Secureworks Taegis Managed XDR/MDR offers robust threat detection and response capabilities with valuable features including rapid alerting, flexible pricing, and comprehensive threat intelligence. Its integration abilities enhance value for users by providing clear, actionable alerts.
| Product | Mindshare (%) |
|---|---|
| Secureworks Taegis Managed XDR / MDR | 4.9% |
| IBM Managed Security Services | 2.3% |
| Accenture Managed Security Services | 2.2% |
| Other | 90.6% |
| Type | Title | Date | |
|---|---|---|---|
| Category | Managed Security Services Providers (MSSP) | Jun 22, 2026 | Download |
| Product | Reviews, tips, and advice from real users | Jun 22, 2026 | Download |
| Comparison | Secureworks Taegis Managed XDR / MDR vs Check Point Cloud Firewall (formerly CloudGuard Network Security) | Jun 22, 2026 | Download |
| Comparison | Secureworks Taegis Managed XDR / MDR vs Bugcrowd | Jun 22, 2026 | Download |
| Title | Rating | Mindshare | Recommending | |
|---|---|---|---|---|
| IBM Security QRadar | 4.0 | N/A | 91% | 218 interviewsAdd to research |
| Huntress Managed EDR | 4.6 | N/A | 100% | 60 interviewsAdd to research |
| Company Size | Count |
|---|---|
| Small Business | 5 |
| Midsize Enterprise | 3 |
| Large Enterprise | 2 |
| Company Size | Count |
|---|---|
| Small Business | 122 |
| Midsize Enterprise | 62 |
| Large Enterprise | 132 |
Tailored for advanced security operations, Secureworks Taegis Managed XDR/MDR provides a comprehensive security framework with IDS/IPS capabilities, real-time monitoring, and seamless endpoint control. Users benefit from its integration with platforms like Azure AD and support tools like Microsoft 365 and Carbon Black. Machine learning detectors and the ability to quarantine threats effectively underline its efficiency, while the human touch in support is a significant draw. While its GUI for ticket resolution and log integration could improve, its high-fidelity alerts and rapid response form an essential part of threat management. Updates to its query language, reporting, and AI integration are areas of potential growth.
What are the key features of Secureworks Taegis Managed XDR/MDR?In healthcare, finance, and other industries, Secureworks Taegis Managed XDR/MDR provides essential services like threat detection, vulnerability management, and risk mitigation. It facilitates secure operations by serving as a central hub for network traffic analysis, antivirus scans, and log monitoring, making it indispensable for robust security infrastructure.
Secureworks Taegis Managed XDR / MDR was previously known as Secureworks Red Cloak Managed Detection and Response, Dell Secureworks, SecureWorks Taegis Managed TDR.
RICOH, Owens and Minor
| Author info | Rating | Review Summary |
|---|---|---|
| VP International Business and Alliances at a tech services company with 51-200 employees | 5.0 | We use Secureworks Taegis Managed XDR/MDR for threat detection and response, finding it valuable due to its quick response and automatic maintenance. While no major improvements are needed, AI integration could enhance the product further. It offers a strong ROI. |
| IT Manager at a comms service provider with 201-500 employees | 3.5 | I was impressed with Secureworks Taegis Managed XDR/MDR for its real-time monitoring feature. While the deployment process could be improved, as RedCloak agents require a manual uninstall, Taegis itself functions well and integrates via Intune. |
| Account Manager at a computer software company with 51-200 employees | 4.0 | We use Secureworks Taegis Managed XDR/MDR to monitor Microsoft 365 environments, appreciating its fast alerting. While the incident retainer can feel inefficient, it offers good support integration. Overall, we've seen a positive ROI with this tool. |
| Senior Security Specialist at Sopra | 3.0 | Secureworks Taegis Managed XDR offers valuable features for EDR, such as easily isolating affected machines to prevent malware spread. However, its query language, stability, and pricing need improvement. No alternative solutions were previously considered or mentioned. |
| Systems Administrator at a tech services company with 501-1,000 employees | 3.5 | We use SecureWorks Taegis XDR for antivirus and vulnerability management, benefiting from its decent threat intelligence and integration with Azure AD. However, their next-gen antivirus was underdeveloped, causing issues, so we continue using Carbon Black and RedCloak. |
| Solutions Architect at QDS | 5.0 | I use Secureworks Taegis Managed XDR for risk mitigation and security analysis. The standout feature is the responsive human support team. Integration with older systems could improve. We switched from Sophos Endpoint Protection, believing Secureworks is the future of security. |
| Solutions Architect at a computer software company with 51-200 employees | 4.0 | I found Secureworks Red Cloak MDR's initial setup and deployment very straightforward. It has been really good, with no known issues so far, which leads me to rate it an eight out of ten, though I'm still learning its full capabilities. |
| Cyber security manager at Apparel | 3.5 | I find Secureworks Red Cloak offers good visibility and noise reduction for detection and response. However, it needs tamper protection to prevent agent removal and improved agent reliability, as agents sometimes fail to activate after reboots, risking event capture. |
| Systems Administrator at a tech services company with 501-1,000 employees | 3.5 | We use Secureworks Taegis Managed XDR for vulnerability management. Its key benefit is assisting us by filtering alerts, providing only actionable items due to our lack of a full SOC. However, integration with Carbon Black sensor needs improvement, specifically in extracting forensic data. |
| Pre-Sales Engineer at a computer software company with 501-1,000 employees | 4.5 | We use Secureworks Taegis Managed XDR/MDR for threat detection, leveraging its machine learning and AI features for high-fidelity alerts. While the platform is valuable, it could improve integration with third-party solutions. Overall, the detection capabilities are impressive. |
Positive
We were actually pretty impressed with it. The big issue that we had as a company was we were only really alerted to high and critical alerts. Anything below that was more or less on us.
The solution definitely made us way more aware of the possibilities out there. They have a good team, not really the date; it was more of the SecureWorks, the RedCloak agent, and stuff, but they helped us with a vulnerability issue that we had with some Citrix clients a few years ago.
The most valuable feature is real-time monitoring, the real-time component.
The deployment could definitely be improved. We still have some of the RedCloak agents. They don't have a remote-controlled uninstall. You have to manually connect to every machine to remove it. Taegis, that's not an issue with Taegis. Taegis actually does work that way. You can remove it. We push it out from Intune. But the RedCloak has tied it even after supposedly running the uninstall; it's still there.
In future releases, if Taegis could come with bundled AV. It would be a great feature, which was actually one of the reasons why we moved to CrowdStrike because of the bundled solution.
We used this solution just for the last year because, before that, we were using RedCloak agents.
I would rate the stability a five out of ten. We did have people who complained about resource usage, but they always did that.
I would rate the scalability of the solution a seven out of ten.
The customer service and support are good.
Positive
We've been using SecureWorks for a while, but just actually switched over to CrowdStrike. We had it, the information assurance guy who has since left the company was the main user and monitor of any of the alerts or anything.
The initial setup was easy. However, RedCloak needed a lot of manual interaction on endpoints.
I did just more doing the installations and stuff, not monitoring it.
The price is kind of on par. The licensing was comparable to other solutions. It's not particularly high or low.
I would recommend using the solution. Overall, I would rate the solution a seven out of ten.
We use it across multiple customers to monitor Microsoft 365 environments. It helps us collect security logs from endpoints using the Red Glove agent.
Additionally, we use this solution as a security operations center and MDR provider, allowing us to keep a watchful eye on our IT environment and promptly alert us in the event of a security incident.
Secureworks Taegis ManagedXDR provides fast response and alerting when incidents arise. They also engage in proactive threat hunting, actively examining our customer environment on a monthly basis for specific indicators of compromise. This ensures our safety.
The most valuable feature is the fast alerting and response time. Their near real-time capabilities are truly invaluable.
With SecureWorks, we have an incident retainer. So if there's an event, they bring in people to handle a formal incident, and we have a certain amount of hours we can use. Sometimes, it feels like they're milking the retainer a little bit. They tend to involve people who don't necessarily need to be part of the incident or call it for false positives now and then. It hasn't cost us anything, so it's just a minor issue. We've never exceeded our retainer amount. But, it seems a little bit inefficient sometimes.
Secureworks's support integration is really nice. Secureworks's integrations are quite good. So, in future releases, reporting could be a little bit better in terms of what has happened, but we're able to get what we need out of it. It's just that it's not as far along as it could be.
I have been working with this solution since 2017. In 2017, we were using the older version of SecureWorks. We migrated to Taegis XDR in 2019.
Stability is excellent. We haven't had any problems, even when it was on-premise back in 2017.
The solution is extremely scalable. They're one of the industry leaders, so I'd put them right at the top.
The initial setup is not difficult. Again, SecureWorks's support team is very helpful. They have established deployment processes. It's a little bit more complex than Red Canary, but not by a drastic amount.
When it comes to the deployment model, there's a bit of a mix there. I support multiple customers, and I have one that's on SecureWorks on-premise. However, the Taegis XDR platform is fully cloud-based. It's not an on-premise piece.
I have definitely seen an ROI. It's a great tool. It definitely helps the security teams.
The price is not great, not terrible. It would be nice if it were a little more affordable. I'd probably have a few more customers using it.
We're pretty satisfied with the solution. I'd advise on the front end, to make sure you engage well with your customer experience manager to learn the platform. Just make sure you're able to take advantage of everything it has to offer.
It's a powerful tool, and if you don't make the time to learn it, you'll be missing out on functionality. Overall, I would rate the solution an eight out of ten.
The product has valuable features for the EDR section. We can easily isolate affected machines in the network. It helps us prevent the spreading of malware or ransomware further.
Secureworks Taegis ManagedXDR's query language and stability need improvement. Additionally, its price could be better as well.
We have been using Secureworks Taegis ManagedXDR for two months.
I rate Secureworks Taegis ManagedXDR's stability a six out of ten.
The initial setup process is customer-friendly. We can refer to documentation in case of queries.
Secureworks Taegis ManagedXDR is very expensive and could be more cost-effective.
I rate Secureworks Taegis ManagedXDR a six out of ten. I advise others to learn the query language for the product. It is essential to understand analytics detection rules.
We're using Carbon Black through SecureWorks for antivirus and RedCloak agent for endpoint telemetry. We also use the SecureWorks XDR for vulnerability management.
Securworks' threat intel seems pretty decent, and they integrate with several solutions we have, such as Azure AD, so all our Microsoft 365 stuff is covered.
We did a PoC of their next-gen antivirus product, but it wasn't ready yet. It was underdeveloped and caused a lot of issues. We'd like to move away from Carbon Black, but they said that it's probably still not to a point where we'd be happy with it. Carbon Black and RedCloak seem to work fine for us.
I have used Secureworks for nearly a year.
We haven't had many issues except for their NGAV solution.
I rate Dell support seven out of 10. We have a customer success manager, a threat hunter, and a sales rep. They've given us some documentation on how to do stuff, but their customer success team has some room for improvement.
Neutral
Setting up SecureWorks was straightforward overall, but rolling out their sensors was a headache. We still aren't fully deployed on all the endpoints. It's been a very manual process.
I rate Dell SecureWorks seven out of 10. They're not terrible, but we feel like we could probably do better with a different vendor.
The use cases include risk mitigation and analysis of the security for security reasons to protect the data. It's basically a security solution. It's an XDR. Like detection and response, that is the main reason.
The most valuable feature is the support. The support chat. It's always connecting to people. And you open the chat, and it's not about that automated response. It's actually a human being that responds to you, and they are always available. That's the biggest feature, actually, to the support team.
The integration would look better with other products, with other EDRs, with other firewalls, with other older versions of firewalls, and the versions of software and hardware.
Then, basically, it's compatibility. For example, having an old infrastructure and deploying SecureWorks can sometimes be a hassle. So, that's an area of improvement.
I have been using this solution for two years now.
Once it's up and running, it won't have any bugs, and it won't affect anything. It's pretty much stable if it's configured correctly.
There are around 150 end users using this solution in our company. We have also deployed it on much bigger customers. Like, they had 12,000 users.
The customer service and support are pretty good. The response aspect is really good.
Positive
We used Sophos Endpoint Protection. We opted for Secureworks because, here in the company, we believe that it's the future of security.
On a scale of one to ten, it's eight out of ten, where one is difficult, and ten is easy to deploy.
Sometimes the deployment has to be fast when you do the active directory deployment, where it deploys on all the devices, but sometimes, it just takes more time when you have to do it device by device. One can take more than one day if you have a big infrastructure.
I worked on the deployment, and the deployment itself is pretty easy if everything is ready.
If the prerequisites are set, and firewall rules are set, it will be so easy to deploy.
It is worth the money. It is expensive but there is no better product than this.
I would recommend using this solution if you have the money to do it. Overall, I would rate the solution a ten out of ten because Secureworks's team comes weekly, and they tell us what gaps we have in the network and what something happened. Maybe there's a critical error, they come to it's the response, basically. It's the response.
My client selected Secureworks Red Cloak MDR. I can't tell you why they chose this one over another solution. We presented two different solutions: Secureworks and Splunk, and they made the selection. They chose the one they felt more familiar with. My guess is probably the dashboard was better so that if and when they get queries, it was something that they were more familiar with. I know Splunk, so I'd have probably gone the other way, but that's just because it's what I know.
In terms of what could be improved, I really don't have anything to add to that. The client probably has a perspective on that but I don't.
I didn't deal with all aspects, just the set up, implementation and the tuning. But when it gets into what the licensing was and the cost, I wasn't involved, so I don't have any feedback on that.
In regards to maintaining the SIM, Dell does all of that. We were involved in helping them get the feed scan, helping them get set up, helping them do vendor selection. That was all when it came to the SIM. We have a lot more going on, other elements, but Dell provided a lot of those other services and we didn't have to get involved in that.
In terms of scalability, we didn't scale it very large. We're three business units, 13 sites, and around 2,500 users, so not a real huge company. I assume it's more scalable than that. It's not something we're concerned about here, and even with growth or percent growth, I didn't sense that there's any limitation on that. I would be surprised if we're anywhere near where we'd be concerned about scalability with them.
The initial setup was very straight forward.
In terms of ROI, I'd be surprised if there is any investment return on the SIM. They had no SIM before, so there's reputation and security and that they need to adhere to some kind of a framework. So they are moving that way.
On a scale of one to ten, I'd rate Secureworks Red Cloak MDR an eight, because it's been really good. I don't know everything about it yet.
The deployment was easy. We just put on some of the end points, so we're still talking about what's going on there. But to my knowledge, there's been no issues with it. It has a good reputation, so I don't really have a lot of insight to give you detailed feedback.
We are using it for detection and response and alerting and monitoring. We have its latest version.
It provides more visibility and more control over endpoints. It reduces the noise. It clears things and only shows things that are really important. It only shows those things that need to be looked at or need to be investigated further. Other similar solutions give you a lot of alerts and other things, but Secureworks gives you a defined or less noisy view so that you can work or focus on things that are important in terms of investigation, response, and remediation.
Tamper-proofing or tamper protection is still pending in Secureworks. Tamper protection will make it more secure. If I'm an admin of a device, I can uninstall an agent without the knowledge of the security or Secureworks admin. If someone gets hold of one endpoint with admin credentials, he can remove anything, and an organization will lose visibility.
They need to work on providing more visibility across endpoints. A couple of times it has happened that the cloak agent is there, but it did not get activated, or there were some issues. The machine was restarted, but the cloak agent didn't run. In such cases, you have to troubleshoot. It is a big issue if a cyber attack is happening, and your machine is rebooted, but the events are not captured.
I have been using this solution for three to four months.
It has been stable so far. We have been using this solution for only three to four months.
It is scalable. Currently, we are just doing the POC and evaluating it. We have around 50 endpoints and four or five admin users. Its usage and expansion will depend on the performance and the compatibility with the existing infrastructure.
I have not seen a need for technical support. I didn't require technical support.
Its installation is quick and easy. If you are a new customer, you just need to create an instance. It is easy and smooth. The cloud deployment takes five to ten minutes.
I have installed it myself, and I have also got support from other team members.
The Red Cloak agent is free.
I am evaluating a couple of options.
I would recommend this solution. I would rate Secureworks Red Cloak MDR a seven out of ten.
We use ManagedXDR for vulnerability management.
We don't have a full SOC, so it's helpful to have them sifting through our alerts and only bringing actionable items to us.
The integration with the Carbon Black sensor could be better. ManagedXDR doesn't seem to know how to extract the forensic data from an endpoint that was quarantined by Carbon Black.
It's a hybrid environment. Secureworks' environment is entirely in the cloud, but we have some on-prem components like vulnerability scanners. We had to set up VMs for those and launch them.
After deployment, we maintain the vulnerability scanners and endpoints. We also need to configure the proactive response playbooks. Secureworks wasn't very helpful in getting those set up either.
I rate Secureworks Taegis ManagedXDR seven out of 10.
We provide monitoring services. We sit on top of our HDR platform and monitor 24/7.
Our primary use case of this solution is for threat detection. We collect the data from the endpoint network and the cloud applications. We then provide high-fidelity alerts.
The most valuable features of Dell Secureworks are the machine learning and the artificial intelligence detectors. There are some patent pending detectors within the platform that provides a lot of value.
Dell Secureworks could improve its integration with other third-party solutions.
I have been working with Dell Secureworks for nine months.
The solution is very stable.
Dell Secureworks is very scalable. We have customers with over 300,000 employees using the solution.
Customer service and support is very helpful. They are technical people.
The initial setup of Dell Secureworks is pretty easy. The implementation can be completed in less than a month.
The pricing of Dell Secureworks is very reasonable. Licensing costs depend on the number of devices, workstations, servers, and laptops. Firewalls and routers are not considered in the pricing. The data is ingested free of cost.
My advice to anyone looking to implement this solution into their organization would be to not compare product to product, but rather service to service.
Overall, I would rate Dell Secureworks a nine out of ten.
