TrustRadius: an HG Insights company

Cisco XDR

Score6.9 out of 10

6 Reviews and Ratings

Learn More

What is Cisco XDR?

A solution to uncover sophisticated attacks and leverage machine learning to prioritize incidents across multiple security controls based on risk score and asset value. Streamlines incident response by simplifying preparation, detection, analysis, containment, eradication, and recovery, which can involve anything from adding a worknote to implementing an automated response.

Categories & Use Cases

Reviews

What users are saying about Cisco XDR.
View all reviews

Loving my Cisco XDR

Incentivized
Jefferson Green
Information Security Analyst in Information Technology at Henrico County (5001-10,000 employees employees)

Use Cases and Deployment Scope

Cisco XDR is my SOC in a box. It simplifies integrations allowing me to have access to multiple streams of data in one place. We use it to enhance our security posture.

Pros

  • Setup
  • Integrates with other products
  • Constantly evolving

Cons

  • It could be more customizable
  • An option for manual incident creation would be of use
  • Better UI for workflows

Return on Investment

  • Immediate value
  • Saves my analysts time
  • AI report generation is a game changer

Alternatives Considered

Cisco Secure Endpoint

Other Software Used

Cisco Secure Endpoint, Cisco Secure Network Analytics, Cisco Firepower 2100 Series

Cisco XDR

Incentivized
Verified User
Engineer in Engineering (10,001+ employees employees)

Use Cases and Deployment Scope

We use Cisco XDR to detect threats and correlate suspicious activities to identify threat actors and where these activities are in the MITR kill chain. We use it for forensics when initiating an incident response team in response to a threat. Our 24/7 SOC leverages it to have visibility.

Pros

  • Providing visibility for threat risks
  • Detecting holes in the network that have vulnerabilites
  • Flagging ddos events and kicking off an incident response

Cons

  • XDR can improve with more integrations
  • XDR can be improved with more programmability for the end user
  • XDR can be improved with more options to mitigate events

Return on Investment

  • XDR helps contain a security incident event to reduce business impact
  • XDR provides real time visibility to alert the business on security risks
  • XDR provides ways to mitigate threats

Alternatives Considered

IBM Security QRadar EDR

Other Software Used

IBM Security QRadar SIEM, Splunk Enterprise, Cisco Firepower 4100 Series

Cisco XDR benefits

Incentivized
Verified User
Engineer in Information Technology (201-500 employees employees)

Use Cases and Deployment Scope

We use Cisco XDR as a central tool in our security platform for centralizing security monitoring and alerting. We have integrated it with about 15 different applications via the native integrations. For about the last 6 months it has been our primary tool for evaluating the impact of security incidents including ones we wouldn't have previously discovered.

Pros

  • Automatic incident summarization
  • Integration with popular third party applications
  • Native support for most Cisco tools

Cons

  • Better integration with Palo Alto firewalls

Return on Investment

  • It has reduced the number of tools we have had to budget for.
  • We were able to replace a third part MDR service with Cisco XDR

Alternatives Considered

Palo Alto Networks Cortex XDR and Stellar Cyber

Other Software Used

CrowdStrike Falcon, Check Point Harmony Email & Office

Cisco XDR Overview

Incentivized
Verified User
C-Level Executive in Sales (201-500 employees employees)

Use Cases and Deployment Scope

We use Cisco XDR solutions as the first line of device protection for our clients. Through Cisco XDR, we can manage and monitor devices and work proactively. In Brazil, the cost and integration of the solution with SIEM tools are still high, and other more affordable solutions compete in the market. Let me know if you'd like any refinements or adjustments!

Pros

  • Visibility
  • Orientation
  • Power to make decision

Cons

  • Automation
  • Integration
  • Visibility

Return on Investment

  • Enhanced and threat detection
  • Operational efficiency
  • Integrations

Alternatives Considered

External User Manager for Microsoft Teams

Other Software Used

Fortinet FortiGate, Aruba ClearPass

Cisco XDR very good IR tool

Incentivized
Florentino Martinez Gragera
IT speialist in Information Technology at EUIPO (1001-5000 employees employees)

Use Cases and Deployment Scope

Cisco XDR is the main tool to manage security incidents and perform IR

Pros

  • Detects malicious trajectory
  • Identifies all the assets involved

Cons

  • Better integration with Splunk

Return on Investment

  • Accelerates incident detection

Alternatives Considered

Cisco Secure Network Analytics

Other Software Used

Cisco Secure Endpoint, Cisco Umbrella

Related Products

Products similar to Cisco XDR that may also meet your needs.
All comparisons
Trend Vision One Endpoint Security
CompareLearn more
Sophos Intercept X
CompareLearn more
CrowdStrike Falcon
CompareLearn more
Palo Alto Networks Advanced Threat Prevention
CompareLearn more
Kaspersky Endpoint Security for Business
CompareLearn more