IT Central Station is now PeerSpot: Here's why

Secureworks Taegis ManagedXDR OverviewUNIXBusinessApplication

Secureworks Taegis ManagedXDR is #4 ranked solution in MDR Services. PeerSpot users give Secureworks Taegis ManagedXDR an average rating of 7.6 out of 10. Secureworks Taegis ManagedXDR is most commonly compared to CrowdStrike Falcon Complete: Secureworks Taegis ManagedXDR vs CrowdStrike Falcon Complete. Secureworks Taegis ManagedXDR is popular among the large enterprise segment, accounting for 58% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 18% of all views.
Buyer's Guide

Download the Managed Detection and Response (MDR) Buyer's Guide including reviews and more. Updated: July 2022

What is Secureworks Taegis ManagedXDR?

Secureworks Taegis ManagedXDR is a managed detection and response (MDR) tool that combines security analytics software, 24x7 support, threat hunting, and incident response into a standalone product. In a single dashboard, users can see the whole story of their endpoint, network, and cloud activity, making event correlation simple. XDR operationalizes threat intelligence by automatically connecting our threat landscape knowledge with your security telemetry and regularly updated threat intelligence.

Secureworks Taegis ManagedXDR gives your security operations teams more confidence when responding to security problems. Security analysts have additional power to actively examine and proactively look for risks in your environment with features like longer log retention, search query, user-defined reporting, and custom use case support. XDR may easily replace your current SIEM, allowing you to receive actionable insights into malicious activities as well as sophisticated threat detection. This solution provides you with enough business and security context for you to understand an investigation and take appropriate action.

Secureworks Taegis ManagedXDR Features

Secureworks Taegis ManagedXDR has many valuable key features. Some of the most useful ones include:

  • 24/7 service
  • Live chat with experts
  • Interface for collaborative investigation
  • Use of prioritization and threat triage
  • Use of investigation and validation
  • Use of executed containment
  • Use of threat engagement manager 
  • Full access to Taegis advanced analytics
  • Supports cloud, network, and endpoint
  • Supports AWS, Azure, O365
  • Use of applied threat intelligence
  • Use of remote incident response services
  • CTU's global threat hunting and research is ongoing
  • Use of response action execution
  • Access to monthly targeted threat hunting
  • Support provided for integration of third-party data source technologies to ensure coverage across your environment

Secureworks Taegis ManagedXDR Benefits

There are many benefits to implementing Secureworks Taegis ManagedXDR. Some of the biggest advantages the solution offers include:

  • Improve threat detection and response time: Users have access to Secureworks Taegis ManagedXDR’s team of experts, who research and respond to threats on their behalf 24/7. This solution can cut dwell times from the industry average of 111 days to minutes and hours.

  • Industry leader on your side: To safeguard you around the clock, Secureworks Taegis ManagedXDR’s security professionals are supported by 20+ years of security experience and insights from 1,400+ annual IR engagements and their extensive threat research.

  • Reduce cost and operational burden: Save money (413% ROI, according to a Forrester Consulting TEI research) while relieving your employees of the strain and allowing them to focus on strategic projects.

Reviews from Real Users

Secureworks Taegis ManagedXDR stands out among its competitors for a number of reasons. One major reason is its easy deployment.

A Solutions Architect at a computer software company, writes, “The deployment was easy. We just put on some of the end points, so we're still talking about what's going on there. But to my knowledge, there's been no issues with it.”

Secureworks Taegis ManagedXDR was previously known as Secureworks Red Cloak Managed Detection and Response.

Secureworks Taegis ManagedXDR Customers

RICOH, Owens and Minor

Secureworks Taegis ManagedXDR Video

Secureworks Taegis ManagedXDR Pricing Advice

What users are saying about Secureworks Taegis ManagedXDR pricing:
  • "Initially, the cost was going to be something around $160 or $170. And eventually, I think they brought it down to $110 and they also threw in some endpoint protection platforms."
  • "The Red Cloak agent is free."
  • Secureworks Taegis ManagedXDR Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Security Consultant at a consultancy with 51-200 employees
    Consultant
    Top 10
    Good for managing alerts, has great automatic responses, and is flexible with pricing
    Pros and Cons
    • "The pricing is flexible."
    • "Dell Secureworks is for higher-end customers and it's not quite as straightforward to implement or to get up and running as some of the other solutions."

    What is our primary use case?

    We primarily use the solution for log monitoring and network traffic analysis as well as alarming for security events. 

    What is most valuable?

    The solution is great for managing alerts and dealing with them as they arise.

    There are some great automatic responses. It will immediately intervene and block malicious IPs and can quarantine systems. It's very good at keeping our systems safe. 

    The pricing is flexible.

    What needs improvement?

    The solution could work on its simplicity. 

    Dell Secureworks is for higher-end customers and it's not quite as straightforward to implement or to get up and running as some of the other solutions.

    They do provide an engineer for the first few weeks to help you get things implemented, however, there's a lot of bells and whistles with Dell Secureworks. That's a disadvantage for smaller customers. With a lot of the other easier solutions available to smaller customers, you just stick a box in there and set it and forget. With Dell Secureworks it's more hands-on.

    For how long have I used the solution?

    I've been dealing with the solution for two or three years so far. It hasn't been too long.

    Buyer's Guide
    Managed Detection and Response (MDR)
    July 2022
    Find out what your peers are saying about Dell Technologies, CrowdStrike, SentinelOne and others in Managed Detection and Response (MDR). Updated: July 2022.
    622,358 professionals have used our research since 2012.

    How are customer service and support?

    The team sometimes had to wait for alarms to be triggered when we're running tests. We found that it took a while sometimes for the alarm to trigger an incident and then for the engineers to raise the flag. Sometimes there's a lag time and that can be several hours, or even up to a day. They eventually do catch it. It could be faster, however.

    How was the initial setup?

    The initial setup isn't really straightforward. It's quite involved and rather complex as the solution has a lot of bells and whistles. 

    What about the implementation team?

    Dell provides an engineer for the first few weeks to assist with the initial setup.

    What's my experience with pricing, setup cost, and licensing?

    At the end of the day, Dell came down to our budget. Initially, the cost was going to be something around $160 or $170. And eventually, I think they brought it down to $110 and they also threw in some endpoint protection platforms. They threw in some antivirus capabilities as well. We ended up getting a pretty good deal.

    What other advice do I have?

    I'm not sure of which version of the solution we are using.

    While my company doesn't have a relationship with them, our client who went with the Dell solution did have a pretty strong relationship with Dell already. They were able to leverage that relationship, and bought Dell hardware and so on. They were able to get some good people to demo and to discuss the MSSP solution for them.

    It's an internal tool, it was developed internally. My sense is it's still got a ways to go in terms of having a shrink-wrap capability. If you want a shrink-wrap capability, you need to go with something smaller and something that's been out there on the market for a while. Red Cloak is more for internal Dell consultants. 

    Overall, I would rate the solution at an eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Cyber security manager at a retailer with 10,001+ employees
    Real User
    Top 5Leaderboard
    Provides visibility and control, shows only important things, but needs tamper protection and more visibility across endpoints
    Pros and Cons
    • "It provides more visibility and more control over endpoints. It reduces the noise. It clears things and only shows things that are really important. It only shows those things that need to be looked at or need to be investigated further. Other similar solutions give you a lot of alerts and other things, but Secureworks gives you a defined or less noisy view so that you can work or focus on things that are important in terms of investigation, response, and remediation."
    • "Tamper-proofing or tamper protection is still pending in Secureworks. Tamper protection will make it more secure. If I'm an admin of a device, I can uninstall an agent without the knowledge of the security or Secureworks admin. If someone gets hold of one endpoint with admin credentials, he can remove anything, and an organization will lose visibility. They need to work on providing more visibility across endpoints. A couple of times it has happened that the cloak agent is there, but it did not get activated, or there were some issues. The machine was restarted, but the cloak agent didn't run. In such cases, you have to troubleshoot. It is a big issue if a cyber attack is happening, and your machine is rebooted, but the events are not captured."

    What is our primary use case?

    We are using it for detection and response and alerting and monitoring. We have its latest version.

    What is most valuable?

    It provides more visibility and more control over endpoints. It reduces the noise. It clears things and only shows things that are really important. It only shows those things that need to be looked at or need to be investigated further. Other similar solutions give you a lot of alerts and other things, but Secureworks gives you a defined or less noisy view so that you can work or focus on things that are important in terms of investigation, response, and remediation.

    What needs improvement?

    Tamper-proofing or tamper protection is still pending in Secureworks. Tamper protection will make it more secure. If I'm an admin of a device, I can uninstall an agent without the knowledge of the security or Secureworks admin. If someone gets hold of one endpoint with admin credentials, he can remove anything, and an organization will lose visibility. 

    They need to work on providing more visibility across endpoints. A couple of times it has happened that the cloak agent is there, but it did not get activated, or there were some issues. The machine was restarted, but the cloak agent didn't run. In such cases, you have to troubleshoot. It is a big issue if a cyber attack is happening, and your machine is rebooted, but the events are not captured. 

    For how long have I used the solution?

    I have been using this solution for three to four months.

    What do I think about the stability of the solution?

    It has been stable so far. We have been using this solution for only three to four months.

    What do I think about the scalability of the solution?

    It is scalable. Currently, we are just doing the POC and evaluating it. We have around 50 endpoints and four or five admin users. Its usage and expansion will depend on the performance and the compatibility with the existing infrastructure.

    How are customer service and technical support?

    I have not seen a need for technical support. I didn't require technical support.

    How was the initial setup?

    Its installation is quick and easy. If you are a new customer, you just need to create an instance. It is easy and smooth. The cloud deployment takes five to ten minutes.

    What about the implementation team?

    I have installed it myself, and I have also got support from other team members.

    What's my experience with pricing, setup cost, and licensing?

    The Red Cloak agent is free.

    Which other solutions did I evaluate?

    I am evaluating a couple of options.

    What other advice do I have?

    I would recommend this solution. I would rate Secureworks Red Cloak MDR a seven out of ten.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Managed Detection and Response (MDR)
    July 2022
    Find out what your peers are saying about Dell Technologies, CrowdStrike, SentinelOne and others in Managed Detection and Response (MDR). Updated: July 2022.
    622,358 professionals have used our research since 2012.
    Solutions Architect at a computer software company with 51-200 employees
    MSP
    Top 5
    Good reputation with easy setup
    Pros and Cons
    • "The initial setup was very straight forward."
    • "In terms of ROI, I'd be surprised if there is any investment return on the SIM."

    What is most valuable?

    My client selected Secureworks Red Cloak MDR. I can't tell you why they chose this one over another solution. We presented two different solutions: Secureworks and Splunk, and they made the selection. They chose the one they felt more familiar with. My guess is probably the dashboard was better so that if and when they get queries, it was something that they were more familiar with. I know Splunk, so I'd have probably gone the other way, but that's just because it's what I know.

    What needs improvement?

    In terms of what could be improved, I really don't have anything to add to that. The client probably has a perspective on that but I don't.

    I didn't deal with all aspects, just the set up, implementation and the tuning. But when it gets into what the licensing was and the cost, I wasn't involved, so I don't have any feedback on that.

    What do I think about the stability of the solution?

    In regards to maintaining the SIM, Dell does all of that. We were involved in helping them get the feed scan, helping them get set up, helping them do vendor selection. That was all when it came to the SIM. We have a lot more going on, other elements, but Dell provided a lot of those other services and we didn't have to get involved in that.

    What do I think about the scalability of the solution?

    In terms of scalability, we didn't scale it very large. We're three business units, 13 sites, and around 2,500 users, so not a real huge company. I assume it's more scalable than that. It's not something we're concerned about here, and even with growth or percent growth, I didn't sense that there's any limitation on that. I would be surprised if we're anywhere near where we'd be concerned about scalability with them.

    How was the initial setup?

    The initial setup was very straight forward.

    What was our ROI?

    In terms of ROI, I'd be surprised if there is any investment return on the SIM. They had no SIM before, so there's reputation and security and that they need to adhere to some kind of a framework. So they are moving that way.

    What other advice do I have?

    On a scale of one to ten, I'd rate Secureworks Red Cloak MDR an eight, because it's been really good. I don't know everything about it yet.

    The deployment was easy. We just put on some of the end points, so we're still talking about what's going on there. But to my knowledge, there's been no issues with it. It has a good reputation, so I don't really have a lot of insight to give you detailed feedback.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
    PeerSpot user
    Buyer's Guide
    Download our free Managed Detection and Response (MDR) Report and find out what your peers are saying about Dell Technologies, CrowdStrike, SentinelOne, and more!
    Updated: July 2022
    Buyer's Guide
    Download our free Managed Detection and Response (MDR) Report and find out what your peers are saying about Dell Technologies, CrowdStrike, SentinelOne, and more!