Secureworks Taegis Managed XDR / MDR Reviews

The product has valuable features for the EDR section. We can easily isolate affected machines in the network. It helps us prevent the spreading of malware or ransomware further.

Secureworks Taegis ManagedXDR's query language and stability need improvement. Additionally, its price could be better as well.

We use it across multiple customers to monitor Microsoft 365 environments. It helps us collect security logs from endpoints using the Red Glove agent. 

Additionally, we use this solution as a security operations center and MDR provider, allowing us to keep a watchful eye on our IT environment and promptly alert us in the event of a security incident.

Secureworks Taegis ManagedXDR provides fast response and alerting when incidents arise. They also engage in proactive threat hunting, actively examining our customer environment on a monthly basis for specific indicators of compromise. This ensures our safety.

We were actually pretty impressed with it. The big issue that we had as a company was we were only really alerted to high and critical alerts. Anything below that was more or less on us.

The solution definitely made us way more aware of the possibilities out there. They have a good team, not really the date; it was more of the SecureWorks, the RedCloak agent, and stuff, but they helped us with a vulnerability issue that we had with some Citrix clients a few years ago.

We are using it for detection and response and alerting and monitoring. We have its latest version.

It provides more visibility and more control over endpoints. It reduces the noise. It clears things and only shows things that are really important. It only shows those things that need to be looked at or need to be investigated further. Other similar solutions give you a lot of alerts and other things, but Secureworks gives you a defined or less noisy view so that you can work or focus on things that are important in terms of investigation, response, and remediation.

The use cases include risk mitigation and analysis of the security for security reasons to protect the data. It's basically a security solution. It's an XDR. Like detection and response, that is the main reason.

The most valuable feature is the support. The support chat. It's always connecting to people. And you open the chat, and it's not about that automated response. It's actually a human being that responds to you, and they are always available. That's the biggest feature, actually, to the support team.

We're using Carbon Black through SecureWorks for antivirus and RedCloak agent for endpoint telemetry. We also use the SecureWorks XDR for vulnerability management.

Securworks' threat intel seems pretty decent, and they integrate with several solutions we have, such as Azure AD, so all our Microsoft 365 stuff is covered. 

My client selected Secureworks Red Cloak MDR. I can't tell you why they chose this one over another solution. We presented two different solutions: Secureworks and Splunk, and they made the selection. They chose the one they felt more familiar with. My guess is probably the dashboard was better so that if and when they get queries, it was something that they were more familiar with. I know Splunk, so I'd have probably gone the other way, but that's just because it's what I know.

In terms of what could be improved, I really don't have anything to add to that. The client probably has a perspective on that but I don't.

I didn't deal with all aspects, just the set up, implementation and the tuning. But when it gets into what the licensing was and the cost, I wasn't involved, so I don't have any feedback on that.