Try our new research platform with insights from 80,000+ expert users
Cisco XDR Logo

Cisco XDR Reviews

Vendor: Cisco
4.4 out of 5
Start review

What is Cisco XDR?

Cisco XDR is primarily used for threat detection and response. It integrates with existing security infrastructure, offering real-time monitoring and quick incident response. This makes it valuable for organizations needing comprehensive security management.

Get the Extended Detection and Response (XDR) Buyer's Guide and find out what your peers are saying about Cisco XDR, CrowdStrike Falcon, Wazuh and more!
Cisco XDR is the #23 ranked solution in XDR Security products. PeerSpot users give Cisco XDR an average rating of 8.8 out of 10. Cisco XDR is most commonly compared to CrowdStrike Falcon: Cisco XDR vs CrowdStrike Falcon. Cisco XDR is popular among the large enterprise segment, accounting for 57% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 12% of all views.
Buyer's Guide
Extended Detection and Response (XDR)
June 2025
Get the category report
Helped 859,129 peers since 2012

Featured Cisco XDR reviews

Read more reviews

Cisco XDR mindshare

As of June 2025, the mindshare of Cisco XDR in the Extended Detection and Response (XDR) category stands at 1.8%, up from 0.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 
 
Key learnings from peers

Valuable Features

Cisco XDR offers threat intelligence and links with Firewall, providing zero-day attack detection through Cisco Meraki integration. Automated response capabilities, robust dashboards, and enhanced network visibility are highlights. It integrates with Cisco's cloud and Splunk for detailed log analysis. Users value its automation tools, reliability, and detailed troubleshooting capabilities. Granularity and clarity in information enhance problem resolution and training simplicity. Its single point of maintenance and workflow automation are praised for time efficiency.
  • "The feature I appreciate the most about Cisco XDR is the reliability."
  • "The feature I appreciate the most about Cisco XDR is the reliability."
  • "I appreciate the granularity of what I get from Cisco XDR the most."

Room for Improvement

Pricing and licensing complexities need enhancement on Cisco XDR. Users report considerable visibility issues due to costly licensing tiers, unlike competitors. Free XDR licenses for testing could mitigate costs. Additionally, users face challenges with the character and observable limits during investigations. Increasing the capacity for handling lists, like blocking multiple domains simultaneously, would simplify tasks. Upfront costs prove burdensome for smaller businesses, impacting their overall experience.
  • "The licensing of Cisco XDR is a bit complicated. The cost can depend on what it is, and the process can be a little complicated."
  • "My only complaint about Cisco XDR is related to licensing, which is complicated."
  • "Cisco XDR can be improved by addressing the upfront cost. Everything matters for us since we're small, mom and pop, so every dollar counts."

Pricing

Many users report that Cisco XDR offers attractive discounts for purchasing multiple products, reducing security costs. However, pricing varies with dollar fluctuations, affecting costs compared to local competitors. The current subscription-based model, available in one, three, or five-year terms, contrasts with prior one-time purchase options. Licensing can be complex and dependent on specific needs, with some preferring the previous non-renewal model.
  • "The licensing of Cisco XDR is a bit complicated. The cost can depend on what it is, and the process can be a little complicated."

Popular Use Cases

Cisco XDR is utilized for endpoint security, integrating with Cisco Firepower Threat Defense and Cisco Meraki. Global customers frequently use it, directly requesting it for integration. SOC analysts use it for incident management and automation, while ISPs employ it for traffic routing and network insights. Internet providers leverage Cisco XDR for managing network devices and data centers, delivering internet services efficiently. It ensures comprehensive security by isolating compromised PCs from networks if required.

Service and Support

Cisco XDR customer service and support receive high praise, often described as helpful and quick to respond. Many rate their experience as excellent, noting that technical support is willing to engage in meetings and work flexibly with clients' schedules. Although minor issues occasionally occur, these do not significantly impact the positive perceptions. High ratings are common, with many attributing scores like nine or ten out of ten.

Deployment

Cisco XDR's initial setup is generally easy, with accessible documentation and guidelines. However, some users encountered integration challenges, facing technical issues and requiring extensive communication with engineers. While the deployment process was smooth, difficulties arose with tool integration and application performance, leading to a gradual resolution. Implementations were facilitated by working with partners such as Net Fabric, making the process easier for users. Participants often found the deployment straightforward, despite some initial challenges.

Stability

Customers describe Cisco XDR as stable and scalable compared to competitors. Initially, users faced significant login and freezing issues for about three months, which were resolved after addressing specific technical problems. Users now report flawless performance. Cisco XDR is characterized as bulletproof if maintained with regular patches and updates. Its reliability is seen as a key benefit.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Extended Detection and Response (XDR) Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews
Computer Software Company
12%
Manufacturing Company
8%
Government
8%
Financial Services Firm
7%
Educational Organization
7%
University
6%
Comms Service Provider
6%
Healthcare Company
5%
Energy/Utilities Company
5%
Real Estate/Law Firm
4%
Outsourcing Company
3%
Non Profit
3%
Retailer
3%
Hospitality Company
2%
Legal Firm
2%
Media Company
2%
Recreational Facilities/Services Company
2%
Construction Company
2%
Performing Arts
1%
Aerospace/Defense Firm
1%
Consumer Goods Company
1%
Logistics Company
1%
Security Firm
1%
Insurance Company
1%
Non Tech Company
1%

Compare Cisco XDR with alternative products

Go!

Learn more about Cisco XDR

Cisco XDR provides robust threat detection, advanced analytics, and automated response capabilities. Users appreciate its integration with multiple security tools, offering comprehensive visibility across networks. The customizable dashboards help streamline incident management, and updated threat intelligence ensures effective protection against emerging threats. It assists in consolidating alerts from different sources, streamlining investigation efforts and minimizing time to remediate incidents. However, users have noted the need for better integration capabilities with third-party tools, improved performance speed, and enhanced reporting features. Some find it difficult to configure and believe its analytics could be more intuitive. There is also a desire for more detailed documentation and more responsive technical support.

What are the most important features of Cisco XDR?
  • Threat Detection: Identifies potential threats quickly and accurately.
  • Advanced Analytics: Provides detailed insights into security events.
  • Automated Response: Responds to incidents with minimal manual intervention.
  • Comprehensive Visibility: Integrates with various tools for a holistic view.
  • Customizable Dashboards: Allows for tailored incident management interfaces.
  • Updated Threat Intelligence: Keeps protection measures current against new threats.
What are the key benefits and ROI to look for in reviews?
  • Real-Time Monitoring: Enhances proactive threat management.
  • Quick Incident Response: Reduces downtime during security incidents.
  • Streamlined Investigations: Consolidates alerts for efficient analysis.
  • Improved Security Posture: Detects advanced persistent threats with precision.
  • Enhanced Efficiency: Minimizes time to remediate incidents.

In industries such as finance, healthcare, and government, Cisco XDR is implemented to enhance security measures and protect critical data. Its advanced threat detection and automated response mechanisms are crucial for organizations facing sophisticated cyber threats. Meanwhile, businesses in sectors like retail and manufacturing benefit from its ability to integrate with security infrastructure, ensuring continuous monitoring and protection of assets.

Product Demo

Play interactive demo

Related questions

  • 63
What is the best EDR or XDR product for a company with 9000 employees?
  • 12
When evaluating Extended Detection and Response (XDR), what aspect do you think is the most important to look for?
  • 265
How do you decide about the alert severity in your Security Operations Center (SOC)?
  • 106
Which is better for Endpoint Security: EDR or XDR solutions?
  • 119
What are the main differences between XDR and SIEM?
  • 305
Why is (XDR) Extended Detection and Response important for companies?
  • 62
How do you use the MITRE ATT&CK framework for improving enterprise security?
  • 46
What tools and solutions do you use for automated incident response in an enterprise in 2022?
  • 34
FortiXDR vs Cortex Pro - which is the best?
  • 1,040
What is Cognitive Cybersecurity and what is it used for?

Product Categories

Product Categories
Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Cisco XDR Logo
CrowdStrike Falcon vs Cisco XDR
Wazuh vs Cisco XDR Logo
Wazuh vs Cisco XDR
Darktrace vs Cisco XDR Logo
Darktrace vs Cisco XDR
SentinelOne Singularity Complete vs Cisco XDR Logo
SentinelOne Singularity Complete vs Cisco XDR
Microsoft Defender XDR vs Cisco XDR Logo
Microsoft Defender XDR vs Cisco XDR
Cortex XDR by Palo Alto Networks vs Cisco XDR Logo
Cortex XDR by Palo Alto Networks vs Cisco XDR
IBM Security QRadar vs Cisco XDR Logo
IBM Security QRadar vs Cisco XDR
Trend Vision One vs Cisco XDR Logo
Trend Vision One vs Cisco XDR
Vectra AI vs Cisco XDR Logo
Vectra AI vs Cisco XDR
Rapid7 InsightIDR vs Cisco XDR Logo
Rapid7 InsightIDR vs Cisco XDR
Secureworks Taegis XDR vs Cisco XDR Logo
Secureworks Taegis XDR vs Cisco XDR
FortiXDR vs Cisco XDR Logo
FortiXDR vs Cisco XDR
See all alternatives
 

Cisco XDR reviews

Sort by:
CO
SOC Analyst at a educational organization with 501-1,000 employees
Verified user of Cisco XDR
Apr 15, 2025
Streamlines incident management and accelerates threat response

Pros

"One of my favorite features of Cisco XDR is the automation tool, which saves a lot of time because we can craft these automations and workflows."

Cons

"If we have a list of domains we need to block, such as 4,000 domains, I can only block 100 domains at a time because if I put in more than 100 domains, I hit that 2,000 character max and can't continue with an investigation. Being able to put in all 4,000 domains, without a character limit or observable limit, would make doing those case books a whole lot easier and blocking those domains a whole lot easier too."

What is our primary use case?

I use Cisco XDR because I'm a SOC analyst. It's something I use every single day. The majority of my work has been in Cisco XDR looking through incidents, reading reports that it gives, and making automations. 

How has it helped my organization?

I use Cisco XDR as more of an integration tool for all of our Cisco tools. I work in a Cisco Suite. We have AMP, Umbrella, Firepower, and all these different tools connected to Cisco XDR, and I can get all my data in one place. It's easier to look at just one tool versus the eight to ten other tools that we have to get data. It saves time and puts us ahead of different threats since it's all in one spot.

I saw the benefits of Cisco XDR immediately after the tool came out. We had meetings with Cisco where they were telling us about the tool. The higher-ups that I work for saw a need for it first, and then they came to the SOC group. When we sat in on the first meeting, we immediately knew that this was a tool we needed to help us save time and get ahead.

*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Read full review (897 words)
MD
Network engineer at mybtc
Verified user of Cisco XDR
Jun 11, 2025
Granular insights enable quick troubleshooting and improved customer satisfaction

Pros

" The features of Cisco XDR benefit my company since time is money. When outages happen and when a customer can't reach the internet, they get agitated. Therefore, the quicker we can mitigate an issue, our customers get happier in a quicker fashion."

Cons

"Cisco XDR can be improved by addressing the upfront cost. "

What is our primary use case?

We are a small ISP, and it mainly use it just basically for routing and insights into wherever our traffic goes through.

How has it helped my organization?

My job is to put out fires all day. The features of Cisco XDR benefit my company since time is money. When outages happen and when a customer can't reach the internet, they get agitated. Therefore, the quicker we can mitigate an issue, our customers get happier in a quicker fashion.

*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Read full review (668 words)
Buyer's Guide
Download free report
Find out what your peers are saying about Extended Detection and Response (XDR). Updated June 2025
859,129 professionals have used our research since 2012.
AM
Core Network Engineer at a comms service provider with 501-1,000 employees
Verified user of Cisco XDR
Jun 12, 2025
Highly reliable and easy to implement

Pros

"The feature I appreciate the most about Cisco XDR is the reliability. "

Cons

"My only complaint about Cisco XDR is related to licensing, which is complicated. "

What is our primary use case?

We use Cisco XDR for our network devices and data centers, as we are an internet provider. We deliver the internet to customers.

What is most valuable?

The feature I appreciate the most about Cisco XDR is the reliability. The reliability of Cisco XDR benefits my company by ensuring less downtime and less customer downtime, and it is also easier to keep everyone trained on Cisco because we are all more familiar with that than other vendors. 

*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Read full review (368 words)
Aruna Udawatte - PeerSpot user
Director -Digital Transformation at Convergence
Verified user of Cisco XDR
Mar 11, 2025
Network visibility improves with centralized maintenance and responsive support

Pros

"Technical support from Cisco is good and very helpful."

Cons

"One area that needs improvement is the limited visibility due to the licensing structure. For more visibility, customers need the advantage or premier licensing, which involves additional costs."

What is our primary use case?

We are integrators, and we also resell Cisco XDR. Global customers are the primary users of Cisco XDR, while local customers often don't request it. For global customers, they directly request Cisco XDR and share all the part codes with us.

What is most valuable?

The single point of maintenance and dashboards are the strong points of Cisco XDR. The visibility of the network is the main valuable feature. Customers frequently request features that offer better system visibility. The solution also offers automated response capability, which I would rate around eight out of ten.
*Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Read full review (429 words)
Umair Siddiqi - PeerSpot user
Network Security Specialist at a government with 1,001-5,000 employees
Verified user of Cisco XDR
Feb 18, 2025
Product version discussed: 7.2
Integration of endpoints enables comprehensive threat detection and isolation

Pros

"Cisco XDR offers threat intelligence and links with the Firewall. "

Cons

"They need to provide better pricing and bundle XDR licenses with products like Meraki solutions or Firepower Threat Defense."

What is our primary use case?

We have four thousand endpoints, and I have installed XDR on these endpoints. They are integrated with Cisco Firepower Threat Defense. XDR can also integrate with Cisco Meraki solutions. Any issue in a PC will send a message to Meraki, the Firewall, and email security systems, ensuring that a PC will be isolated from the network if necessary.

What is most valuable?

Cisco XDR offers threat intelligence and links with the Firewall. I can see the Cisco XDR feature in the Firewall with Threat Intelligence. The integration with XDR and Cisco Meraki solutions allows detection of zero-day attacks. XDR connects with Cisco's cloud for updates on zero-day attacks. There is good integration with Splunk, which Cisco acquired, providing comprehensive log management and analysis.

*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Read full review (300 words)