Try our new research platform with insights from 80,000+ expert users

Cisco Secure Endpoint vs Morphisec comparison

Cisco and Morphisec are both solutions in the Endpoint Protection Platform (EPP) category. Cisco is ranked #35 with an average rating of 8.8, while Morphisec is ranked #54. Cisco holds a 1.5% mindshare in EPP, compared to Morphisec’s 0.5% mindshare. Additionally, 96% of Cisco users are willing to recommend the solution, compared to 100% of Morphisec users who would recommend it.
Cisco Secure Endpoint
Read 49 Cisco Secure Endpoint reviews
  • 5,048 Views
  • 3,433 Comparison Views
96% willing to recommend
Morphisec
Read 21 Morphisec reviews
  • 1,975 Views
  • 1,067 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

Cisco Secure Endpoint and Morphisec are leading endpoint security solutions. Cisco Secure Endpoint appears to have the upper hand due to its comprehensive support and pricing, while Morphisec is notable for its advanced features.

Features: Cisco Secure Endpoint offers robust security features such as advanced threat detection, remediation, and integration with other Cisco security products. Morphisec provides proactive prevention capabilities, a lightweight agent, and minimal impact on system performance.

Room for Improvement:Cisco Secure Endpoint could benefit from performance optimization, a more intuitive setup process, and enhanced user interface. Morphisec needs improvement in reporting capabilities, greater configuration flexibility, and better customer support documentation.

Ease of Deployment and Customer Service:Cisco Secure Endpoint is noted for straightforward deployment, though its configuration process is complex, with highly rated customer support. Morphisec offers easy deployment and minimal system disruption, but customer service receives mixed reviews compared to Cisco.

Pricing and ROI:Cisco Secure Endpoint is cost-effective with a good return on investment, though initial setup costs can be high. Morphisec is more expensive but users believe its superior features justify the cost and provide solid ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cisco Secure Endpoint vs. Morphisec Report (Updated: September 2025).
Buyer's Guide
Cisco Secure Endpoint vs. Morphisec
September 2025
Download the complete report
Helped 868,787 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Secure Endpoint
Ranking in Endpoint Protection Platform (EPP)
35th
Ranking in Endpoint Detection and Response (EDR)
28th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
49
Ranking in other categories
Cisco Security Portfolio (9th)
Morphisec
Ranking in Endpoint Protection Platform (EPP)
54th
Ranking in Endpoint Detection and Response (EDR)
61st
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (63rd), Advanced Threat Protection (ATP) (34th), Cloud Workload Protection Platforms (CWPP) (31st), Threat Deception Platforms (15th)
 

Mindshare comparison

As of October 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cisco Secure Endpoint is 1.5%, down from 1.6% compared to the previous year. The mindshare of Morphisec is 0.5%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Market Share Distribution
ProductMarket Share (%)
Cisco Secure Endpoint1.5%
Morphisec0.5%
Other98.0%
Endpoint Protection Platform (EPP)
 

Featured Reviews

AKSHAYK - PeerSpot reviewer
Identifies the malicious content in an organization's network
We must install an agent on every laptop. We do not know how to do it for the network. We shouldn’t have to install agents individually if it's a corporate network. The product does not provide options like tunnel creation or virtual appliances. If there are 2000 users and only one network administrator, installing the agent on every laptop will be time-consuming.
Read full review
Rick Schibler - PeerSpot reviewer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature at this moment is that Cisco AMP or Cisco Secure Endpoint solution is delivering a lot of things, and I always say to a lot of customers that if we didn't have Cisco AMP, we probably would have had ransomware somewhere. So, it's protecting us very well from a lot of hackers, malware, and especially ransomware."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"The product itself is pretty reliable. The security features that it has make it reliable."
"appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. I can track everything that happens on our server from my PC or device. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us."
"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"It is a very stable program."
"The most valuable feature is signature-based malware detection."
"The integration with other Cisco products seemed to be really effective. We had Umbrella in place and we were using AnyConnect as well as Firepower. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful."
More Cisco Secure Endpoint pros
"Morphisec provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. Defender and Morphisec are integrated. It's important because it lowers the total cost of maintenance on the engineer's time, more or less. So the administrative time is dramatically reduced in maintaining the product. This saves an engineer around four to five hours a week."
"Morphisec also provides full visibility into security events for Microsoft Defender and Morphisec in one dashboard... in the single pane of glass provided by Morphisec, it's all right there at your fingertips: easy to access and easy to understand. And if you choose to go down further to know everything from the process to the hash behind it, you can."
"Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure."
"Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it."
"The fact that Morphisec uses deterministic attack prevention that does not require human intervention has affected our security team's operations by making things much simpler. We don't have to really track down various alerts anymore, they've just stopped. At that point, we can go in and we can clean up whatever needs to be cleaned up. There are some things that Morphisec detects that we can't really remove, it's parts of Internet Explorer, but it's being blocked anyway. So we're happy with that."
"The biggest feature is that it hides everything from your operating system that's running in-memory from anything to try to run against it. That's the most unique thing that's on the market. There's nothing else out there that's quite like that. That's a big selling point and why we went with it. It does exactly what the design does. If you can't find it, you can't execute against it."
"Since using Morphisec we have seen a downturn in attacks because Morphisec protects us versus Defenders and whatnot that are signature-based. I know we have not had any issues with ransomware or other zero-day attacks that we've seen with machines that, all of a sudden, have become before we instituted the product. Now the machine had to be re-imaged and there was a loss of data because something was on the machine. You couldn't really determine what was on the machine because nothing was picking it up. The products we were using weren't picking it up."
"Morphisec stops attacks without needing to know what type of threat it is, just that it is foreign. It is based on injections, so it would know when a software launches. If a software launches and something else also launches, then it would count that as anomalous and block it. Because the software looks at the code, and if it executes something else that is not related, then Morphisec would block it. That is how it works."
More Morphisec pros
 

Cons

"The solution needs more in-depth analytics."
"I would like them to add whatever makes filtering more advanced in scanning and blocking for malware in emails."
"The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product."
"Cisco Meraki could benefit from AI assistance or intelligent assistance features. Compared to competitors like Juniper, Cisco Meraki currently lacks a digital network assistant, which is an area Cisco is reportedly working on."
"The room for improvement would be on event notifications. I have mine tuned fairly well. I do feel that if you subscribe to all the event notification types out-of-the-box, or don't really go through and take the time to filter out events, the notifications can become overwhelming with information. Sometimes, when you're overwhelmed with information, you just say, "I'm not going to look at anything because I'm receiving so much." I recommend the vendor come up with a white paper on the best practices for event notifications."
"An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number."
"Cisco is good in terms of threat intelligence plus machine learning-based solutions, but we feel Cisco is lagging behind in using artificial intelligence in its systems."
"The product does not provide options like tunnel creation or virtual appliances."
More Cisco Secure Endpoint cons
"We have discovered some bugs in the new releases that they've had to fix, so I would like to see more testing and QA on their side before they release."
"Those are some of the features that I was looking for on my on-prem platform that they've already instituted in the cloud and that I'm sure will be instituting on their on-prem platform as well. Having to have an on-prem server required a lot of administration. Being able to push that to the cloud and have it managed up there for us is a real nice addition."
"It would be nice if they could integrate Morphisec with other traditional antivirus solutions beyond Microsoft Defender. That is probably my biggest gripe."
"Sometimes it generates false positive alerts. They need to continue working on that. They have provided solutions for it and have fixed issues with updated versions. The service is quite good but they need to work on it more so that there are no false positive alerts."
"It might be a bit much to ask, but we are now beginning to use Morphisec Scout, which provides vulnerability information. At this time, it's recognizing vulnerabilities and reporting them to us, but it's not necessarily resolving them. There's still a separate manual process to resolve those vulnerabilities, primarily through upgrades. We have to do that outside of Morphisec. If Morphisec could somehow have that capability built into it, that would be very effective."
"We started in the Linux platform and we deployed to Linux. The licensing of that has been kind of confusing between Linux licensing and Windows licensing. The overall simplicity of licensing or offering an enterprise license to just cover everything and then we don't have to count needs improvement."
"We wanted to have multi-tenants in their cloud platform, so every entity can look into their own systems and not see other systems in other entities. I have a beta version on that now. I would like them to incorporate that in the cloud solution."
"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity."
More Morphisec cons
 

Pricing and Cost Advice

"My company does make annual payments towards the licensing costs of the solution. Cisco Secure Endpoint is a little bit expensive."
"There is also the Cisco annual subscription plus my management time in terms of what I do with the Cisco product. I spend a minimal amount of time on it though, just rolling out updates as they need them and monitoring the console a couple of times a day to ensure nothing is out of control. Cost-wise, we are quite happy with it."
"Whenever you are doing the licensing process, I would highly advise to look at what other Cisco solutions you have in your organization, then evaluate if an Enterprise Agreement is the best way to go. In our case, it was the best way to go. Since we had so many other Cisco products, we were able to tie those in. We were actually able to get several Cisco security solutions for less than if we had bought three or four Cisco security solutions independently or ad hoc."
"The solution's price is about the same as that of Palo Alto solutions."
"It can always be cheaper."
"In our case, it is a straightforward annual payment through our Enterprise Agreement."
"It is a subscription-based product."
"The price is very good."
More Cisco Secure Endpoint pricing and cost advice
"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."
"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"The pricing is definitely fair for what it does."
More Morphisec pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
868,787 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
21%
Manufacturing Company
9%
Government
7%
Healthcare Company
6%
Outsourcing Company
16%
Manufacturing Company
12%
Computer Software Company
9%
Financial Services Firm
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise14
Large Enterprise21
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
 

Questions from the Community

What do you like most about Cisco Secure Endpoint?
The product's initial setup phase was very simple.
See all answers
What is your experience regarding pricing and costs for Cisco Secure Endpoint?
Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdStrike, Microsoft Defender, or SentinelOne.
See all answers
What needs improvement with Cisco Secure Endpoint?
Cisco Secure Endpoint lacks features like DLP which other vendors offer. XDR is new, so integration capabilities with third-party tools need improvement. The forensic capabilities need enhancement,...
See all answers
Ask a question
Earn 20 points
 

Comparisons

Microsoft Defender for Endpoint vs Cisco Secure Endpoint Logo
Microsoft Defender for Endpoint vs Cisco Secure Endpoint
Compared 14% of the time
CrowdStrike Falcon vs Cisco Secure Endpoint Logo
CrowdStrike Falcon vs Cisco Secure Endpoint
Compared 10% of the time
SentinelOne Singularity Complete vs Cisco Secure Endpoint Logo
SentinelOne Singularity Complete vs Cisco Secure Endpoint
Compared 7% of the time
Cortex XDR by Palo Alto Networks vs Cisco Secure Endpoint Logo
Cortex XDR by Palo Alto Networks vs Cisco Secure Endpoint
Compared 5% of the time
Symantec Endpoint Security vs Cisco Secure Endpoint Logo
Symantec Endpoint Security vs Cisco Secure Endpoint
Compared 4% of the time
More Cisco Secure Endpoint Competitors
CrowdStrike Falcon vs Morphisec Logo
CrowdStrike Falcon vs Morphisec
Compared 22% of the time
Halcyon vs Morphisec Logo
Halcyon vs Morphisec
Compared 19% of the time
SentinelOne Singularity Complete vs Morphisec Logo
SentinelOne Singularity Complete vs Morphisec
Compared 12% of the time
Hyver vs Morphisec Logo
Hyver vs Morphisec
Compared 12% of the time
Lacework FortiCNAPP vs Morphisec Logo
Lacework FortiCNAPP vs Morphisec
Compared 4% of the time
More Morphisec Competitors
 

Product Reports

Buyer's Guide
Cisco Secure Endpoint
September 2025
Cisco Secure Endpoint reportDownload Cisco Secure Endpoint product report
Buyer's Guide
Morphisec
September 2025
Morphisec reportDownload Morphisec product report
 

Also Known As

Cisco AMP for Endpoints
Morphisec, Morphisec Moving Target Defense
 

Overview

Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities. Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.

Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.

Reviews from Real Users

Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.

Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."

Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."

Cisco

Morphisec integrates seamlessly with platforms like Microsoft Defender, offering signatureless protection against zero-day threats and ransomware. It enhances existing endpoint solutions with minimal maintenance through its set-and-forget deployment, providing heightened security and reduced false positives.

Morphisec strengthens defense strategies by merging memory morphing and signatureless protection to effectively block zero-day attacks and ransomware. It operates efficiently within existing infrastructure, reducing system impact and maintenance needs. Users find its full visibility dashboard invaluable. Despite its strengths, cloud deployment and reporting features can be improved. Stability, alerts, and integration with other systems pose challenges for users, impacting usability and support quality.

What are Morphisec's key features?

  • Seamless Integration: Works with Microsoft Defender for comprehensive dashboard visibility
  • Memory Morphing: Hides processes to reduce attack surfaces
  • Signatureless Protection: Prevents threats without impacting performance
  • Automatic Threat Blocking: Uses inbuilt intelligence to detect risks
  • Set-and-Forget Deployment: Simplifies management and reduces maintenance

What benefits should users consider in reviews?

  • Quick Deployment: Fast setup without disrupting operations
  • Enhanced Protection: Provides an additional defense layer against advanced threats
  • Cost-Effectiveness: Works with existing licenses, minimizing extra investments
  • Improved Compatibility: Integrates smoothly with current antivirus systems
  • Minimal System Impact: Operates efficiently without overloading resources

In security-focused industries, Morphisec is crucial for protecting workstations and servers against sophisticated attacks like ransomware. Its signatureless technology offers early threat detection, while compatibility with existing systems ensures seamless integration, providing advanced protection without additional licensing costs.

Morphisec
 

Sample Customers

Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Buyer's Guide
Cisco Secure Endpoint vs. Morphisec
September 2025
Free Report: Cisco Secure Endpoint vs. Morphisec
Find out what your peers are saying about Cisco Secure Endpoint vs. Morphisec and other solutions. Updated: September 2025.
DOWNLOAD NOW
868,787 professionals have used our research since 2012.
See our Cisco Secure Endpoint vs. Morphisec report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.