We performed a comparison between Cisco SecureX and CrowdStrike Falcon based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco SecureX earns high marks for its automated utilities, comprehensive visibility, and seamless integration with external resources. CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Users say Cisco SecureX needs better documentation and integration with on-premises systems. It would also benefit by expanding its compatibility with third-party solutions. CrowdStrike Falcon could benefit from adding a sandbox feature and more detailed firewall management options.
Service and Support: Some users describe Cisco support as dependable and efficient, while others noted a decline in quality due to personnel changes. CrowdStrike Falcon's customer service is considered prompt and helpful.
Ease of Deployment: Setting up Cisco SecureX is generally considered to be straightforward in cloud environments, but it requires more effort to integrate the solution with on-premise products. CrowdStrike Falcon's setup is considered to be simple and efficient, with deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable.
Pricing: A few users said Cisco SecureX’s price could be lower, given that it is included for free with certain Cisco products. Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive.
ROI: Cisco SecureX provides a positive ROI by speeding up detection and resolution. It also decreases workloads through automation and proactive information gathering. CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the need for onsite servers.
Comparison Results: Our users prefer CrowdStrike Falcon over Cisco SecureX. Users particularly commend CrowdStrike Falcon for its efficient resource utilization, accurate threat detection, and robust defense against cyberattacks. They also value its seamless integration capabilities and user-friendly interface. Cisco SecureX users reported challenges with on-prem integration and observed a need for more third-party integration.
"Microsoft 365 Defender is a stable solution."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"The visibility into threats that 365 Defender provides is really good. You get a full review of your security system and what can be improved. In the Microsoft 365 Defender portal the first page gives you a really big summary of which security policies you are following and what can be improved."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem."
"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."
"The ability to create firewalls online has been most valuable including the ability to create rules."
"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."
"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."
"SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together."
"The automation and orchestration tools are the most valuable features."
"SecureX enables us to have all the threat intelligence and threat event data in one place."
"The detection and response console is the most valuable feature."
"It has definitely minimized resources. When everything was on-prem, there was a lot more work maintaining it. One of the big value tickets: I don't have lists of hundreds of exceptions for certain applications that I have to maintain, add, delete, and move. The very nature of the product has lessened my workload considerably."
"From what we have seen, it is very scalable. We have recently acquired a company where someone had a ransomware attack when we joined networks. Within the course of just a few days, we were able to easily get CrowdStrike rolled out to about 300 machines. That also included the removal of that company's legacy anti-malware tool."
"I like the Overwatch feature the most."
"Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue."
"I like the dashboard nature of it. Everything is clickable, linkable, and information is easy to obtain and find. How it presents that information is probably the biggest win as far as the information correlation aspect. The presentation of it is very good."
"The stability is good; we haven't experienced any glitches or bugs."
"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"The tool gives inconsistent answers and crashes a lot."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved."
"They could put in more third-party [integrations]... also more playbooks, out-of-the-box, for automation [would be helpful]."
"One of the improvements the product needs is more integration with collaboration platforms."
"The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive."
"Enhancing automation capabilities could further improve the product."
"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"Remediation stuff could be integrated into the product's automation."
"The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial."
"The Integration with tools, SOC tools, could be better."
"Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement. Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data. In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network."
"If we have a dashboard capability to uninstall agents, I think that would be great."
"I would also like to see the endpoint firewall component produce some level of logging and feedback."
"The portal can be clunky to navigate at times and has room for improvement."
"We can't do scanning audits or device blocking or application control."
"This solution could be improved with greater scope for admins to make changes to the solution."
"We'd like to see more integration capabilities."
Cisco SecureX is ranked 12th in Extended Detection and Response (XDR) with 13 reviews while CrowdStrike Falcon is ranked 2nd in Extended Detection and Response (XDR) with 105 reviews. Cisco SecureX is rated 9.0, while CrowdStrike Falcon is rated 8.8. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". Cisco SecureX is most compared with Cortex XDR by Palo Alto Networks, Trend Vision One, Splunk SOAR, Cisco Secure Network Analytics and Fortinet FortiSOAR, whereas CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Trend Vision One. See our Cisco SecureX vs. CrowdStrike Falcon report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
