Secureworks Taegis XDR offers cutting-edge extended detection and response capabilities to enhance cybersecurity efforts. It effectively integrates and analyzes comprehensive data to provide actionable insights for threat identification and mitigation.
| Product | Mindshare (%) |
|---|---|
| Secureworks Taegis XDR | 1.3% |
| CrowdStrike Falcon | 9.2% |
| SentinelOne Singularity Endpoint | 6.0% |
| Other | 83.5% |
Secureworks Taegis XDR consolidates security data, thus enabling organizations to detect and respond to threats more efficiently. Its integrated approach allows for seamless correlation across data sources, enhancing the ability to identify threats quickly and accurately. Best suited for enterprises seeking comprehensive threat detection and response, it helps in simplifying and strengthening security operations by broadening the coverage and context of threats.
What are the key features of Secureworks Taegis XDR?In industries such as finance, healthcare, and technology, Secureworks Taegis XDR is implemented to address sector-specific cybersecurity challenges. Its tailored solutions cater to the dynamic and sensitive nature of data protection in these fields, ensuring compliance while providing robust threat defense mechanisms.
Secureworks Taegis XDR was previously known as Secureworks Taegis NDR.
| Author info | Rating | Review Summary |
|---|---|---|
| Assistant Manager IT at PDS Multinational | 4.5 | I use Secureworks Taegis XDR to secure our network and like its NDR, zero-day protection, and monitoring interface. Deployment was easy and cost-effective, with excellent support. I haven’t seen weaknesses, but I’d like more features and AI. |
| Cyber Security Analyst at a financial services firm with 11-50 employees | 4.5 | I use Secureworks Taegis XDR as my SOC, ingesting logs for advanced analytics and AI-driven detection. It integrates well, saves significant time by correlating logs, and has greatly improved our detection rates, making it very reliable. |
| SOC Analyst at a consultancy with 1,001-5,000 employees | 4.5 | I use Secureworks Taegis XDR primarily for efficient alert triage and investigations, finding its auto-triage and AI capabilities very helpful and user-friendly. While I appreciate its stability, I'd like improved navigation and data source visibility. It's a reliable 9/10 solution. |
| WPS Security Engineer at a tech services company with 201-500 employees | 3.0 | We used Secureworks Taegis XDR primarily as a secondary alerting system, but encountered limitations with its detection capabilities, including challenges with customized detection, log parsing rules, and importing Syslog data, resulting in a visibility gap. |
| Senior Manager, Services at International Turnkey Systems - ITS | 4.0 | I find Secureworks Taegis XDR to be a comprehensive solution from a SOC perspective, effectively covering all cybersecurity aspects on a single platform. |
I use Secureworks Taegis XDR within my organization primarily to secure our network infrastructure so that none can access our servers and our devices in the LAN portion.
I appreciate that they introduced the NDR feature and zero-day protection in this product.
The running interface is good enough; I can see the web traffic, web monitor, and application monitor traffic here, so it is adequate for now.
Till now, I have not seen any weak point that needs to be improved in Secureworks Taegis XDR.
I think that since the technology is becoming upgraded, it will be good for Sophos to include more features in future updates of this solution.
Secureworks Taegis XDR is a good product, but it should include AI technology.
I have been working with Sophos for three years, and before that I was working in network-related roles with other devices, including Cisco devices and Chinese Huawei devices such as Huawei routers and Huawei switches.
Till now, we are just using the firewall and not any other devices for analytics tools in this product.
I have not integrated any third-party tools in our network involvement, so there are no issues during integration.
They are very helpful regarding technical support of Sophos.
I can definitely give a rating of 10 for the support because I always receive prompt service from them.
Positive
In our country, we have an authorized vendor from Sophos, and we are purchasing Sophos devices from them.
I say it is easy to deploy Secureworks Taegis XDR.
Two people should be good to complete the implementation.
It requires a couple of days to configure it, then a couple of days to test the scenario, such as what will be the outcome if I deploy the firewall in a running environment and running infrastructure, what will be the output?
The entire deployment took that long.
Definitely, Secureworks Taegis XDR is cost effective for the long run since the product is at a lower cost rather than other brands.
I think Sophos product is comparatively the best price rather than other brands when considering the licensing cost for Secureworks Taegis XDR.
I have not worked yet with product Sophos Labs Intellex.
I have not worked with Sophos Cybersecurity as a service.
I have not used the threat hunting feature of Secureworks Taegis XDR.
I have not used customizable workflows in Secureworks Taegis XDR.
My overall review rating for this product is 8.5.
My main use case for Secureworks Taegis XDR is ingesting logs from all our resources, so we're using it as a SOC.
For example, in our SOC operations, we ingest logs from all our security providers; let's take an example of a firewall using Fortinet. We ingest all the firewall logs to Secureworks Taegis XDR, which then reviews these logs, picks up any malicious activity or abnormalities in the events, and notifies us.
The main purpose of using Secureworks Taegis XDR is as a SOC, and we have playbooks and connectors that help us with remediating risks with the endpoints; it also integrates with the antivirus, which is CrowdStrike. Secureworks Taegis XDR helps us to detect and remediate any vulnerabilities.
In my experience, the best features Secureworks Taegis XDR offers include advanced analytics, which provides an in-depth overview of incidents or events. In case an incident happens, we can go to Secureworks Taegis XDR, check all the logs, as it ingests and correlates all logs and gives us recommendations. It now has AI, which helps with recommended steps we need to take regarding incidents, and the Dell team is always available to look into and investigate incidents when we are unavailable or it's out of office hours.
Regarding features, integration stands out; Secureworks Taegis XDR is integrated with major antivirus security platforms such as CrowdStrike, so it ingests every log from CrowdStrike. If CrowdStrike misses anything, we're confident that Secureworks Taegis XDR will pick it up, automatically creating a ticket and informing us. In critical situations or out of office hours, we get notified or receive a call from the Secureworks Taegis XDR team. It's a very popular and helpful platform for reviewing logs, significantly reducing manpower. Going through all the logs to find abnormalities is very time-consuming, but Secureworks Taegis XDR does it for us, which is the main advantage.
Secureworks Taegis XDR has positively impacted our organization by improving detection rates and reducing our time; as I mentioned, it saves us from manually going through all the logs, which is not practical. Instead, Secureworks Taegis XDR correlates logs from the different security vendors we use, makes recommendations, and detects any abnormalities in events or issues; this is very time-saving for us.
Since using Secureworks Taegis XDR, our organization has definitely saved time; initially, we were manually going through logs to find abnormalities in events, and if we found any, we had to conduct an in-depth investigation through all platforms. With Secureworks Taegis XDR, all logs are in one place, so we just have to look into it and see what went wrong; it saves a lot of time.
At this point, Secureworks Taegis XDR is doing everything intended, so I don't have any recommendations for improvements.
Regarding Secureworks Taegis XDR's AI capabilities, I don't see any governance and security framework details or governance details within the platform.
If Secureworks Taegis XDR could integrate with more tools such as Jira—although it has a limited current integration—that would be great.
I have been using Secureworks Taegis XDR for about four to five years now.
Secureworks Taegis XDR is very stable.
As our organization grows and adds more devices and data sources, I notice no challenges with Secureworks Taegis XDR handling the increased workload; although we had to make some changes as part of the contract, we are a small organization, so I haven't seen any issues when adding a few devices.
Customer support for Secureworks Taegis XDR is not that bad; they are reachable but not super efficient.
Previously, we didn't use any SOC; we were using CrowdStrike as an antivirus platform, so there was no SOC before Secureworks Taegis XDR.
My advice for others looking into using Secureworks Taegis XDR is that it's very much reliable; you can run it on a public cloud, private cloud, or, as we do, on-premises. It's easy to install and deploy the collectors, and once we start using it, not much maintenance is needed, as all collector updates are managed by the Secureworks Taegis XDR team. We only need to log in, check the logs, and it flags anything wrong or malicious by giving severity ratings to each event or incident, which allows us to prioritize our investigations.
I'm not sure about the pricing, setup cost, and licensing; it's managed by the Head of IT.
Before choosing Secureworks Taegis XDR, I think we evaluated Splunk, but ultimately decided to go with Secureworks Taegis XDR.
Regarding the accuracy and reliability of Secureworks Taegis XDR's AI capabilities, accuracy is above 90-95 percent, and it is very much reliable. I would rate this review a 9 out of 10.
The main use for Secureworks Taegis XDR is to triage alerts from low to critical alerts and analyze and investigate different kinds of alerts from the platform. As a SOC analyst, Secureworks Taegis XDR is helpful to check every detection from the client's environment. It helps the SOC analyst to analyze the specific alert and provide more specific or comprehensive investigation or technical reports to clients.
I investigated a case wherein there was an impossible travel of a user or an account while using Secureworks Taegis XDR. The user logged in from different countries, then another country for the second time of his login. Secureworks Taegis XDR helped me to check which countries the user had logged in from and provided more details such as the time of login, the IP address that the user used, and more.
Secureworks Taegis XDR allows us to check or monitor every data collector we are managing and also the users or the endpoints that we are managing in that platform. We can verify if the endpoints or computers of the company have endpoint sensors installed in their endpoints so that we can ensure that their computers are in a managed asset.
I think the best features of Secureworks Taegis XDR simplify the triaging method for SOC analysts. The SOC analyst can check whether the alert is low, high, or critical. Secureworks Taegis XDR auto-triages the specific alerts, and that is the best feature.
The auto-triage feature of Secureworks Taegis XDR makes my workflow easier and efficient. It helped me to shorten the time of responding to every alert and also make my activities productive. I can manage everything that I need to check every alert and detection. This shortens my time of triaging and investigating numerous alerts.
Following the SLA or Service Level Agreement with the clients, we have plenty of time to deeply investigate or analyze the specific alert since using Secureworks Taegis XDR. Since the triaging reduced or the time of investigating is reduced because of the auto-triage of Secureworks Taegis XDR, this positively changes our point of view of investigating alerts and makes our investigation faster.
We manage a lot of alerts and with Secureworks Taegis XDR, we can scrub and triage or decide if the alerts are false positive or true positive in a faster way.
I suggest that we can check also the data sources of every data collector so that we can be informed of what data source the alerts came from and add that to our investigation.
The efficiency or the smooth navigation of the website or the application can be improved in Secureworks Taegis XDR. We can reduce lag or slow navigation of the tool.
I used Secureworks Taegis XDR last year for about less than a year.
Secureworks Taegis XDR is a bit stable in my experience.
Secureworks Taegis XDR can handle increasing workload for us users.
I had a good experience with Secureworks Taegis XDR customer support. They are reachable and they reply in a prompt manner. I have no problem with them.
I used Trend Micro XDR before using Secureworks Taegis XDR.
I did not really switch from Trend Micro XDR to Secureworks Taegis XDR. I just had the opportunity to go to another company where they use an XDR platform.
Secureworks Taegis XDR has been dependable for me regarding its AI capabilities in terms of accuracy and reliability of its output.
The Taegis XDR AI is helpful to analysts such as myself to check and to be more comprehensive of every detection and alert.
It stands out because it is very comprehensive for users or analysts to learn or to analyze the specific alerts. It is also user-friendly or newbie-friendly. New analysts can understand faster how the triaging and investigating an incident is conducted. What keeps it from being a perfect 10 is the occasional lag issues on the platform.
You can also first try to check their certifications regarding Secureworks Taegis XDR.
My overall review rating for Secureworks Taegis XDR is 9 out of 10.
We used the solution as an XDR platform but primarily as a secondary alerting system and log repository.
Initially, we found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules. This functionality, available in the Cortex XDR platform, wasn't present then. While there might have been changes since then, during our usage, we couldn't easily import or send Syslog data to the platform and could not create custom parsing rules for data recognition and correlation rule alerts. The query builder's functionality could have been more robust, forcing us to create broader exclusions than desired, resulting in a visibility gap due to the inability to make more granular exclusions within the query builder.
I utilized the solution for a year and six months in my previous organization.
The solution is stable. I rate it a nine out of ten.
The solution is scalable. We had it installed on every machine in our company. There were up to 4500 endpoints. I rate the scalability a seven out of ten.
Their technical support typically responded promptly, especially when using the live chat function. They generally met our expectations and provided good incident response timelines.
Positive
The initial setup was straightforward.
The product is good at what it does, but you need to pay attention to what it doesn't do.
I rate Secureworks Taegis XDR a six out of ten.
More from the perspective of SOC to ensure that every endpoint is taken care of from a cybersecurity perspective. It's a complete solution package.
When I go into the portal, I can see how many endpoints are enrolled or how many of them are active in place. I can see the current number of threats that are there in the organization. How many threats have been identified, etc. I can see which endpoint the critical events are coming in from a security aspect.
It covers every single aspect, and it's one single common platform where you can see everything.
I have been using Secureworks Taegis XDR for three years.
The initial setup is straightforward.
The pricing is six out of ten.
I would rate the solution an eight out of ten.
