We performed a comparison between Cisco SecureX and CrowdStrike Falcon based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco SecureX earns high marks for its automated utilities, comprehensive visibility, and seamless integration with external resources. CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Users say Cisco SecureX needs better documentation and integration with on-premises systems. It would also benefit by expanding its compatibility with third-party solutions. CrowdStrike Falcon could benefit from adding a sandbox feature and more detailed firewall management options.
Service and Support: Some users describe Cisco support as dependable and efficient, while others noted a decline in quality due to personnel changes. CrowdStrike Falcon's customer service is considered prompt and helpful.
Ease of Deployment: Setting up Cisco SecureX is generally considered to be straightforward in cloud environments, but it requires more effort to integrate the solution with on-premise products. CrowdStrike Falcon's setup is considered to be simple and efficient, with deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable.
Pricing: A few users said Cisco SecureX’s price could be lower, given that it is included for free with certain Cisco products. Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive.
ROI: Cisco SecureX provides a positive ROI by speeding up detection and resolution. It also decreases workloads through automation and proactive information gathering. CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the need for onsite servers.
Comparison Results: Our users prefer CrowdStrike Falcon over Cisco SecureX. Users particularly commend CrowdStrike Falcon for its efficient resource utilization, accurate threat detection, and robust defense against cyberattacks. They also value its seamless integration capabilities and user-friendly interface. Cisco SecureX users reported challenges with on-prem integration and observed a need for more third-party integration.
"The product integrates security into one tool instead of having third-party security tools."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"It has great stability."
"The comprehensiveness of Microsoft's threat detection is good."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"SecureX enables us to have all the threat intelligence and threat event data in one place."
"The ability to create firewalls online has been most valuable including the ability to create rules."
"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."
"The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever."
"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."
"The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem."
"SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together."
"The most beneficial feature of Cisco SecureX for cybersecurity efforts is its integration with other Cisco solutions and the environment. This sets it apart, as its APIs and overall integration capabilities are very strong. Additionally, its detection capabilities are commendable."
"The scalability is good."
"The feature that I find to be the most valuable, is being able to look at the system analysis and being able to baseline what is installed on the system."
"The CrowdStrike Falcon agent is very lightweight. Users never complain about their PCs getting stuck and things like that."
"Its integration capability is valuable. It integrates easily with any OS."
"We have seen a reduction to the performance hit to our operating systems."
"The automatic alert feature is the most important feature of the solution."
"CrowdStrike enables the infrastructure managers to visualize all the events and get information about the network."
"The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"The support could be more knowledgable to improve their offering."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."
"The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial."
"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"Enhancing automation capabilities could further improve the product."
"I'm not sure that I would call it a bug, but sometimes the solution is a little slow."
"The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved."
"The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive."
"They could put in more third-party [integrations]... also more playbooks, out-of-the-box, for automation [would be helpful]."
"The dashboard area must be improved. We have integration with Splunk, and we are creating a dashboard there. Their dashboard area must be up to date. It should have more details and more options to create the reports and things like that."
"The Integration with tools, SOC tools, could be better."
"I would also like to see the endpoint firewall component produce some level of logging and feedback."
"CrowdStrike Falcon by itself does not supply in-depth reporting."
"There are some areas where some customers would prefer a different service."
"It is cloud-based, and this does make some weary of the data being held on the cloud. Privacy requirements must be taken into account."
"The portal can be clunky to navigate at times and has room for improvement."
"I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better."
Cisco SecureX is ranked 12th in Extended Detection and Response (XDR) with 13 reviews while CrowdStrike Falcon is ranked 2nd in Extended Detection and Response (XDR) with 104 reviews. Cisco SecureX is rated 9.0, while CrowdStrike Falcon is rated 8.6. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". Cisco SecureX is most compared with Cortex XDR by Palo Alto Networks, Trend Vision One, Splunk SOAR, Cisco Secure Network Analytics and Fortinet FortiSOAR, whereas CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Trend Vision One. See our Cisco SecureX vs. CrowdStrike Falcon report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.