Cisco Threat Response automates integrations across select Cisco Security products and accelerates key security operations functions: detection, investigation, and remediation. Threat Response integrates threat intelligence from Cisco Talos and third-party sources, which adds context from integrated Cisco Security products automatically so you know instantly which of your systems was targeted and how.
N/A
Microsoft Defender XDR
Score 8.9 out of 10
N/A
Microsoft 365 Defender combines SIEM and XDR capabilities for Microsoft 365 environments, encompassing threat detection, post-breach detection, automated investigation, and response for endpoints. Additionally, it protects cloud apps, emails and documents, and employee identities.
It's well suited with any security operation center. So if someone is doing anything with security, whether it be firewalling, endpoint security whether it be email security, it's certainly suited to any type of security that can roll up security events. So this is a single pane of glass where you can view all your security events. So what it's doing is it's taking all your security silos that have historically been very difficult to manage and it's rolling everything up into one dashboard, so it makes it much easier to manage.
Suit Really in everything, what is modern cloud work especially really if you work in a global company where your IT team is not always operational hour of the business users so that everything is really in the cloud can be managed from everywhere, but we do not access to local resources anymore. That's really a good point. What is always a little bit the pressure point is that general things in cloud things are moving fast so it's always difficult to keep the teams that is using these words up to date
So the product enables end users to get visibility into their security environment, not only across the Cisco products but across the third-party products as well. The product also automates detection and response. So the product really offers end-user efficiency in the security operations center.
The software uses advanced AI and machine learning algorithms to monitor activities and detect any anomalies immediately, protecting our financial data.
Automated responses to known threats reduce the impact of possible incidents and improve our security posture.
Microsoft 365 Defender easily combines with other Microsoft 365 services and external security solutions, providing a complete and unified security solution.
Of course, many companies prefer to obtain security from the cloud; however, not all of them prefer it, which is why having a local implementation would allow these companies to also use said software as their ally for their security.
Working with this software can be simple, that is, any threat can be visualized with greater precision, but when it comes to managing its orchestration, it is a bit complex.
Its integration with other software can be simple but with others it is not, that is why it would be ideal if all of them could be carried out in the same way.
Integrating with a larger number of third party software would be of great help, to further enhance the analysis and detection of threats.
Microsoft 365 Defenders risk assessment and remediation tool can be improved while tackling and preventing the attack.
As there are multiple new attacks are getting discovered to prevent and remediate those attacks the Microsoft 365 Defenders database should be keep updated and ready.
The Microsoft 365 Defenders capability to identify the insider attacker can be improved.
Automate response generated to remediate the attack can be strengthen.
All though most of the features are upto mark, there are certain times where there have been misses to detect spam, phising emails. this might be due to the subject and content of the email being more sophisticated than standard .
Their support throughout our onboarding of the product was fabulous. They not only took the time to carefully explain to teams not as well equipped with the lingo but explained to the tech team how to teach the other teams to be successful. They never once seemed impatient or annoyed with basic questions and didn’t pretend to know something when they needed to research an answer
Microsoft Provides a good training for the Microsoft 365 Defender and has a good learning paths to learn and take the exams and get your Certifications.
seemless and almost transparent. can be deployed by script if needed so every endpoint on our system get's it. if you have intune it gets dumped on the the endpoint by policy so nothing escapes it
A lot of the look and feel of both products is quite similar. There's several best practices on visualization that are followed in both and integration of common telemetry is comfortable and quick. But while Microsoft ATP offers deep insights into mostly the Microsoft environment and a limited view into other common sources, SecureX shines in all the non-client areas Microsoft's product seems lackluster in.
We chose Microsoft Defender XDR for the ability to correlament the dangers in the Microsoft Ecosystem, Strong Automation, and email, Identification, Estruction, Establishment Points and Cloud Apps in the same platform. This gave us the end-to-end visibility without the need to sew several devices simultaneously.
It is a solution that is of great help to reduce threats and their powerful damage, thanks to its high threat identification.
Its workflow automation saves time and money, that is, it makes possible a better performance in the team that handles corporate security because it helps them with the tasks.
By unifying security solutions, it gives the advantage of reducing operating costs and greatly improving responses to threats.
Their analyzes are vital to carry out a quick remediation and thus reduce the time in which the company is under threat.
Cost-Efficiency: Microsoft Defender XDR often proves cost-effective compared to implementing multiple standalone security solutions, consolidating threat detection and response capabilities.
Time Savings: Its centralized dashboard and automated features can save time for security teams, allowing them to focus on critical tasks
