endpoint is noted for straightforward deployment, though its configuration process is complex, with highly rated customer support. Morphisec offers easy deployment and minimal system disruption, but customer service receives mixed reviews compared to Cisco.

Pricing and ROI:Cisco Secure Endpoint is cost-effective with a good return on investment, though initial setup costs can be high. Morphisec is more expensive but users believe its superior features justify the cost and provide solid ROI.

To learn more, read our detailed Cisco Secure Endpoint vs. Morphisec Report (Updated: January 2026).

Cisco Secure Endpoint vs. Morphisec

Download the complete report

Helped 881,114 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Secure Endpoint

Ranking in Endpoint Protection Platform (EPP)

34th

Ranking in Endpoint Detection and Response (EDR)

26th

Average Rating

8.6

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Cisco Security Portfolio (8th)

Morphisec

Ranking in Endpoint Protection Platform (EPP)

52nd

Ranking in Endpoint Detection and Response (EDR)

60th

Average Rating

9.2

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Vulnerability Management (53rd), Advanced Threat Protection (ATP) (34th), Cloud Workload Protection Platforms (CWPP) (34th), Threat Deception Platforms (19th)

Mindshare comparison

As of January 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cisco Secure Endpoint is 1.3%, down from 1.5% compared to the previous year. The mindshare of Morphisec is 0.6%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP) Market Share Distribution
Product	Market Share (%)
Cisco Secure Endpoint	1.3%
Morphisec	0.6%
Other	98.1%

Endpoint Protection Platform (EPP)

Featured Reviews

JavedHashmi

Chief Technology Officer at Future Point Technologies

Reliable threat protection is achieved while integration and analysis capabilities need refinement

Cisco Secure Endpoint is very good in machine learning, which allows it to secure offline contents even if not connected to the internet. We haven't encountered a single breach after it's deployed. It controls USB devices and has a separate antivirus solution called Tetra, providing security even for real-time, day-zero attacks through its strong Talos threat intelligence platform.

Read full review

Rick Schibler

VP of Information Technology at Kentucky Trailer

Offers in-memory protection at a lower price than competitors

Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The integration with other Cisco products seemed to be really effective. We had Umbrella in place and we were using AnyConnect as well as Firepower. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful."

"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."

"Definitely, the best feature for Cisco Secure Endpoint is the integration with Talos. On the backend, Talos checks all the signatures, all the malware, and for any attacks going on around the world... Because Secure Endpoint has a connection to it, we get protected by it right then and there."

"The console feature gives a centralized management of what's going on, and if something happens, it gives you an alert. So, that's the most important feature for me."

"The VPN is most valuable. It's the best thing in the market today. We can use two-factor authentication with another platform, and we can authenticate with two-factor."

"The most valuable feature is signature-based malware detection."

"For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors."

"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."

More Cisco Secure Endpoint pros

"The fact that Morphisec uses deterministic attack prevention that does not require human intervention has affected our security team's operations by making things much simpler. We don't have to really track down various alerts anymore, they've just stopped. At that point, we can go in and we can clean up whatever needs to be cleaned up. There are some things that Morphisec detects that we can't really remove, it's parts of Internet Explorer, but it's being blocked anyway. So we're happy with that."

"Morphisec provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. Defender and Morphisec are integrated. It's important because it lowers the total cost of maintenance on the engineer's time, more or less. So the administrative time is dramatically reduced in maintaining the product. This saves an engineer around four to five hours a week."

"The simplicity of the solution, how easy it is to deploy and how small it is when deployed as an agent on a device, is probably the biggest aspect, given what it can do."

"The biggest feature is that it hides everything from your operating system that's running in-memory from anything to try to run against it. That's the most unique thing that's on the market. There's nothing else out there that's quite like that. That's a big selling point and why we went with it. It does exactly what the design does. If you can't find it, you can't execute against it."

"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."

"Morphisec stops attacks without needing to know what type of threat it is, just that it is foreign. It is based on injections, so it would know when a software launches. If a software launches and something else also launches, then it would count that as anomalous and block it. Because the software looks at the code, and if it executes something else that is not related, then Morphisec would block it. That is how it works."

"We have seen it successfully block attacks that a traditional antivirus did not pick up."

"Morphisec also provides full visibility into security events for Microsoft Defender and Morphisec in one dashboard... in the single pane of glass provided by Morphisec, it's all right there at your fingertips: easy to access and easy to understand. And if you choose to go down further to know everything from the process to the hash behind it, you can."

More Morphisec pros

Cons

"It's pretty good as it is, but its cost could be improved."

"I would like to see integration with Cisco Analytics."

"Its price is okay for us, but it can always be better. There's always room for improvement when it comes to pricing."

"Integration and dashboard are areas with certain shortcomings in Cisco Secure Endpoint."

"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."

"It does not include encryption and decryption of local file shares."

"The product does not provide options like tunnel creation or virtual appliances."

"In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."

More Cisco Secure Endpoint cons

"It would be useful for them if they had some kind of network discovery. That kind of functionality I think would give IT administrators a little bit more confidence that they have 100 percent coverage, and it gives them something to audit against. Network discovery would be one area I would definitely suggest that they put some effort into."

"We sometimes have to depend on the support team to know what action we should take. If the solution for an alert can be built into the report that we are getting, it will save time, and the interaction with support would be less. At times, corrective action is required, but at times, we don't need to take any action. It would be good if we get to know in the report that a particular infection doesn't require any action. It will save us time and effort."

"From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time."

"Some of the filters for the console need improvement. There are alerts that show up and just being able to acknowledge that we've seen those and not turn them off, but dismiss them, would be a huge benefit."

"In the Windows Defender integration, they have put in a report of computers that need Windows Defender updates. If those updates could be kicked off directly from the dashboard, instead of having to go to another system entirely, that would be good."

"I haven't been able to get the cloud deployment to work. When there's an update, I'm supposed to be able to roll it out for the cloud solution, but right now I'm continuing to use our SCCM solution to update it."

"We have only had four attacks in the last year, "attacks" being some benign PDF from a vendor that, for some reason, were triggered. There were no actual attacks. They were just four false positives, or something lowly like adware. There have been false positives with both the on-premises solution and the cloud solution."

"Right now, it's just their auto-update feature. I know they are currently working on that. When they release a new version of the threat prevention platform, I do have to update that, rolling out to every computer. They have said, "From version 5, you would be able to do an auto-update." While this is very minor, that is the only thing that I would say needs to be upgraded. It would just make life a lot easier for other IT teams. However, I have simplified the process, so all I need to do is just download one file."

More Morphisec cons

Pricing and Cost Advice

"It is a subscription-based product."

"Cisco's pricing is reasonable. We also do not need to opt for niche players, which would have charged us significantly more than Cisco for ecosystem solutions. We are highly satisfied with the pricing structure of Cisco's solutions they are reasonable."

"We can know if something bad is potentially happening instantaneously and prevent it from happening. We can go to a device and isolate it before it infects other devices. In our environment, that's millions of dollars saved in a matter of seconds."

"Cisco Secure Endpoint is not too expensive and it's not cheap. It's quite fair."

"There is also the Cisco annual subscription plus my management time in terms of what I do with the Cisco product. I spend a minimal amount of time on it though, just rolling out updates as they need them and monitoring the console a couple of times a day to ensure nothing is out of control. Cost-wise, we are quite happy with it."

"The Enterprise Agreement is like an all-you-can-eat buffet of Cisco products. In that vein, it was very affordable."

"It is an expensive solution."

"The visibility that we have into the endpoint and the forensics that we're able to collect give us value for the price. This is not an overly expensive solution, considering all the things that are provided. You get great performance and value for the cost."

More Cisco Secure Endpoint pricing and cost advice

"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."

"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."

"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."

"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."

"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."

"The pricing is definitely fair for what it does."

"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."

"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."

More Morphisec pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

881,114 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

13%

Manufacturing Company

10%

Government

Healthcare Company

Outsourcing Company

17%

Manufacturing Company

12%

Financial Services Firm

Computer Software Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	21
Midsize Enterprise	14
Large Enterprise	21

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	8
Large Enterprise	8

Questions from the Community

What do you like most about Cisco Secure Endpoint?

The product's initial setup phase was very simple.

See all answers

What is your experience regarding pricing and costs for Cisco Secure Endpoint?

Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdStrike, Microsoft Defender, or SentinelOne.

See all answers

What needs improvement with Cisco Secure Endpoint?

Cisco Secure Endpoint lacks features like DLP which other vendors offer. XDR is new, so integration capabilities with third-party tools need improvement. The forensic capabilities need enhancement,...

See all answers

Ask a question

Earn 20 points

Comparisons

Microsoft Defender for Endpoint vs Cisco Secure Endpoint

Compared 10% of the time

CrowdStrike Falcon vs Cisco Secure Endpoint

Compared 6% of the time

SentinelOne Singularity Complete vs Cisco Secure Endpoint

Compared 5% of the time

BlackBerry Cylance Cybersecurity vs Cisco Secure Endpoint

Compared 4% of the time

Symantec Endpoint Security vs Cisco Secure Endpoint

Compared 3% of the time

More Cisco Secure Endpoint Competitors

Halcyon vs Morphisec

Compared 15% of the time

CrowdStrike Falcon vs Morphisec

Compared 11% of the time

Deep Instinct Prevention Platform vs Morphisec

Compared 9% of the time

FortiCNAPP vs Morphisec

Compared 7% of the time

Kaspersky Anti-Targeted Attack Platform vs Morphisec

Compared 4% of the time

More Morphisec Competitors

Product Reports

Cisco Secure Endpoint

Download Cisco Secure Endpoint product report

Download Morphisec product report

Also Known As

Cisco AMP for Endpoints

Morphisec, Morphisec Moving Target Defense

Overview

Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities. Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.

Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.

Reviews from Real Users

Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.

Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."

Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."

Cisco

Morphisec delivers signatureless endpoint-specific protection, effectively blocking zero-day threats and ransomware without affecting performance, making it a preferred choice for enhancing security strategies.

Morphisec empowers users by providing comprehensive protection against advanced threats with its innovative signatureless and in-memory security features. Its seamless integration with Microsoft Defender ensures complete visibility and automatic threat blocking through a unified dashboard. The Moving Target Defense technology enhances deployment efficiency while its lightweight design maintains system performance. Despite some challenges in cloud deployment and feature updates, users find value in its ease of use and minimal administrative effort.

What are the key features of Morphisec?

Signatureless Protection: Blocks threats without relying on signatures, ensuring up-to-date defense.
In-Memory Protection: Prevents attacks targeting system memory to safeguard endpoints.
Zero-Day Threat Blocking: Offers proactive defense against undiscovered threats.
Unified Dashboard: Provides comprehensive security event visibility and integration with Microsoft Defender.
Lightweight Design: Ensures smooth operation without system performance issues.

What benefits can users expect when evaluating Morphisec?

Enhanced Security: Strengthens defense layers against ransomware and memory attacks.
Seamless Integration: Works alongside existing antivirus solutions like Microsoft Defender.
Minimal Administration: Requires low maintenance due to its set-and-forget nature.
Automatic Updates: Keeps protection current without manual intervention.
Broad Coverage: Suitable for desktops, servers, and cloud platforms.

In industries with high security needs, deploying Morphisec adds a robust defense against advanced threats. Its compatibility with antivirus solutions and cloud platforms makes it adaptable to diverse environments, ensuring effective threat mitigation and detection.

Sample Customers

Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank

Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center

Cisco Secure Endpoint vs. Morphisec