Secureworks Taegis ManagedXDR Reviews

We primarily use the solution for log monitoring and network traffic analysis as well as alarming for security events. 

The solution is great for managing alerts and dealing with them as they arise.

There are some great automatic responses. It will immediately intervene and block malicious IPs and can quarantine systems. It's very good at keeping our systems safe. 

The pricing is flexible.

The solution could work on its simplicity. 

Dell Secureworks is for higher-end customers and it's not quite as straightforward to implement or to get up and running as some of the other solutions.

They do provide an engineer for the first few weeks to help you get things implemented, however, there's a lot of bells and whistles with Dell Secureworks. That's a disadvantage for smaller customers. With a lot of the other easier solutions available to smaller customers, you just stick a box in there and set it and forget. With Dell Secureworks it's more hands-on.

I've been dealing with the solution for two or three years so far. It hasn't been too long.

The team sometimes had to wait for alarms to be triggered when we're running tests. We found that it took a while sometimes for the alarm to trigger an incident and then for the engineers to raise the flag. Sometimes there's a lag time and that can be several hours, or even up to a day. They eventually do catch it. It could be faster, however.

The initial setup isn't really straightforward. It's quite involved and rather complex as the solution has a lot of bells and whistles. 

Dell provides an engineer for the first few weeks to assist with the initial setup.

At the end of the day, Dell came down to our budget. Initially, the cost was going to be something around $160 or $170. And eventually, I think they brought it down to $110 and they also threw in some endpoint protection platforms. They threw in some antivirus capabilities as well. We ended up getting a pretty good deal.

I'm not sure of which version of the solution we are using.

While my company doesn't have a relationship with them, our client who went with the Dell solution did have a pretty strong relationship with Dell already. They were able to leverage that relationship, and bought Dell hardware and so on. They were able to get some good people to demo and to discuss the MSSP solution for them.

It's an internal tool, it was developed internally. My sense is it's still got a ways to go in terms of having a shrink-wrap capability. If you want a shrink-wrap capability, you need to go with something smaller and something that's been out there on the market for a while. Red Cloak is more for internal Dell consultants. 

Overall, I would rate the solution at an eight out of ten.

This solution gathers the information logs from all devices and correlates all the information. It notifies us of any critical events taking place across our networks which has been valuable. 

This solution could be improved with a higher degree of automation such as automated emails, triggers and defining the severity of the cases. It would be beneficial if this solution could predict future outcomes based on what is happening on the servers. There is a degree of automation on the back-end but not the front-end. 

We have used this solution for six months. 

This is a stable solution. 

This is a scalable solution since it is cloud based and not an event based setup. Any product can be added as long as it is supported by the solution. 

We get support for this solution locally and not directly from the Secureworks team. This is a new product and so there are some delays in receiving support when we have contacted the solution's team directly. 

Neutral

The initial setup was straightforward.

The implementation was done in-house but we have used a MSP for feedback, monitoring and SOPs. 

The pricing for this solution is reasonable. One agent costs approximately 270 dirhams/70 USD for one year. There is a reduction in cost per licence as the number of licences used increases. 

The advantage of using this solution is that the setup is done quickly and can be done in-house. This solution is also cheaper compared to others on the market. It has allowed us to integrate compliance and monitoring into our systems. 

I would rate this solution a seven out of ten. 

We use the solution for security.

The solution is a managed service and offers 24/7 SOC capabilities.

The tool’s dashboard could be more user-friendly.

I have been using Secureworks Taegis ManagedXDR for two months.

The initial setup is easy and takes less than ten minutes.

We are looking for CrowdStrike or other EDR solutions.

I recommend the solution.

Overall, I rate the solution a seven out of ten.

We use ManagedXDR for vulnerability management. 

We don't have a full SOC, so it's helpful to have them sifting through our alerts and only bringing actionable items to us.

The integration with the Carbon Black sensor could be better. ManagedXDR doesn't seem to know how to extract the forensic data from an endpoint that was quarantined by Carbon Black. 

It's a hybrid environment. Secureworks' environment is entirely in the cloud, but we have some on-prem components like vulnerability scanners. We had to set up VMs for those and launch them. 

After deployment, we maintain the vulnerability scanners and endpoints. We also need to configure the proactive response playbooks. Secureworks wasn't very helpful in getting those set up either.

I rate Secureworks Taegis ManagedXDR seven out of 10. 

We use Dell Secureworks as our SIEM solution.

The most valuable features are IDS and IPS.

The knowledge base is up to date and easy to use.

Log integration should be improved. If they can add SIEM, the event monitoring, then that would be great.

Scalability is an area that needs to be improved.

In the next release of this solution, I would like to see file integrity monitoring. I also hope that they will provide threat intelligence scripts for free.

I have been using Dell Secureworks for three years.

This is a stable solution.

I would rate the scalability at 50%. We have been having a problem as we are shifting from a previous appliance to a virtual machine. I think that it is an issue of scalability.

Our experience with technical support depends on the problem. Proactive support is good, but if it's something to do with health status then it is a hassle for us to find the correct department. We need to get a direct answer but it can take a lot of time.

The initial setup is straightforward.

I would rate this solution an eight out of ten.

At my last company, which was a small health care operator, I needed to outsource threat management and vulnerability management. And using DSW with Qualys, supported by Palo Alto next-gen firewall worked extremely well for us.

Solved a fundamental problem that lets us all sleep well at night! The service lived up to its reputation as a leader in the space. Not surprisingly, false positives happened, but forced us to register our preferred handling, which were consistently managed per preference going forward.

Support staff is excellent. Staff was always knowledgeable, available and eager to help. It was not unusual that a support person went above and beyond what I expected.

GUI for resolving tickets is terrible. Non-intuitive, offering a dizzying array of options, often none of which made sense even for common problems. I ended up choosing "Other" way more than I should have had to, to categorize an issue resolution.