Try our new research platform with insights from 80,000+ expert users

Cisco SecureX [EOL] vs Trend Vision One comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco SecureX [EOL]
Average Rating
9.0
Reviews Sentiment
8.2
Number of Reviews
13
Ranking in other categories
No ranking in other categories
Trend Vision One
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
69
Ranking in other categories
Endpoint Detection and Response (EDR) (4th), Network Detection and Response (NDR) (3rd), Extended Detection and Response (XDR) (5th), Attack Surface Management (ASM) (2nd), AI-Powered Cybersecurity Platforms (3rd)
 

Featured Reviews

Alon K - PeerSpot reviewer
Gives our customers visibility and they don't have to go multiple management consoles anymore
One of the examples is related to forensics. The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever. With just one click you have information from email, from the endpoint, from the web. Let's say that tomorrow morning, you have a ransom[ware] attack in your organization and you would like to know from which email it came, or where the customer saved the file, even though the incident didn't occur at the same moment. With SecureX, you have Cisco Threat Response inside. [With] one click, you get all of the flow. That's amazing value. That also releases resources for our customers. The customers don't have to connect many systems and try to register the event on each system, or to go to the SIEM and do a correlation. That's the one-stop shop for the customers, and that's amazing.
DavidBowman - PeerSpot reviewer
It improves the detection speed, but it could be more customizable
They need to stop changing Vision One once a week. They're in a hurry to change things so badly and so fast that I can't find where stuff is half the time, which is a challenge sometimes. I've given one piece of feedback to their product guys. One thing that they're trying to make is a SIEM. It's a product where you input all the logs from your tools, and it creates additional insights into how things look. They've been kind of playing the "me too" game on that, even though that's not what I bought the product for. They have a new gateway where I can take my firewall of email logs and send it over there. In theory, it's supposed to do a more comprehensive evaluation of all my stuff to improve that risk index score. I'm not impressed with it, and I've told them as much. I feel if you're good at something, you should keep working on that and not try to be all the things to all the people. I bought a different email solution even though it would have been 10 times easier to just stay with their email solution because they aren't great at it. They are great at other things, but they're playing the "me too" game with some of their products. Their competitors do this, so they should be doing this, too. They need to pick a product and keep being good at that. If they're going to roll new things out, they should do it but do it right. They have a button to isolate an endpoint because it looks bad, but it doesn't usually work. I've had no chance to argue with the product guys to show them examples of how their button doesn't work. You think it does, but it doesn't work in a real environment. That can be a challenge sometimes. I can see in the data showing what is a false positive. But it doesn't save me time helping them figure out how to fix the problem in their engine. It can help me identify it as a false positive, but it doesn't apply that consistently. It will ignore the false positive for that device, but if they start detecting a false positive on Apple devices, I have eight thousand Apple devices and get 8,000 alerts. I can tell that specific false positive, but it doesn't learn from that particularly well. We use the executive dashboards, but I don't find them particularly useful. One is the ability to customize. That has gotten a little better, and it'll be better in the future. Most of what they have on there are data points that are generic and not particularly actionable. That's why it's called an executive dashboard. Executives want to see if we are secure, but it's hard for me to find out why our attack surface risk went down by x percentage. I don't know. It says that on the dashboard, but it doesn't give me specific details about why. I find it confuses my executives, and it's not useful for me because it doesn't give me things to work on. It will give me generic things on the executive dashboard like you have a thousand accounts with an old password. Those are big generic things, but I also can't tell it that our password policy is different from what your automatic detection model means, and I don't have a problem with that, so quit lowering my risk score. The risk score is useless. In theory, it's based on the random intelligence they're getting from their various customers. I'm in K-12 education, so they have a decent amount of K-12 customers, but it's a subset, and the baseline of what's common in K-12 education is not the same. There's not enough data to make that particularly clean or useful. Vision One is not custom, and that's part of my beef. That index score is based on whatever random report they're looking at from their data sources at any given moment in time. It's nice, but I'd rather have one that's based on your particular circumstances. Instead, it's saying that the number one attack threat surface for school districts is email phishing. It's too generic.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem."
"SecureX enables us to have all the threat intelligence and threat event data in one place."
"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."
"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."
"It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place."
"The automation and orchestration tools are the most valuable features."
"The ability to create firewalls online has been most valuable including the ability to create rules."
"Integrates well with our existing security infrastructure."
"This full security posture positions us well for our future security roadmap."
"We've found the pricing to be reasonable."
"The most significant recent change has been the addition of the new AI companion."
"The best part is the XDR threat investigation, which includes different modules like Observer Attack Techniques, Workbench, and Detection Model Manager."
"I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"Trend Vision One offers centralized visibility and management across all protection layers, providing a holistic view of our environment and enhancing visibility across the entire infrastructure."
"The search features help us try to correlate information and identify any suspicious activity."
 

Cons

"Remediation stuff could be integrated into the product's automation."
"I'm not sure that I would call it a bug, but sometimes the solution is a little slow."
"They could expand into more areas. The more third-parties that we have tied into it, the better. The capabilities are there. As they just continue to involve the product, the more things that you can look into, then the more analytics that you can get. Also, the more data that we can get, then the better off we will be."
"One of the improvements the product needs is more integration with collaboration platforms."
"The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved."
"The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive."
"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial."
"Trend Micro's support is suboptimal in my region, likely due to proximity to their resources, favouring areas closer to the company. Consequently, we utilize local support providers who offer better service."
"Vision One could improve its area networking and email security."
"Trend Vision One requires several enhancements for optimal performance."
"I would like to have the capability to export the information we receive from the XDR into Microsoft Excel."
"The product needs to have a lot more maturity, and they need to improve the overall technical support framework for getting the value out of XDR."
"I believe that the interface could be more user-friendly. At times, it is challenging to locate certain features, and they need to reorganize the user interfaces."
"The area for improvement is mobile security. We have just finished a proof of concept for Zero Trust Secure Access. We withdrew from this PoC because it does not have that many points for proxy across Europe. Our organization is across Europe... At this time, they are only located in Germany and the UK."
"It would be better if it were more user-friendly. It would also be better if the implementation were more straightforward."
 

Pricing and Cost Advice

"It comes free with all Cisco products. So, it is a good price."
"Cisco SecureX is more expensive than Trend Micro. However, considering the integration capabilities with other solutions and the quality of technical support, I believe there's justification for the price difference."
"It is free. It can't get any better than that."
"You can spend less money for another solution, but if you really want to have a good solution you have to pay. We are happy that we are getting such a good solution for what we are spending."
"It would be nice if they had a different pricing model. Most of our budget for projects goes towards Cisco."
"The pricing is the best part of this solution. It is free if you buy Umbrella or Duo Security. It is also a good solution."
"The product is absolutely free to any customer. As such, the only thing one must keep in mind is that as long as he already has one Cisco security product, irregardless of what that product is, SecureX is available for free."
"The pricing is competitive, especially for education institutions. Licensing can be a little bit difficult to navigate, especially with resellers with Cisco, but for us it has been pretty easy."
"We have an annual subscription and I believe there is no option for monthly billing at the moment."
"It is costly. It is not that affordable for a small organization. Only big organizations can afford it. It is a new feature that has been added, so its price is fair. Its licensing is probably subscription-based. It is for one or two years."
"Trend Micro XDR is expensive."
"Trend Micro XDR is reasonably priced for its value, comparable to other products like VMware Carbon Black."
"Competitors offer comparable solutions at slightly lower prices, so Vision One has room to reduce its pricing by 15 percent, given that Trend Vision One charges approximately $10 per endpoint."
"While the pricing and licensing for Trend Vision One are generally acceptable, the need to purchase additional features separately adds complexity."
"From a pricing standpoint, they're a really good negotiator and they'll work with you."
"It's relatively well-priced."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
845,485 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
36%
Financial Services Firm
8%
Government
5%
Manufacturing Company
5%
Educational Organization
24%
Computer Software Company
18%
Financial Services Firm
5%
Healthcare Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about Trend Micro XDR?
I appreciate the value of real-time activity monitoring.
What is your experience regarding pricing and costs for Trend Micro XDR?
It is very good. The flexibility to temporarily exceed license limits when setting up new devices is helpful, as it allows us to ensure security before purchasing additional licenses.
What needs improvement with Trend Micro XDR?
Improving the user interface would be helpful—it can be confusing, especially if you do not use it daily. We do not see a need for additional features. The tool has so many capabilities that it can...
 

Also Known As

Kenna.AppSec, Kenna.VI
Trend Micro XDR, Trend Micro XDR for Users, Trend Vision One - XDR for Networks
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

NHS, Rackspace, UNC Pembroke, University of North Carolina at Charlotte, Missing Piece
Panasonic North America, Decathlon, Fischer Homes, Banijay Benelux, Unigel, DHR Health,
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR). Updated: March 2025.
845,485 professionals have used our research since 2012.