We performed a comparison between SentinelOne Singularity Complete and Cisco SecureX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: SentinelOne Singularity Complete is praised for its dependable threat prevention and ability to reverse ransomware file encryption. Cisco SecureX earns high marks for its automated utilities, comprehensive visibility, and seamless integration with external resources. SentinelOne could improve its automation, machine learning, and AI capabilities while improving reporting and integration. Users say Cisco SecureX needs better documentation and integration with on-premises systems. It would also benefit by expanding its compatibility with third-party solutions.
Service and Support: Customers have been pleased with SentinelOne’s customer service. Reviews highlighted the support team’s responsiveness and efficiency. Some users describe Cisco support as dependable and efficient, while others noted a decline in quality due to personnel changes.
Ease of Deployment: Users find the initial setup for SentinelOne Singularity Complete to be quick and painless, with helpful support from the vendor team. Setting up Cisco SecureX is generally considered to be straightforward in cloud environments, but it requires more effort to integrate the solution with on-premise products.
Pricing: Some reviewers thought SentinelOne Singularity Complete is reasonably priced and competitive, while others say it’s costlier than many alternatives. A few users said Cisco SecureX’s price could be lower, given that it is included for free with certain Cisco products.
ROI: SentinelOne Singularity Complete yields an ROI by saving money and protecting against ransomware attacks. Other users noted its valuable dashboard data and low CapEx requirements. Cisco SecureX provides a positive ROI by speeding up detection and resolution. It also decreases workloads through automation and proactive information gathering.
Comparison Results: SentinelOne Singularity Complete is preferred over Cisco SecureX. Users value SentinelOne's automated threat remediation, detailed event data analysis, and user-friendly interface. Pricing is considered reasonable with a significant ROI, and customer service and support are highly rated. Cisco SecureX users suggest improvements in documentation and integration.
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"The threat intelligence is excellent."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"The product integrates security into one tool instead of having third-party security tools."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"SecureX enables us to have all the threat intelligence and threat event data in one place."
"Integrates well with our existing security infrastructure."
"One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."
"The ability to create firewalls online has been most valuable including the ability to create rules."
"It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place."
"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."
"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."
"The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem."
"I have found the activity timeline and threat analysis to be particularly useful."
"In incidents, SentinelOne's remediation is excellent; we can immediately see if the threat type is dynamic or static."
"The most valuable feature is the quick response to attacks."
"The alerting features are the most valuable. We know that when something goes wrong, we get alerted instantly. That gives us a leg up. Even before the user knows what's happening, we're being alerted to step in and stop anything catastrophic from happening."
"The Storyline feature has significantly affected our incident response time. Originally, what would take us hours, now it takes us several minutes."
"The most valuable features include the agent installation and update processes."
"The autonomous platform is valuable because we can separate false positives and negatives."
"The deep visibility and the ability to perform security investigations and assess our endpoint security posture are the most valuable features."
"The logs could be better."
"The solution does not offer a unified response and standard data."
"Stability could be improved by avoiding frequent changes to the interface."
"We should be able to use the product on devices like Apple, Linux, etc."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive."
"One of the improvements the product needs is more integration with collaboration platforms."
"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial."
"They could expand into more areas. The more third-parties that we have tied into it, the better. The capabilities are there. As they just continue to involve the product, the more things that you can look into, then the more analytics that you can get. Also, the more data that we can get, then the better off we will be."
"If they could make the Cisco Umbrella piece a little bit more advanced or easier to manage, that would help. We use it for filtering and when you compare it to a normal content filter, it lacks some functionality."
"Remediation stuff could be integrated into the product's automation."
"The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved."
"They could add “right click>scan” where most users were trained to do so in handling flash drives."
"They can just continue adding more integrations with these big brands and software security products."
"The solution’s distributed intelligence at the endpoint is pretty effective, but from time to time I see that the agent is not getting the full execution history or command-line parameters. I would estimate the visibility into an endpoint is around 80 percent. There is 20 percent you don't see because, for some reason, the agents don't get all of the information."
"There should be more integration models with different security operations tools or soft tools."
"I would like to see something a little more sophisticated than simply being able to mark a false positive as safe or there's usually just one or two options in certain areas and they're a little rudimentary at this stage."
"We are now using an external monitoring tool to monitor the services of SentinelOne, because apparently they don't have any solution for that. When the SentinelOne agent is down, you can go to the interface and see a mark on SentinelOne that something is not correct or the server needs to be rebooted, but you will not get an alert. You will not be warned that there is an issue with the SentinelOne agent. I have found that a little bit disturbing, because then we need to use a third-party monitoring tool to make sure that all services of SentinelOne are up and running."
"Interoperability with other SentinelOne solutions and other third-party tools is an area where you can run into some issues. Because of the way the agent works, there are sometimes things that are blocked or prevented from happening that are not identified as a threat, and therefore, not alerted in the console. Sometimes, we do have to dig through the logs, run tests, and adjust the whitelisting or exclusions to make sure that other applications will run properly."
"Using the filters takes a little bit of time to get to used to."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Cisco SecureX is ranked 12th in Extended Detection and Response (XDR) with 13 reviews while SentinelOne Singularity Complete is ranked 1st in Extended Detection and Response (XDR) with 176 reviews. Cisco SecureX is rated 9.0, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Cisco SecureX is most compared with Cortex XDR by Palo Alto Networks, Trend Vision One, Splunk SOAR, Cisco Secure Network Analytics and Fortinet FortiSOAR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Datto Endpoint Detection and Response (EDR). See our Cisco SecureX vs. SentinelOne Singularity Complete report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.