Try our new research platform with insights from 80,000+ expert users
Cisco XDR Logo

Cisco XDR Reviews

Vendor: Cisco
4.4 out of 5
Leave a review

What is Cisco XDR?

Cisco XDR delivers an advanced threat detection and response experience through integration with Cisco's security suite, offering enhanced visibility, intelligence, and automation for network protection and system evaluations.

Get the Extended Detection and Response (XDR) Buyer's Guide and find out what your peers are saying about Cisco XDR, CrowdStrike Falcon, Wazuh and more!
Cisco XDR is the #20 ranked solution in XDR Security products. PeerSpot users give Cisco XDR an average rating of 8.8 out of 10. Cisco XDR is most commonly compared to CrowdStrike Falcon: Cisco XDR vs CrowdStrike Falcon. Cisco XDR is popular among the large enterprise segment, accounting for 54% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 12% of all views.
Buyer's Guide
Extended Detection and Response (XDR)
September 2025
Get the category report
Helped 868,787 peers since 2012

Featured Cisco XDR reviews

Read more reviews

Cisco XDR mindshare

As of October 2025, the mindshare of Cisco XDR in the Extended Detection and Response (XDR) category stands at 2.0%, up from 0.5% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Market Share Distribution
ProductMarket Share (%)
Cisco XDR2.0%
CrowdStrike Falcon12.3%
Wazuh10.2%
Other75.5%
Extended Detection and Response (XDR)
 
 
Key learnings from peers

Valuable Features

Cisco XDR offers threat intelligence and links with Firewall, providing zero-day attack detection through Cisco Meraki integration. Automated response capabilities, robust dashboards, and enhanced network visibility are highlights. It integrates with Cisco's cloud and Splunk for detailed log analysis. Users value its automation tools, reliability, and detailed troubleshooting capabilities. Granularity and clarity in information enhance problem resolution and training simplicity. Its single point of maintenance and workflow automation are praised for time efficiency.
  • "The feature I appreciate the most about Cisco XDR is the reliability."
  • "The feature I appreciate the most about Cisco XDR is the reliability."
  • "I appreciate the granularity of what I get from Cisco XDR the most."

Room for Improvement

Pricing and licensing complexities need enhancement on Cisco XDR. Users report considerable visibility issues due to costly licensing tiers, unlike competitors. Free XDR licenses for testing could mitigate costs. Additionally, users face challenges with the character and observable limits during investigations. Increasing the capacity for handling lists, like blocking multiple domains simultaneously, would simplify tasks. Upfront costs prove burdensome for smaller businesses, impacting their overall experience.
  • "The licensing of Cisco XDR is a bit complicated. The cost can depend on what it is, and the process can be a little complicated."
  • "My only complaint about Cisco XDR is related to licensing, which is complicated."
  • "Cisco XDR can be improved by addressing the upfront cost. Everything matters for us since we're small, mom and pop, so every dollar counts."

Pricing

Many users report that Cisco XDR offers attractive discounts for purchasing multiple products, reducing security costs. However, pricing varies with dollar fluctuations, affecting costs compared to local competitors. The current subscription-based model, available in one, three, or five-year terms, contrasts with prior one-time purchase options. Licensing can be complex and dependent on specific needs, with some preferring the previous non-renewal model.
  • "The licensing of Cisco XDR is a bit complicated. The cost can depend on what it is, and the process can be a little complicated."

Popular Use Cases

Cisco XDR is utilized for endpoint security, integrating with Cisco Firepower Threat Defense and Cisco Meraki. Global customers frequently use it, directly requesting it for integration. SOC analysts use it for incident management and automation, while ISPs employ it for traffic routing and network insights. Internet providers leverage Cisco XDR for managing network devices and data centers, delivering internet services efficiently. It ensures comprehensive security by isolating compromised PCs from networks if required.

Service and Support

Cisco XDR customer service and support receive high praise, often described as helpful and quick to respond. Many rate their experience as excellent, noting that technical support is willing to engage in meetings and work flexibly with clients' schedules. Although minor issues occasionally occur, these do not significantly impact the positive perceptions. High ratings are common, with many attributing scores like nine or ten out of ten.

Deployment

Cisco XDR's initial setup is generally easy, with accessible documentation and guidelines. However, some users encountered integration challenges, facing technical issues and requiring extensive communication with engineers. While the deployment process was smooth, difficulties arose with tool integration and application performance, leading to a gradual resolution. Implementations were facilitated by working with partners such as Net Fabric, making the process easier for users. Participants often found the deployment straightforward, despite some initial challenges.

Stability

Customers describe Cisco XDR as stable and scalable compared to competitors. Initially, users faced significant login and freezing issues for about three months, which were resolved after addressing specific technical problems. Users now report flawless performance. Cisco XDR is characterized as bulletproof if maintained with regular patches and updates. Its reliability is seen as a key benefit.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Extended Detection and Response (XDR) Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews
Computer Software Company
12%
Manufacturing Company
10%
Government
8%
University
6%
Financial Services Firm
6%
Comms Service Provider
6%
Educational Organization
6%
Healthcare Company
5%
Real Estate/Law Firm
4%
Energy/Utilities Company
4%
Retailer
4%
Non Profit
3%
Outsourcing Company
3%
Media Company
3%
Legal Firm
2%
Recreational Facilities/Services Company
2%
Hospitality Company
2%
Construction Company
2%
Performing Arts
2%
Aerospace/Defense Firm
1%
Logistics Company
1%
Non Tech Company
1%
Leisure / Travel Company
1%
Insurance Company
1%
Security Firm
1%
Consumer Goods Company
1%

Compare Cisco XDR with alternative products

Go!

Learn more about Cisco XDR

Cisco XDR integrates with Cisco Meraki and Splunk, excelling in threat intelligence and zero-day attack detection. Its automated response features provide crucial support in managing extensive networks, while the comprehensive log management facilitates detailed troubleshooting. Dashboards assist in system evaluation for effective gap mitigation. Despite its licensing complexity and upfront costs, it remains a key tool for Security Operations Center analysts and internet service providers, helping isolate threats and ensuring consistent security monitoring.

What features make Cisco XDR stand out?
  • Threat Intelligence: Offers robust insights to identify and manage threats.
  • Integration: Seamlessly works with Cisco Meraki and Splunk.
  • Zero-Day Detection: Protects against unknown threats with innovative technology.
  • Automated Response: Automates tasks such as phishing email handling.
  • Comprehensive Log Management: Supports detailed troubleshooting and network visibility.
Which benefits should users look for?
  • Enhanced Network Visibility: Allows for better monitoring and protection.
  • Reduced Downtime: Reliable performance ensures minimal interruptions.
  • Ease of Training: Intuitive tools facilitate rapid adoption.
  • Gap Mitigation: Dashboards provide insights to strengthen system security.

Cisco XDR is widely implemented in sectors requiring robust network management and monitoring. Organizations use it alongside Cisco Firepower Threat Defense and Meraki for comprehensive security measures, benefiting global customers and internet service providers for traffic and routing insights across devices and data centers.

Product Demo

Play interactive demo

Related questions

  • 56
What is the best EDR or XDR product for a company with 9000 employees?
  • 17
When evaluating Extended Detection and Response (XDR), what aspect do you think is the most important to look for?
  • 180
How do you decide about the alert severity in your Security Operations Center (SOC)?
  • 87
Which is better for Endpoint Security: EDR or XDR solutions?
  • 64
What are the main differences between XDR and SIEM?
  • 401
Why is (XDR) Extended Detection and Response important for companies?
  • 40
How do you use the MITRE ATT&CK framework for improving enterprise security?
  • 48
What tools and solutions do you use for automated incident response in an enterprise in 2022?
  • 45
FortiXDR vs Cortex Pro - which is the best?
  • 710
What is Cognitive Cybersecurity and what is it used for?

Product Categories

Product Categories
Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Cisco XDR Logo
CrowdStrike Falcon vs Cisco XDR
Wazuh vs Cisco XDR Logo
Wazuh vs Cisco XDR
Darktrace vs Cisco XDR Logo
Darktrace vs Cisco XDR
SentinelOne Singularity Complete vs Cisco XDR Logo
SentinelOne Singularity Complete vs Cisco XDR
IBM Security QRadar vs Cisco XDR Logo
IBM Security QRadar vs Cisco XDR
Microsoft Defender XDR vs Cisco XDR Logo
Microsoft Defender XDR vs Cisco XDR
Cortex XDR by Palo Alto Networks vs Cisco XDR Logo
Cortex XDR by Palo Alto Networks vs Cisco XDR
Elastic Security vs Cisco XDR Logo
Elastic Security vs Cisco XDR
Trend Vision One vs Cisco XDR Logo
Trend Vision One vs Cisco XDR
Vectra AI vs Cisco XDR Logo
Vectra AI vs Cisco XDR
Rapid7 InsightIDR vs Cisco XDR Logo
Rapid7 InsightIDR vs Cisco XDR
Secureworks Taegis XDR vs Cisco XDR Logo
Secureworks Taegis XDR vs Cisco XDR
FortiXDR vs Cisco XDR Logo
FortiXDR vs Cisco XDR
See all alternatives
 
Cisco XDR Reviews Summary
Author infoRatingReview Summary
SOC Analyst at a educational organization with 501-1,000 employees4.5As a SOC analyst, I use Cisco XDR daily for incident management and automation, especially valuing its automation tool for tasks like quarantining phishing emails. However, the 2,000-character limit on observables hinders efficient domain blocking during investigations.
Network Engineer at BTC Broadband4.5I chose Cisco XDR for its detailed insights and troubleshooting capabilities, crucial for our small ISP. While upfront costs are a concern, its efficiency and affordability, compared to alternatives like FortiGate, provide a significant return on investment.
Core Network Engineer at a comms service provider with 501-1,000 employees4.5I use Cisco XDR for our network devices as an internet provider primarily due to its reliability, which reduces downtime and is easy to train on. Although licensing is complicated, the significant downtime reduction offers a substantial ROI compared to other vendors.
Director -Digital Transformation at Convergence4.0As integrators and resellers, we find Cisco XDR's single point of maintenance and network visibility valuable for global customers. However, limited visibility due to its licensing structure requires costly upgrades, unlike competitors, which is a notable drawback.
Network Security Specialist at a government with 1,001-5,000 employees4.0I have implemented Cisco XDR on 4,000 endpoints, integrating it with Cisco Firepower and Meraki for effective threat detection and response. Although the solution offers excellent integration and intelligence, improvement in pricing and license bundling would enhance its value.