Great XDR with Some Hidden Gems!
April 23, 2022

Great XDR with Some Hidden Gems!

Darren Kewley | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Review Source

Overall Satisfaction with Cisco SecureX

We use Cisco SecureX as a key system both internally and for our MSSP customers. The entire platform, especially with its Threat Response and Orbital modules, helps us get a grip on threats faster and has really helped us reduce response times. Getting everything up and running needs a bit of planning, and you need to familiarise yourself with the different modules, but once you do, you really get the most out of the platform. For example, we can detect a threat in one customer environment and then query our other environments for the same threat.

The real hidden gem in the platform, however, is the orchestration element. We use it to not only alert our engineers of threats but also inform our customers via integrations with collaboration tools such as Webex that we are responding to it. Our integrations with Secure Endpoint, Duo, Umbrella, etc., also make our response actions more streamlined. One example is blocking a user in Duo if we detect a threat on their endpoint as part of our Zero Trust setup.

The platform is constantly evolving, and hopefully, the new ‘Cisco Secure’ branding will help with messaging about their XDR offering.
  • Orchestration
  • Response
  • Visibility
  • Automation
  • Third party integrations
  • Better messaging from Cisco
  • Easier movement into the Orbital and Threat Response modules
  • Sort out the Cisco SecureX SSO process
  • Orchestration
  • Open API and automation capabilities
  • Threat response
  • Orbital
  • New insights capabilities
  • Threat intelligence from Talos
  • Reduction in response and dwell times
  • Integrating multiple security systems
  • Streamlined monthly costs for our MSSP clients
In our hunt for a decent network and security supplier around XDR, none of the other vendors had the ability to meet our needs like Cisco. We are heavily deploying Meraki and Umbrella, so adding Secure Endpoint, Duo, and Secure Email into the mix just seemed right.

We weren’t bought on Crowdstrike, they have great marketing and blast their logo all over Formula One, but their product isn’t compatible with the UK Cyber Essentials scheme, which is a major dealbreaker for us.

We really tried with Sophos, as its central platform had great potential, but its partner and technical support were woeful.

Do you think Cisco SecureX delivers good value for the price?

Yes

Are you happy with Cisco SecureX's feature set?

Yes

Did Cisco SecureX live up to sales and marketing promises?

Yes

Did implementation of Cisco SecureX go as expected?

Yes

Would you buy Cisco SecureX again?

Yes

Cisco Secure Endpoint (formerly Cisco AMP), Cisco Secure Access by Duo, Cisco Umbrella
This is perfect for organisations with small or limited security teams who want to get more from their Cisco and third-party investments. With Secure Endpoint makes detecting and responding to threats much easier.

Any organisation looking to overhaul its security infrastructure or even wrap around its cloud-first strategy with solutions such as Intune should seriously look at Cisco’s suite of products. I’ve implemented Secure Endpoint, Umbrella, and Duo for customers primarily using Intune for device management, and the cool new insight features in Cisco SecureX really help with visibility over their estate.

Using Cisco SecureX

  • Orchestration
  • Automation
  • Threat response
  • Using Cisco SecureX to automate other platforms such as USM Anywhere and Salesforce
  • The new Insight feature allows us to keep tabs on endpoints and their compliance status (especially when using Duo and enrolled in Intune)
  • Forensic gathering and querying via Orbital
  • Automated response actions
  • Integrating third-party modules