Cisco SecureX [EOL] vs Microsoft Defender XDR comparison

Cisco and Microsoft are both solutions in the Extended Detection and Response (XDR) category. Additionally, 100% of Cisco users are willing to recommend the solution, compared to 97% of Microsoft users who would recommend it.

Cisco SecureX [EOL]

Read 13 Cisco SecureX [EOL] reviews

100% willing to recommend

Microsoft Defender XDR

Read 101 Microsoft Defender XDR reviews

7,162 Views
5,585 Comparison Views

97% willing to recommend

Cisco SecureX [EOL]

Microsoft Defender XDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Apr 20, 2025

SecureX and Microsoft Defender XDR compete in the cybersecurity category, offering diverse integration and threat analysis capabilities. SecureX has an edge in integration capabilities beyond its native products, while Microsoft Defender XDR stands out for its compatibility within the Microsoft ecosystem and robust endpoint protection.

Features: SecureX provides a user-friendly dashboard that integrates third-party security feeds and products, facilitating comprehensive visibility and threat hunting. Its integrations ensure a unified security experience across different solutions. Microsoft Defender XDR offers strong integration with Microsoft products, providing advanced threat protection features, especially in email and endpoint security, with deep insights into Windows environments.

Room for Improvement: SecureX could improve its automation and orchestration capabilities, streamline reporting processes, expand integration options, and enhance documentation. Microsoft Defender XDR needs a more intuitive user interface, streamlined licensing policies, better integration with non-Microsoft products, and enhanced industry-specific threat intelligence. Both solutions require speed and efficiency improvements in incident handling, with unique technical area enhancements needed.

Ease of Deployment and Customer Service: SecureX offers free integration with Cisco products and is known for its ease of setup, although technical support quality can vary. Microsoft's Defender XDR supports diverse cloud environments but is challenged by licensing and support responsiveness. Both have extensive support resources, with Cisco noted for its quick response times.

Pricing and ROI: SecureX is cost-effective, especially for Cisco users, often free and suitable for organizations seeking seamless integration with Cisco products. Microsoft Defender XDR, priced higher, justifies costs with extensive capabilities in Microsoft ecosystems. SecureX demonstrates significant ROI by enhancing efficiency, while Microsoft's costs may deter smaller organizations, although comprehensive E5 licensing covers extensive features.

To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: May 2025).

Buyer's Guide

Extended Detection and Response (XDR)

May 2025

Download the complete report

Helped 850,671 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco SecureX [EOL]

Average Rating

9.0

Reviews Sentiment

8.2

Number of Reviews

Ranking in other categories

No ranking in other categories

Microsoft Defender XDR

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

101

Ranking in other categories

Endpoint Detection and Response (EDR) (5th), Extended Detection and Response (XDR) (4th), Microsoft Security Suite (3rd)

Featured Reviews

Alon K

CTO & VP of Cyber Solutions, Israel at Rockwell Automation

Gives our customers visibility and they don't have to go multiple management consoles anymore

One of the examples is related to forensics. The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever. With just one click you have information from email, from the endpoint, from the web. Let's say that tomorrow morning, you have a ransom[ware] attack in your organization and you would like to know from which email it came, or where the customer saved the file, even though the incident didn't occur at the same moment. With SecureX, you have Cisco Threat Response inside. [With] one click, you get all of the flow. That's amazing value. That also releases resources for our customers. The customers don't have to connect many systems and try to register the event on each system, or to go to the SIEM and do a correlation. That's the one-stop shop for the customers, and that's amazing.

Read full review

Gabor Nyerd

Enterprise mobility and security evangelist at a financial services firm with 5,001-10,000 employees

Includes four services and four products, which can help organizations a lot

We found that sometimes integrations work, but testing them can take some time. Sometimes, configurations take much longer than expected. We have a configuration in place that needs to be synchronized with another server. However, the servers are four hours apart, so this can cause delays. In general, I believe that the time it takes to configure and test a service should be shorter. Sometimes, it can take a couple of hours to test a single configuration setting. Other times, it is only ten or fifteen minutes, which is normal. However, sometimes, even immediate actions can be triggered by configuration changes, and some settings can take up to eight hours to complete. I believe that this time can be improved. Microsoft is making a lot of improvements to its services in a short period of time. This is a good thing, as it means that the services are constantly being updated and improved. However, it can be challenging for customers to keep up with the changes. For example, a customer may read about an update, understand it, and share it with their colleagues and boss. However, it may take days or weeks to test the update and get the necessary approvals. This can be especially challenging for large customers with many users or machines. In some cases, Microsoft may change a service before the customer has had a chance to implement the previous update. This can be frustrating for customers, as it means that they have to constantly learn new things and adjust their workflows. On the one hand, it is important for Microsoft to keep updating and improving its services. This helps to ensure that the services are meeting the customers' needs and that they are staying ahead of the competition. Microsoft should also be mindful of the challenges that these changes can create for customers. One way to address this challenge is to provide customers with more time to implement changes. Microsoft could also provide more information about upcoming changes so that customers can plan ahead. Ultimately, Microsoft needs to strike a balance between keeping its services up-to-date and providing customers with a smooth transition to new features.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The automation and orchestration tools are the most valuable features."

"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."

"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."

"SecureX enables us to have all the threat intelligence and threat event data in one place."

"It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place."

"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."

"The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem."

"The most beneficial feature of Cisco SecureX for cybersecurity efforts is its integration with other Cisco solutions and the environment. This sets it apart, as its APIs and overall integration capabilities are very strong. Additionally, its detection capabilities are commendable."

More Cisco SecureX [EOL] pros

"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."

"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."

"The summarization of emails is a valuable feature."

"What I like most about the product is its all-in-one solution. With Microsoft Defender XDR, we get coverage for various aspects like endpoint security, cloud security, and image-related cases, all within a single platform. This eliminates the need for multiple products or technical controls to address incidents. The main benefit became evident immediately after deployment, especially in its ability to analyze files and phishing emails quickly. By submitting suspicious files or emails, we receive quick results on whether they are legitimate, suspicious, or malicious, saving time."

"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."

"Microsoft Defender is stable."

"The integration, visibility, vulnerability management, and device identification are valuable."

"Vulnerability assessment and just-in-time access are some valuable features of Defender for server plans."

More Microsoft Defender XDR pros

Cons

"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."

"The automation and orchestration could be simpler. It could be that all the other parts are that easy to use so that these stick out as a negative, but that's the trickiest part for us. The workflows within the orchestration are just a bit more difficult."

"They could expand into more areas. The more third-parties that we have tied into it, the better. The capabilities are there. As they just continue to involve the product, the more things that you can look into, then the more analytics that you can get. Also, the more data that we can get, then the better off we will be."

"I'm not sure that I would call it a bug, but sometimes the solution is a little slow."

"Enhancing automation capabilities could further improve the product."

"The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved."

"One of the improvements the product needs is more integration with collaboration platforms."

"They could put in more third-party [integrations]... also more playbooks, out-of-the-box, for automation [would be helpful]."

More Cisco SecureX [EOL] cons

"There could be a way to proactively monitor unusual activity ."

"Microsoft support is not very good. You get stuck in low-level support for way longer than you should, instead of them escalating the issue up the chain."

"At times, there may be delays in the execution of certain actions and their effects."

"It would be beneficial to reduce the number of clicks required to navigate between blades, as the current navigation and breadcrumb system can be a bit confusing."

"This solution could be improved if it included features such as those offered by Malwarebytes."

"The initial time spent setting up and configuring Defender XDR is a bit longer than the other solutions. If everything were on one portal, the platforms for managing policies or alerts would be simpler. We must automate and manage policies on Intune rather than the same portal."

"Microsoft could improve on threat hunting and build more on threat detection and handling. The cybersecurity and cloud security posture features are a bit lesser than standard security products."

"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."

More Microsoft Defender XDR cons

Pricing and Cost Advice

"The product is absolutely free to any customer. As such, the only thing one must keep in mind is that as long as he already has one Cisco security product, irregardless of what that product is, SecureX is available for free."

"It comes free with all Cisco products. So, it is a good price."

"The pricing is competitive, especially for education institutions. Licensing can be a little bit difficult to navigate, especially with resellers with Cisco, but for us it has been pretty easy."

"Cisco SecureX is more expensive than Trend Micro. However, considering the integration capabilities with other solutions and the quality of technical support, I believe there's justification for the price difference."

"The pricing is the best part of this solution. It is free if you buy Umbrella or Duo Security. It is also a good solution."

"It is free. It can't get any better than that."

"For the value you get, the pricing of the solution is excellent."

"You can spend less money for another solution, but if you really want to have a good solution you have to pay. We are happy that we are getting such a good solution for what we are spending."

More Cisco SecureX [EOL] pricing and cost advice

"Purchasing Microsoft Defender XDR as part of a Microsoft 365 bundle can be cost-effective, but acquiring it as a standalone product may be more expensive."

"The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."

"Microsoft Defender XDR is expensive."

"It has consistently offered highly appealing academic pricing, with distinct rates for higher education and general educational purposes."

"The bundling of software makes it easier to manage our setup, but Microsoft purposefully obfuscates this through marketing ploys to hide costs."

"The pricing of Microsoft 365 Defender is definitely on the costly side, but with the features and services that Microsoft provides, such as the seamless integration of all the Defender tools, while the price is on the higher side, there is no alternative."

"Microsoft Defender XDR is already included in our Office 365 licensing. It is better because we're saving money by using it."

"Defender plan 1 is tenant-wise, and Defender plan 2 is per-user, which makes it more expensive. To have certain features, you would need to purchase the E5 license. For all of the capabilities that the tool provides, the price, though it can be high, is fair."

More Microsoft Defender XDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

850,671 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

36%

Financial Services Firm

Manufacturing Company

Government

Computer Software Company

17%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Ask a question

Earn 20 points

What do you like most about Microsoft 365 Defender?

Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.

See all answers

What is your experience regarding pricing and costs for Microsoft 365 Defender?

Licensing is somewhat confusing, particularly when presenting our pitch decks to stakeholders and leveraging key features in premium SKUs, but we managed with some assistance from Microsoft.

See all answers

What needs improvement with Microsoft 365 Defender?

There is nothing I can think of at the moment that needs improvement. I am a contractor and finishing up soon, so I haven't encountered any issues requiring enhancements.

See all answers

Comparisons

Cisco Secure Network Analytics vs Cisco SecureX [EOL]

Compared 48% of the time

More Cisco SecureX [EOL] Competitors

CrowdStrike Falcon vs Microsoft Defender XDR

Compared 18% of the time

Wazuh vs Microsoft Defender XDR

Compared 10% of the time

Microsoft Defender for Cloud vs Microsoft Defender XDR

Compared 10% of the time

Trend Vision One vs Microsoft Defender XDR

Compared 5% of the time

Microsoft Purview Compliance Manager vs Microsoft Defender XDR

Compared 5% of the time

More Microsoft Defender XDR Competitors

Product Reports

Buyer's Guide

Cisco SecureX [EOL]

May 2025

Download Cisco SecureX [EOL] product report

Buyer's Guide

Microsoft Defender XDR

April 2025

Download Microsoft Defender XDR product report

Also Known As

Kenna.AppSec, Kenna.VI

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender

Overview

Cisco SecureX is an integrated security platform that connects the breadth of Cisco's integrated security portfolio and the customer's infrastructure to create a consistent experience. The solution unifies visibility, enables automation, and strengthens your security across network, endpoints, cloud, and applications. Cisco SecureX is embedded within every Cisco Security product and supports integrations with SIEM and SOAR, so customers will not need to replace any solution or worry about layering on new technology.

Cisco SecureX Features

Cisco SecureX has many valuable key features. Some of the most useful ones include:

Unified overview: Cisco SecureX offers key metrics on transactions and threats for network, endpoints, cloud and applications. In addition, the SecureX interface is integrated into all Cisco Security technologies.

Automation and an increase in operational efficiency: With Cisco SecureX, you gain better automation of workflows for products of the Cisco Security portfolio and third parties, allowing you to focus on other more important tasks. By eliminating manual work (through automatic identification of threats using analytical data of Cisco Talos and other sources), the solution helps your organization save a significant amount of time.

Security strengthening: Cisco SecureX makes it easy to compare analytical data from a set of various sources with the telemetry received from network, endpoints, e-mail, cloud, and third-party products.

Cisco SecureX Benefits

Some of the benefits of using Cisco SecureX include:

Secure every business endeavor with an open, integrated platform that has out-of-the-box interoperability and scales to meet security needs.

Advance your security maturity level using existing resources.

Turn security from a blocker into an enabler. Cisco SecureX allows you to add new security capabilities for the threat landscape.

Maximize your operational efficiency, helping you get the most from your security investments.

Reviews from Real Users

Below are some reviews and helpful feedback written by Cisco SecureX users.

PeerSpot user Wouter H., Technical Team Lead Network & Security at Missing Piece BV, shares several reasons why he thinks the solution is fantastic. In his opinion, “SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together. If an email is received on a machine and malware is being executed, it can be put into lockdown mode. The fact that you can have a single solution that combines endpoint intelligence with email intelligence, firewalls, and publicly available intelligence is really helpful. Also, SecureX provides us with contextual awareness throughout our security ecosystem. Before SecureX, things that were not possible, or that would take days, now literally take seconds to find out.

Michal S., Infrastructure Engineer at a media company, says, “SecureX provides many measurements and has a really good dashboard. Working with it you are able to see things very clearly and you have every detail on a single display. That saves us money and time.” He also adds, “It brings all our data into a central point. It also shows us many data connections between many of our environments. SecureX gives you really good information about potential risks. You are able to find the source of a risk, a potential risk from a user or a machine.”

Blair A., Technology Director at Shawnee Heights USD #450, explains, "One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."

Cisco

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Microsoft

Sample Customers

NHS, Rackspace, UNC Pembroke, University of North Carolina at Charlotte, Missing Piece

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.

Buyer's Guide

Extended Detection and Response (XDR)

May 2025

Download Free Report

Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR). Updated: May 2025.

DOWNLOAD NOW

850,671 professionals have used our research since 2012.

See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.