No more typing reviews! Try our Samantha, our new voice AI agent.

Cisco SecureX [EOL] vs Cisco XDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Cisco SecureX [EOL]
Average Rating
9.0
Reviews Sentiment
8.2
Number of Reviews
13
Ranking in other categories
No ranking in other categories
Cisco XDR
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
21
Ranking in other categories
Extended Detection and Response (XDR) (9th)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Alon K - PeerSpot reviewer
CTO & VP of Cyber Solutions, Israel at Rockwell Automation
Gives our customers visibility and they don't have to go multiple management consoles anymore
One of the examples is related to forensics. The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever. With just one click you have information from email, from the endpoint, from the web. Let's say that tomorrow morning, you have a ransom[ware] attack in your organization and you would like to know from which email it came, or where the customer saved the file, even though the incident didn't occur at the same moment. With SecureX, you have Cisco Threat Response inside. [With] one click, you get all of the flow. That's amazing value. That also releases resources for our customers. The customers don't have to connect many systems and try to register the event on each system, or to go to the SIEM and do a correlation. That's the one-stop shop for the customers, and that's amazing.
Fred Parks - PeerSpot reviewer
Senior Systems Consultant at W.C. Bradley Co.
Centralized visibility has transformed incident investigations and now cuts response time dramatically
Workflows could definitely be easier to work with. Workflows are automated tasks that can be kicked off inside of a playbook. When someone is responding to something, they can click a button and it will perform automated tasks for them inside of these other products. The product can actually control the behavior of a firewall and you can write a rule in a firewall from Cisco XDR without having to go into the firewall software. However, if it is not a native workflow automation, it is very difficult to create your own. It is not intuitive and you almost have to be a developer and get really good with the API. This could definitely be improved on, particularly the custom workflow automation. Another thing that could be improved is Cisco documenting how it makes decisions, because there are certain factors or criteria that it uses from the source products. Cisco XDR gets all of its data from the integrations, so if you do not integrate anything, it is not going to do anything. Sometimes in these integration products, such as Secure Network Analytics or Cisco Security Exposure, they could be generating some type of alert and you do not necessarily see that in Cisco XDR. This is because it knows, maybe because of these other products, it is not really a big deal and is not big enough to raise an incident. However, I do not think Cisco does a great job in explaining what those rules are, such as why this happens and how this happens. This can cause some questions and some concern. I think it is doing the right thing, but I think it would be better if they had a rule set to say, based on this data, this is how the product actually works.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Palo Alto is constantly adding new features."
"The main benefit of using Cortex XDR by Palo Alto Networks while employing Palo Alto Firewall at the internet edge is that it improves security on our endpoint devices, integrating seamlessly with Palo Alto Firewalls to deliver comprehensive network, analyst, and security details all in a single dashboard, which allows us to manage everything from our network devices."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly. The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that."
"If you are looking for security, mainly for advanced threat prevention from ransomware and malware attacks, I would recommend Cortex."
"It is easy to use."
"The information the dashboard provides is very clear."
"Stability is one of the features we like the most."
"If management wants to ingest reports at a high level from all of the different products, they would only need one login to SecureX to view this information as opposed to separate logins for each of the integrated products."
"When it comes as a business bundle, we come to customers to provide a one-stop shop, and we provide a return of value on human resources, with an XDR SecureX platform offer that customers love."
"SecureX enables us to have all the threat intelligence and threat event data in one place."
"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."
"SecureX definitely provides us with contextual awareness throughout our security ecosystem, since it allows us to integrate multiple threat intelligence feeds, as well as multiple security appliances and platforms."
"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."
"One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."
"Using SecureX, we can aggregate the data from all our security products, automate many of our tasks that we had to do manually before, save a huge amount of time, and provide many reports about usage of our systems and networks to our leaders and managers to show what we can do to make our security better."
"Cisco XDR has definitely improved our security posture and our visualization, ensuring that we are protected and providing greater visibility for our SOC team."
"The merging of all of that data into one display is probably the best benefit of Cisco XDR."
"The feature I appreciate the most about Cisco XDR is the reliability."
"Cisco XDR has positively impacted our organization by providing faster detection of complex threats, reducing alert fatigue, and giving us better visibility."
"I have seen a measurable ROI after implementing Cisco XDR, as my SOC team reduced manual investigation and triage effort by nearly 40 to 50%, which significantly improved analyst productivity and reduced response time for critical incidents."
"The biggest ROI from Cisco XDR was time savings in the SOC, as we saw triage and investigation time drop by roughly 40 to 50 percent for common incidents because analysts were not manually coordinating alerts across multiple tools anymore."
"One of my favorite features of Cisco XDR is the automation tool, which saves a lot of time because we can craft these automations and workflows."
"My advice for other organizations considering Cisco XDR is that it offers proactive security measures that are really very helpful."
 

Cons

"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
"A little bit more automation would be nice."
"Product might have some bugs."
"There is also no recovery feature; if some endpoint is under attack there must be the possibility of recovering it or restoring it to a normal state."
"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."
"This is a very costly product."
"The solution should force customers to integrate with network traffic to see the full benefits of XDR."
"For Cortex XDR by Palo Alto Networks, if I had to point out improvements, I would say the UI is still somewhat difficult for beginners."
"Sometimes it's a little slow so that is also something Cisco should check."
"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."
"The automation and orchestration could be simpler."
"what's missing right now is the multi-tenant capability."
"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"One of the improvements the product needs is more integration with collaboration platforms."
"The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial."
"They could expand into more areas. The more third-parties that we have tied into it, the better. The capabilities are there. As they just continue to involve the product, the more things that you can look into, then the more analytics that you can get. Also, the more data that we can get, then the better off we will be."
"The licensing of Cisco XDR is a bit complicated. The cost can depend on what it is, and the process can be a little complicated."
"Cisco XDR can be improved in terms of out-of-the-box integrations and standard operating procedures available on the platform where we would not have to refer to documents outside of the platform to integrate."
"One area that needs improvement is the limited visibility due to the licensing structure. For more visibility, customers need the advantage or premier licensing, which involves additional costs."
"Workflows could definitely be easier to work with."
"I could not choose Cisco XDR a perfect score mainly because there is still room for improvement in usability and customization."
"Cisco XDR could improve the UI customization experience."
"Customer support for Cisco XDR is a bit slow in the initial stages, but I believe it has improved nowadays."
"They need to provide better pricing and bundle XDR licenses with products like Meraki solutions or Firepower Threat Defense."
 

Pricing and Cost Advice

"I don't recall what the cost was, but it wasn't really that expensive."
"It's about $55 per license on a yearly basis."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"This is an expensive solution."
"Very costly product."
"It is "expensive" and flexible."
"I am using the Community edition."
"The product is absolutely free to any customer. As such, the only thing one must keep in mind is that as long as he already has one Cisco security product, irregardless of what that product is, SecureX is available for free."
"The pricing is competitive, especially for education institutions. Licensing can be a little bit difficult to navigate, especially with resellers with Cisco, but for us it has been pretty easy."
"For the value you get, the pricing of the solution is excellent."
"It would be nice if they had a different pricing model. Most of our budget for projects goes towards Cisco."
"You can spend less money for another solution, but if you really want to have a good solution you have to pay. We are happy that we are getting such a good solution for what we are spending."
"It is free. It can't get any better than that."
"The pricing is the best part of this solution. It is free if you buy Umbrella or Duo Security. It is also a good solution."
"Cisco SecureX is more expensive than Trend Micro. However, considering the integration capabilities with other solutions and the quality of technical support, I believe there's justification for the price difference."
"The licensing of Cisco XDR is a bit complicated. The cost can depend on what it is, and the process can be a little complicated."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
904,928 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Outsourcing Company
16%
Construction Company
14%
Marketing Services Firm
9%
Computer Software Company
7%
Outsourcing Company
20%
Computer Software Company
9%
Government
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise7
Large Enterprise3
By reviewers
Company SizeCount
Small Business17
Midsize Enterprise9
Large Enterprise4
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
Ask a question
Earn 20 points
What is your experience regarding pricing and costs for Cisco XDR?
The centralized visibility, automation, and reduction in investigation time have provided good operational value for ...
What needs improvement with Cisco XDR?
Cisco XDR could improve the UI customization experience. Some workflows still feel more complex than they need to be,...
What is your primary use case for Cisco XDR?
We mainly use Cisco XDR for centralized threat detection and incident investigation, especially for correlating endpo...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Kenna.AppSec, Kenna.VI
No data available
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
NHS, Rackspace, UNC Pembroke, University of North Carolina at Charlotte, Missing Piece
Information Not Available
Find out what your peers are saying about CrowdStrike, SentinelOne, TrendAI and others in Extended Detection and Response (XDR). Updated: July 2026.
904,928 professionals have used our research since 2012.