We performed a comparison between Cisco SecureX and CrowdStrike Falcon based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco SecureX earns high marks for its automated utilities, comprehensive visibility, and seamless integration with external resources. CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Users say Cisco SecureX needs better documentation and integration with on-premises systems. It would also benefit by expanding its compatibility with third-party solutions. CrowdStrike Falcon could benefit from adding a sandbox feature and more detailed firewall management options.
Service and Support: Some users describe Cisco support as dependable and efficient, while others noted a decline in quality due to personnel changes. CrowdStrike Falcon's customer service is considered prompt and helpful.
Ease of Deployment: Setting up Cisco SecureX is generally considered to be straightforward in cloud environments, but it requires more effort to integrate the solution with on-premise products. CrowdStrike Falcon's setup is considered to be simple and efficient, with deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable.
Pricing: A few users said Cisco SecureX’s price could be lower, given that it is included for free with certain Cisco products. Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive.
ROI: Cisco SecureX provides a positive ROI by speeding up detection and resolution. It also decreases workloads through automation and proactive information gathering. CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the need for onsite servers.
Comparison Results: Our users prefer CrowdStrike Falcon over Cisco SecureX. Users particularly commend CrowdStrike Falcon for its efficient resource utilization, accurate threat detection, and robust defense against cyberattacks. They also value its seamless integration capabilities and user-friendly interface. Cisco SecureX users reported challenges with on-prem integration and observed a need for more third-party integration.
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"The product is very easy to use."
"Email protection is the most valuable feature of Microsoft Defender XDR."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"Microsoft Defender XDR is scalable."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together."
"The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever."
"One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."
"It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place."
"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."
"The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem."
"The most beneficial feature of Cisco SecureX for cybersecurity efforts is its integration with other Cisco solutions and the environment. This sets it apart, as its APIs and overall integration capabilities are very strong. Additionally, its detection capabilities are commendable."
"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."
"The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment."
"Scalability is good. We have had no issues with it."
"It has definitely minimized resources. When everything was on-prem, there was a lot more work maintaining it. One of the big value tickets: I don't have lists of hundreds of exceptions for certain applications that I have to maintain, add, delete, and move. The very nature of the product has lessened my workload considerably."
"One of the most valuable features of CrowdStrike Falcon is when there are upgrades there are no additional fees."
"The most useful feature is that we do not need to install or keep signature files. Regular scanning that consumes a lot of computer resources is not needed."
"CrowdStrike Falcon offers a comprehensive dashboard that is highly effective in protecting against and blocking external infiltration attempts."
"Enables us to understand what processes are running on the system, what registry keys have been enabled."
"The malware protection is the most valuable feature of CrowdStrike Falcon."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"There could be a way to proactively monitor unusual activity ."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"If they could make the Cisco Umbrella piece a little bit more advanced or easier to manage, that would help. We use it for filtering and when you compare it to a normal content filter, it lacks some functionality."
"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved."
"what's missing right now is the multi-tenant capability."
"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."
"The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive."
"The automation and orchestration could be simpler. It could be that all the other parts are that easy to use so that these stick out as a negative, but that's the trickiest part for us. The workflows within the orchestration are just a bit more difficult."
"The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial."
"It is cloud-based, and this does make some weary of the data being held on the cloud. Privacy requirements must be taken into account."
"I want more ability to customize how you summarize the data. The default views are fine, but it would be interesting to be able to customize them based on the kind of data you want to see immediately. This can help the administrator gain an immediate overview and reduce the investigation time."
"Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about"
"I would like to see the machine learning feature enhanced."
"CrowdStrike needs to quit making up stuff about its features and functionality to bash its competition."
"The management of the solution could improve."
"This solution is relatively expensive."
"There are some aspects of the UI that could use some improvement, e.g., working in groups. I build a group, then I have to manually assign prevention policies, update policies, etc., but there is no function to copy that group. So, if I wanted to make a subgroup for troubleshooting or divide workstations into groups of laptops and desktops, then I have to manually build a brand new group. I can't just copy a build from one to another. Additionally, in order to do any work within a group, I have to first do the work on the respective prevention policy page or individual policy page, then remove the group if the group is assigned to a different prevention policy, remove the prevention policy, and then add the new one in. So, it can get a little hectic. It would be easier if I could add and remove things from the group page rather than having to go into the policy pages to do it."
Cisco SecureX is ranked 13th in Extended Detection and Response (XDR) with 13 reviews while CrowdStrike Falcon is ranked 1st in Extended Detection and Response (XDR) with 110 reviews. Cisco SecureX is rated 9.0, while CrowdStrike Falcon is rated 8.6. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". Cisco SecureX is most compared with Trend Vision One, Cortex XDR by Palo Alto Networks, Splunk SOAR, Cisco Secure Network Analytics and Wazuh, whereas CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and Fortinet FortiEDR. See our Cisco SecureX vs. CrowdStrike Falcon report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.