• Home
  • Cisco SecureX vs. NetWitness XDR

Cisco SecureX vs NetWitness XDR comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Defender XDR
Read 79 Microsoft Defender XDR reviews
6,000 views|4,488 comparisons
97% willing to recommend
Cisco Logo
Cisco SecureX
Read 13 Cisco SecureX reviews
2,736 views|1,144 comparisons
100% willing to recommend
NetWitness Logo
NetWitness XDR
Read 15 NetWitness XDR reviews
506 views|353 comparisons
87% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Cisco SecureX vs. NetWitness XDR
March 2024
Executive Summary
Updated on Jul 8, 2023

We performed a comparison between NetWitness XDR and Cisco SecureX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Features: NetWitness XDR is commended for its prompt threat response, seamless integration capabilities, and user behavior analytics. Cisco SecureX earns high marks for its automated utilities, comprehensive visibility, and seamless integration with external resources. Users say NetWitness XDR could improve its threat intelligence and investigation. Some suggested updates to its reporting engine. Cisco SecureX could offer better documentation and integration with on-premises systems. 

  • Service and Support: NetWitness XDR provides effective 24/7 technical support. While some were satisfied with the response times, others experienced delays of up to 48 hours. Some users describe Cisco support as dependable and efficient, while others noted a decline in quality due to personnel changes.

  • Ease of Deployment: Some users found the initial setup of NetWitness uncomplicated, but others faced challenges. Setting up Cisco SecureX is generally considered to be straightforward in cloud environments, but it requires more effort to integrate the solution with on-premise products.

  • Pricing: The total cost of NetWitness XDR depends on the environment and the number of endpoints. Larger users can receive discounts, but users say the solution might be too pricey for smaller companies. NetWitness XDR provides various licenses, including some that feature premium support. A few users said Cisco SecureX’s price could be lower, given that it is included for free with certain Cisco products.

  • ROI: NetWitness XDR has demonstrated positive outcomes by improving threat detection capabilities and facilitating digital forensics. Cisco SecureX provides a positive ROI by speeding up detection and resolution. It also decreases workloads through automation and proactive information gathering.

Comparison Results: NetWitness XDR is preferred over Cisco SecureX for its prompt threat response, user-friendly interface, integration capabilities, and unified dashboard. NetWitness also offers consistent performance and excellent technical support. Cisco SecureX received mixed feedback about its setup process. Users say SecureX lacks comprehensive documentation and requires enhancements in integration and automation features. 

To learn more, read our detailed Cisco SecureX vs. NetWitness XDR Report (Updated: March 2024).
Download the complete report
770,616 professionals have used our research since 2012.
Featured Review
Dinesh Jaisankar
Helps extend its protection to third-party applications, stops malware attacks, and reduces costs
Microsoft Defender can extend its protection to the third-party applications we use, which is helpful. Microsoft Defender XDR not only helps stop... Read more →
Miguel Angel Rico Paez
We need this solution's visibility into our customers' applications for threat defense
Organizations are afraid of attacks. For example, many companies have an attack once a month. We need this solution's visibility into our... Read more →
Anonymous User
Advanced threat detection undermined by issues with blocking
NetWitness Endpoint has enabled us to detect attacks that bypass the first stage of cybersecurity, like zero-day and advanced attacks.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Microsoft 365 Defender is a good solution and easy to use.""Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment.""The integration with other Microsoft solutions is the most valuable feature.""The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics.""The integration between all the Defender products is the most valuable feature.""All of the security components are valuable including, antiphishing, antispam, and stage three antivirus.""We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing.""The solution is well integrated with applications. It is easy to maintain and administer."

More Microsoft Defender XDR Pros →

"SecureX enables us to have all the threat intelligence and threat event data in one place.""Integrates well with our existing security infrastructure.""SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together.""One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not.""The most beneficial feature of Cisco SecureX for cybersecurity efforts is its integration with other Cisco solutions and the environment. This sets it apart, as its APIs and overall integration capabilities are very strong. Additionally, its detection capabilities are commendable.""The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem.""The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever.""Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."

More Cisco SecureX Pros →

"Technical support is knowledgeable.""The log correlation is good.""The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good.""The interface of this solution is very flexible and easy to use.""NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console.""We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues.""It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users.""Ability to isolate the machine when there are malicious files."

More NetWitness XDR Pros →

Cons
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution.""Since all of our databases are updated and located in the cloud, I would like additional support for this.""Microsoft tends to provide too many features, which makes the solution prone to bugs.""Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation.""The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform.""When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments.""This solution could be improved if it included features such as those offered by Malwarebytes.""The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."

More Microsoft Defender XDR Cons →

"If they could make the Cisco Umbrella piece a little bit more advanced or easier to manage, that would help. We use it for filtering and when you compare it to a normal content filter, it lacks some functionality.""I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect.""The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial.""The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved.""They could put in more third-party [integrations]... also more playbooks, out-of-the-box, for automation [would be helpful].""what's missing right now is the multi-tenant capability.""The automation and orchestration could be simpler. It could be that all the other parts are that easy to use so that these stick out as a negative, but that's the trickiest part for us. The workflows within the orchestration are just a bit more difficult.""For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."

More Cisco SecureX Cons →

"RSA NetWitness Network could improve on integration with non-native application integration.""The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution.""The contamination feature could be improved.""I would like to see Security Orchestration and Response Automation (SOAR) integration.""The initial setup requires a high level of skill.""The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features.""The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge.""When analyzing something, you have to click several times. It requires a lot of effort to find something."

More NetWitness XDR Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "For the value you get, the pricing of the solution is excellent."
  • "You can spend less money for another solution, but if you really want to have a good solution you have to pay. We are happy that we are getting such a good solution for what we are spending."
  • "The pricing is competitive, especially for education institutions. Licensing can be a little bit difficult to navigate, especially with resellers with Cisco, but for us it has been pretty easy."
  • "The product is absolutely free to any customer. As such, the only thing one must keep in mind is that as long as he already has one Cisco security product, irregardless of what that product is, SecureX is available for free."
  • "It comes free with all Cisco products. So, it is a good price."
  • "It would be nice if they had a different pricing model. Most of our budget for projects goes towards Cisco."
  • "The pricing is the best part of this solution. It is free if you buy Umbrella or Duo Security. It is also a good solution."
  • "It is free. It can't get any better than that."

    • More Cisco SecureX Pricing and Cost Advice →

  • "With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
  • "They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."
  • "It is highly scalable. It can be bought based on your requirements."
  • "I do not have any opinion on the pricing or licensing of the product."
  • "The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
  • "It is an expensive product."
  • "The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."
  • "The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."

    • More NetWitness XDR Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    See Recommendations
    770,616 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:The integration, visibility, vulnerability management, and device identification are valuable.
    Read all 39 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:There is the cost of the license, and there is the cost of implementation services. Only by enabling a license for your… more »
    Read all 30 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:The web filtering solution needs to be improved because currently, it is very simple. It is very important. Integrations… more »
    Read all 38 answers   →
    What do you like most about Cisco SecureX?
    Top Answer:Integrates well with our existing security infrastructure.
    Read all 11 answers   →
    What is your experience regarding pricing and costs for Cisco SecureX?
    Top Answer:Cisco SecureX is more expensive than Trend Micro. However, considering the integration capabilities with other solutions… more »
    Read all 9 answers   →
    What needs improvement with Cisco SecureX?
    Top Answer:One area for improvement in SecureX could be additional on-premises options for organizations like ours that require… more »
    Read all 11 answers   →
    What do you like most about NetWitness XDR?
    Top Answer:Technical support is knowledgeable.
    Read all 15 answers   →
    What is your experience regarding pricing and costs for NetWitness XDR?
    Top Answer:The solution is expensive. I'd rate it at a one or two out of five. They need to adjust it to keep up with the… more »
    Read all 10 answers   →
    What needs improvement with NetWitness XDR?
    Top Answer:I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat… more »
    Read all 14 answers   →
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    Kenna.AppSec, Kenna.VI
    RSA ECAT, NetWitness Network
    Learn More
    Microsoft
    Cisco
    NetWitness
    Video Not Available
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Cisco SecureX is an integrated security platform that connects the breadth of Cisco's integrated security portfolio and the customer's infrastructure to create a consistent experience. The solution unifies visibility, enables automation, and strengthens your security across network, endpoints, cloud, and applications. Cisco SecureX is embedded within every Cisco Security product and supports integrations with SIEM and SOAR, so customers will not need to replace any solution or worry about layering on new technology.

    Cisco SecureX Features

    Cisco SecureX has many valuable key features. Some of the most useful ones include:

    • Unified overview: Cisco SecureX offers key metrics on transactions and threats for network, endpoints, cloud and applications. In addition, the SecureX interface is integrated into all Cisco Security technologies.
    • Automation and an increase in operational efficiency: With Cisco SecureX, you gain better automation of workflows for products of the Cisco Security portfolio and third parties, allowing you to focus on other more important tasks. By eliminating manual work (through automatic identification of threats using analytical data of Cisco Talos and other sources), the solution helps your organization save a significant amount of time.
    • Security strengthening: Cisco SecureX makes it easy to compare analytical data from a set of various sources with the telemetry received from network, endpoints, e-mail, cloud, and third-party products.

    Cisco SecureX Benefits

    Some of the benefits of using Cisco SecureX include:

    • Secure every business endeavor with an open, integrated platform that has out-of-the-box interoperability and scales to meet security needs.
    • Advance your security maturity level using existing resources.
    • Turn security from a blocker into an enabler. Cisco SecureX allows you to add new security capabilities for the threat landscape.
    • Maximize your operational efficiency, helping you get the most from your security investments.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Cisco SecureX users.

    PeerSpot user Wouter H., Technical Team Lead Network & Security at Missing Piece BV, shares several reasons why he thinks the solution is fantastic. In his opinion, “SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together. If an email is received on a machine and malware is being executed, it can be put into lockdown mode. The fact that you can have a single solution that combines endpoint intelligence with email intelligence, firewalls, and publicly available intelligence is really helpful. Also, SecureX provides us with contextual awareness throughout our security ecosystem. Before SecureX, things that were not possible, or that would take days, now literally take seconds to find out.

    Michal S., Infrastructure Engineer at a media company, says, “SecureX provides many measurements and has a really good dashboard. Working with it you are able to see things very clearly and you have every detail on a single display. That saves us money and time.” He also adds, “It brings all our data into a central point. It also shows us many data connections between many of our environments. SecureX gives you really good information about potential risks. You are able to find the source of a risk, a potential risk from a user or a machine.”

    Blair A., Technology Director at Shawnee Heights USD #450, explains, "One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."

    Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness XDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    NHS, Rackspace, UNC Pembroke, University of North Carolina at Charlotte, Missing Piece
    ADP, Ameritas, Partners Healthcare
    Top Industries
    REVIEWERS
    Manufacturing Company18%
    Computer Software Company13%
    Financial Services Firm13%
    Government11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    REVIEWERS
    Financial Services Firm20%
    Comms Service Provider20%
    Media Company10%
    Educational Organization10%
    VISITORS READING REVIEWS
    Computer Software Company35%
    Financial Services Firm7%
    Government6%
    Manufacturing Company5%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company15%
    Government8%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise23%
    Large Enterprise34%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    REVIEWERS
    Small Business29%
    Midsize Enterprise50%
    Large Enterprise21%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise14%
    Large Enterprise67%
    REVIEWERS
    Small Business59%
    Midsize Enterprise24%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise15%
    Large Enterprise67%
    Buyer's Guide
    Cisco SecureX vs. NetWitness XDR
    March 2024
    Free Report: Cisco SecureX vs. NetWitness XDR
    Find out what your peers are saying about Cisco SecureX vs. NetWitness XDR and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    770,616 professionals have used our research since 2012.

    Cisco SecureX is ranked 14th in Extended Detection and Response (XDR) with 13 reviews while NetWitness XDR is ranked 17th in Extended Detection and Response (XDR) with 15 reviews. Cisco SecureX is rated 9.0, while NetWitness XDR is rated 8.0. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Cisco SecureX is most compared with Cortex XDR by Palo Alto Networks, Trend Vision One, Splunk SOAR, Cisco Secure Network Analytics and Fortinet FortiSOAR, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint. See our Cisco SecureX vs. NetWitness XDR report.

    See our list of best Extended Detection and Response (XDR) vendors.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.