Cisco XDR serves as the main platform for threat detection and threat response in my organization. We have integrated all of our internal devices including firewalls, servers, EDRs, and endpoints into Cisco XDR. In typical scenarios, we find blacklisted IP communication detected by our firewall, and Cisco XDR blocks these particular attempts made by blacklisted IPs, thereby helping us secure our environment from potential cyber threats. We focus on the alerts generated by Cisco XDR and the threat intelligence reports available on the platform. Our security team reads through those reports and proactively blocks those IPs and the IOCs on our firewall rather than waiting for Cisco XDR to raise an alert about a particular IP or IOC attempting to communicate with the environment. The threat intelligence information available on the platform is quite useful for us to proactively take actions to better secure our environment and reduce our attack surface for potential cyber threats.
Cisco XDR is used for endpoint security, data protection across endpoints, network protection, advanced persistent threat (APT) detection, ransomware attack mitigation, and advanced threat detection. We use Data Loss Prevention (DLP) because it integrates with Cisco Secure Access and Cisco Umbrella, helping to protect sensitive data. Cisco XDR is the extended detection and response solution we have implemented.
SOC Analyst at a educational organization with 501-1,000 employees
Real User
Top 20
Apr 14, 2025
I use Cisco XDR because I'm a SOC analyst. It's something I use every single day. The majority of my work has been in Cisco XDR looking through incidents, reading reports that it gives, and making automations.
We are integrators, and we also resell Cisco XDR ( /products/cisco-xdr-reviews ). Global customers are the primary users of Cisco XDR ( /products/cisco-xdr-reviews ), while local customers often don't request it. For global customers, they directly request Cisco XDR ( /categories/extended-detection-and-response-xdr ) and share all the part codes with us.
Network Security Specialist at General Authority of Customs
Real User
Top 5
Feb 18, 2025
We have four thousand endpoints, and I have installed XDR on these endpoints. They are integrated with Cisco Firepower Threat Defense. XDR can also integrate with Cisco Meraki solutions. Any issue in a PC will send a message to Meraki, the Firewall, and email security systems, ensuring that a PC will be isolated from the network if necessary.
Cisco XDR delivers an advanced threat detection and response experience through integration with Cisco's security suite, offering enhanced visibility, intelligence, and automation for network protection and system evaluations.Cisco XDR integrates with Cisco Meraki and Splunk, excelling in threat intelligence and zero-day attack detection. Its automated response features provide crucial support in managing extensive networks, while the comprehensive log management facilitates detailed...
Cisco XDR serves as the main platform for threat detection and threat response in my organization. We have integrated all of our internal devices including firewalls, servers, EDRs, and endpoints into Cisco XDR. In typical scenarios, we find blacklisted IP communication detected by our firewall, and Cisco XDR blocks these particular attempts made by blacklisted IPs, thereby helping us secure our environment from potential cyber threats. We focus on the alerts generated by Cisco XDR and the threat intelligence reports available on the platform. Our security team reads through those reports and proactively blocks those IPs and the IOCs on our firewall rather than waiting for Cisco XDR to raise an alert about a particular IP or IOC attempting to communicate with the environment. The threat intelligence information available on the platform is quite useful for us to proactively take actions to better secure our environment and reduce our attack surface for potential cyber threats.
Cisco XDR is used for endpoint security, data protection across endpoints, network protection, advanced persistent threat (APT) detection, ransomware attack mitigation, and advanced threat detection. We use Data Loss Prevention (DLP) because it integrates with Cisco Secure Access and Cisco Umbrella, helping to protect sensitive data. Cisco XDR is the extended detection and response solution we have implemented.
As a security consultant, I use multiple SIEM and XDR solutions, so cumulatively, I can say I have used Cisco XDR for around one year.
My primary use case for Cisco XDR is log review from devices, and then doing analytics for quicker responses in the future to security incidents.
We use Cisco XDR for our network devices and data centers, as we are an internet provider. We deliver the internet to customers.
We are a small ISP, and it mainly use it just basically for routing and insights into wherever our traffic goes through.
I use Cisco XDR because I'm a SOC analyst. It's something I use every single day. The majority of my work has been in Cisco XDR looking through incidents, reading reports that it gives, and making automations.
We are integrators, and we also resell Cisco XDR ( /products/cisco-xdr-reviews ). Global customers are the primary users of Cisco XDR ( /products/cisco-xdr-reviews ), while local customers often don't request it. For global customers, they directly request Cisco XDR ( /categories/extended-detection-and-response-xdr ) and share all the part codes with us.
We have four thousand endpoints, and I have installed XDR on these endpoints. They are integrated with Cisco Firepower Threat Defense. XDR can also integrate with Cisco Meraki solutions. Any issue in a PC will send a message to Meraki, the Firewall, and email security systems, ensuring that a PC will be isolated from the network if necessary.