Likelihood to Recommend This is perfect for organisations with small or limited security teams who want to get more from their Cisco and third-party investments. With Secure Endpoint makes detecting and responding to threats much easier. Any organisation looking to overhaul its security infrastructure or even wrap around its cloud-first strategy with solutions such as Intune should seriously look at Cisco’s suite of products. I’ve implemented Secure Endpoint, Umbrella, and Duo for customers primarily using Intune for device management, and the cool new insight features in Cisco SecureX really help with visibility over their estate.
Read full review XSOAR is well suited for phishing detection and response. Phishing alerts are as much of a problem today as they were decades ago. This is because: ●Attackers Can leverage automation to launch high-quantity phishing attacks with the click of a button. ●Spear Phishing attacks are sophisticated and sometimes indistinguishable from real emails, resulting in compromise through human error. ●Security Teams aren’t able to follow set processes while responding to phishing alerts. They must coordinate across email inboxes, threat intel, NGFW, ticketing, and other tools. Each tool has different consoles, data conventions, and contexts, making it difficult for security teams to fill in the gaps while minimizing errors. XSOAR is less suited for analyzing traffic.
Read full review Pros So the product enables end users to get visibility into their security environment, not only across the Cisco products but across the third-party products as well. The product also automates detection and response. So the product really offers end-user efficiency in the security operations center. Read full review Automation with immediate security responses. Comprehensive phishing protection and increased email protection. Analysis and reporting feature. Intuitive and easy-to-view panels. Alerts by email and sms of incidents for the administration. Centralized monitoring. Read full review Cons Of course, many companies prefer to obtain security from the cloud; however, not all of them prefer it, which is why having a local implementation would allow these companies to also use said software as their ally for their security. Working with this software can be simple, that is, any threat can be visualized with greater precision, but when it comes to managing its orchestration, it is a bit complex. Its integration with other software can be simple but with others it is not, that is why it would be ideal if all of them could be carried out in the same way. Integrating with a larger number of third party software would be of great help, to further enhance the analysis and detection of threats. Read full review The XSOAR bot creates a lot of noise on the summary page of any XSOAR incident. Although the filter is available to reduce the view, by default this should not be visible cluttering the whole scenario. The interface has too much data on a single pane. I would love to have many buttons to just click and do stuff. Also, I would love to have search areas more interactive and easier to navigate. Read full review Likelihood to Renew It has proven to be far to valuable and effective to consider getting rid of it. Until something better comes along, this is staying in our product stack.
Read full review Implementation Rating It was much easier than we all anticipated.
Read full review Alternatives Considered A lot of the look and feel of both products is quite similar. There's several best practices on visualization that are followed in both and integration of common telemetry is comfortable and quick. But while Microsoft ATP offers deep insights into mostly the Microsoft environment and a limited view into other common sources, SecureX shines in all the non-client areas Microsoft's product seems lackluster in.
Read full review The quantity of integrations with security solutions is highest in Palo Alto Solution. The capacity to identify anomalous events is much better in Palo Alto Networks Cortex XSOAR. The flexibility of increased storage area is better as well. The dashboard is very intuitive about showing the most important incidents and how to resolve them.
Read full review Return on Investment It helps us easily Id the full extent of a threat It saves time searching for data. It only gives basic info I wish there was greater integration between all security offerings It allows other techs to pick up where you left off. Read full review Demisto has Eased malware analysis and threat hunting With Demisto, it is simple to create playbooks and scripts This is helped automate policy configurations on our PA firewalls through Panorama Read full review ScreenShots