We performed a comparison between Cisco SecureX and Elastic Security based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"Microsoft 365 Defender is simple to upgrade."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"The threat intelligence is excellent."
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem."
"The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever."
"One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."
"SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together."
"It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place."
"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."
"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."
"The most beneficial feature of Cisco SecureX for cybersecurity efforts is its integration with other Cisco solutions and the environment. This sets it apart, as its APIs and overall integration capabilities are very strong. Additionally, its detection capabilities are commendable."
"The most valuable feature is the ability to collect authentication information from service providers."
"The most valuable feature is the speed, as it responds in a very short time."
"The most valuable features of Elastic Security are it is open-source and provides a high level of security."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"The cost is reasonable. It's not overly pricey."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"The solution does not offer a unified response and standard data."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"If they could make the Cisco Umbrella piece a little bit more advanced or easier to manage, that would help. We use it for filtering and when you compare it to a normal content filter, it lacks some functionality."
"I'm not sure that I would call it a bug, but sometimes the solution is a little slow."
"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."
"They could put in more third-party [integrations]... also more playbooks, out-of-the-box, for automation [would be helpful]."
"Remediation stuff could be integrated into the product's automation."
"The automation and orchestration could be simpler. It could be that all the other parts are that easy to use so that these stick out as a negative, but that's the trickiest part for us. The workflows within the orchestration are just a bit more difficult."
"One of the improvements the product needs is more integration with collaboration platforms."
"what's missing right now is the multi-tenant capability."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"One limitation of Elastic Security is that it does not have built-in workflows for all tasks. For example, if you need a workflow for compliance, you will need to create a custom workflow."
Cisco SecureX is ranked 14th in Extended Detection and Response (XDR) with 13 reviews while Elastic Security is ranked 7th in Extended Detection and Response (XDR) with 58 reviews. Cisco SecureX is rated 9.0, while Elastic Security is rated 7.6. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". Cisco SecureX is most compared with Cortex XDR by Palo Alto Networks, Trend Vision One, Splunk SOAR, Cisco Secure Network Analytics and Fortinet FortiSOAR, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.