"The most valuable feature of Microsoft Defender for Cloud Apps is to stop shadow IT."
"The ability to prevent users from using certain applications is one of the most valuable features. It doesn't require any configuration for implementation from the client perspective. It just works right away and gives you the information you need."
"Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool."
"If your business requirements are relatively simple, it can get the job done."
"I like the web GUI/the management interface. I also like the security of Microsoft. As compared to other manufacturers, it's less complex and easy to understand and work with."
"It is very easy to use, which is what we look for in these types of solutions."
"It's very easy to install and it includes the Intune portal from Microsoft where I can control all the devices from one place."
"The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows MCAS to apply policies with SharePoint, Teams, and OneDrive is being used predominantly."
"One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."
"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."
"It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place."
"The ability to create firewalls online has been most valuable including the ability to create rules."
"The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem."
"The automation and orchestration tools are the most valuable features."
"The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever."
"SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together."
"The most valuable feature is that you can select remote access of any machine for sandboxing."
"It integrates well into the environment."
"One of the main benefits of the solution is its intelligence to correlate the events into an incident."
"Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
"I've found the solution to be highly scalable for enterprises."
"Best solution for avoiding security breaches, malware attacks, and other kinds of security issues."
"The behavior-based detection feature is valuable."
"The integrations are out-of-the-box, as are the playbooks."
"This service would be better if it had a separate license, only for this service, that could be used to track usage."
"Microsoft Defender for Cloud Apps' initial setup was quite technical but we were prepared. The time of the implementation depends on the job and how many users are being set up."
"I believe it's only set to be integrated with Microsoft Defender for identity and identity protection. I would like to see it available for use with something like Office 365 Defender. I don't think it's integrated with that yet."
"I would like to see them include more features in the older licenses. There are some features that are not available, such as preventing or analyzing cloud attacks."
"I want them to enhance in-session policy."
"The integration with macOS operating systems needs to be better."
"We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility."
"The response time could be better. It will be helpful if the alerts are even more proactive and we can see more data. Currently, the data is a little bit weak. It is not complete. I can't just see it and completely know which user or which device it is. It takes some effort and time on my part to investigate and isolate a user. It would be great if it is more user-friendly or easy for people to understand."
"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."
"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"If they could make the Cisco Umbrella piece a little bit more advanced or easier to manage, that would help. We use it for filtering and when you compare it to a normal content filter, it lacks some functionality."
"what's missing right now is the multi-tenant capability."
"They could expand into more areas. The more third-parties that we have tied into it, the better. The capabilities are there. As they just continue to involve the product, the more things that you can look into, then the more analytics that you can get. Also, the more data that we can get, then the better off we will be."
"They could put in more third-party [integrations]... also more playbooks, out-of-the-box, for automation [would be helpful]."
"I'm not sure that I would call it a bug, but sometimes the solution is a little slow."
"Remediation stuff could be integrated into the product's automation."
"The dashboard could use some significant improvement, just making it more useful with more information. It has a limited amount of information right now. It is customizable, but I'd love to see a better out-of-box dashboard."
"It's not an ideal choice for smaller businesses, as you need a minimum of 200 endpoints to even use the solution at all."
"The setup is quite easy. We had appropriate support from the manager. One thing that was missing was the integration part."
"Cortex does not offer an on-premises solution. However, some customers would prefer not to be on the cloud. It would be ideal if it could offer something on-prem as well."
"In an upcoming release, the solution could improve by proving hard disk encryption. If it could support this it would be a complete solution."
"There are a large number of false positives."
"It would be better if they could educate the customers more. Some sort of seminars and roadshows will help educate the customers and show what the product can do. The price could be better. It would also help if they had a team for deployment and support."
"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cisco SecureX is ranked 5th in Extended Detection and Response (XDR) with 10 reviews while Cortex XDR by Palo Alto Networks is ranked 1st in Extended Detection and Response (XDR) with 46 reviews. Cisco SecureX is rated 9.0, while Cortex XDR by Palo Alto Networks is rated 8.2. The top reviewer of Cisco SecureX writes "Combines multiple sources of security intelligence, making it easy to correlate events in our environment with those outside of it". On the other hand, the top reviewer of Cortex XDR by Palo Alto Networks writes "Easy to set up, reliable, and always scanning". Cisco SecureX is most compared with Fortinet FortiSOAR, Splunk Phantom, Microsoft 365 Defender, Trend Micro XDR and Microsoft Defender for Cloud, whereas Cortex XDR by Palo Alto Networks is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, Symantec Endpoint Security and Check Point Harmony Endpoint. See our Cisco SecureX vs. Cortex XDR by Palo Alto Networks report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
