Every solution can be improved. That's obvious. They could put in more third-party [integrations]. Unlike other solutions, here you have out-of-the-box support with third-party integrations, for example, with VirusTotal, with Sumo Logic, and AlienVault. But they can always improve themselves and put more and more, including the playbooks.

The automation, not just third-party integration, but also more playbooks, out-of-the-box, for automation [would be helpful].

The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive. There were still some gaps. I think Cloudlock said that it was able to ingest it, but any time we tried to configure it, it didn't actually pull over anything. I think it was just new. You need maturity.

There could be a better effort for the app integration. Some of the integrations were not completely ironed out. It was very new at the time, so the documentation lacked the integration. Some of the services were on-prem and some of the services were cloud-based. The cloud-based integrations were very well done and easy to integrate, and the ones that were generated via on-prem were cumbersome and needed a little bit of ironing out.

They were harder to set up and less consistent with their reporting. One of the main things was that SecureX didn't ingest the entire Cisco product set at the time. It was going under pretty rapid development, so I hoped that would expand, but I haven't had insight into it in the last 11 months.

One of the improvements the product needs is more integration with collaboration platforms. The ability to drive actions and see insights through those collaboration and messaging platforms will be very powerful, and we see that as a feature that our customers would love. I think the key value in SecureX is the integrations. The improvements that we would like to see is those integrations keep coming because they are fantastic.

They could expand into more areas. The more third-parties that we have tied into it, the better. The capabilities are there. As they just continue to involve the product, the more things that you can look into, then the more analytics that you can get. Also, the more data that we can get, then the better off we will be.

The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved. If I want to look up a rule, I want it to be easy and just have the rule displayed instead of having to look through highlighted results. 

I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect.

The automation process with SecureX could be simpler. When we started to use it that was not the easiest part for us.

Sometimes it's a little slow so that is also something Cisco should check. 

They should also work on the reporting.

They have released a lot lately that has continued to give us more insight into what's going on. But if they could make the Cisco Umbrella piece a little bit more advanced or easier to manage, that would help. We use it for filtering and when you compare it to a normal content filter, it lacks some functionality. It's something that we've adapted and continue to use. We see the value that it brings to us.

This is a relatively new offering from Cisco and some time is needed for the evolutionary development of the platform. It's good that there are some third party integrations available and it would be a positive step to see more offered.

I also would like to see a full managed service provider addition to the platform. I would like to see a managed security service provider console just like there is for Cisco Umbrella and Cisco Secure Endpoint.

It is good that it provides information. However, I think that there needs to be more actionable items for us based on the information provided.

Remediation stuff could be integrated into the product's automation.

The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial.

The automation and orchestration could be simpler. It could be that all the other parts are that easy to use so that these stick out as a negative, but that's the trickiest part for us. The workflows within the orchestration are just a bit more difficult. 

What would be really helpful is some sort of library from which you could pull out prefabricated actions. The tools are there to build your own, but it would be nice if there were a library saying, "If you have this and you want to do this, there's some prebuilt stuff here which you can tailor to your own environment." Right now, it's mostly a blank canvas saying, "Take whatever input you want and program your own response."

One area for improvement in SecureX could be additional on-premises options for organizations like ours that require more control over certain aspects of the platform. I also think enhancing automation capabilities could further improve the product.