No more typing reviews! Try our Samantha, our new voice AI agent.

Cisco XDR vs Secureworks Taegis XDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Cisco XDR
Ranking in Extended Detection and Response (XDR)
9th
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
21
Ranking in other categories
No ranking in other categories
Secureworks Taegis XDR
Ranking in Extended Detection and Response (XDR)
18th
Average Rating
8.6
Reviews Sentiment
6.2
Number of Reviews
8
Ranking in other categories
Network Detection and Response (NDR) (14th)
 

Mindshare comparison

As of July 2026, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.6%, down from 5.1% compared to the previous year. The mindshare of Cisco XDR is 1.6%, down from 1.7% compared to the previous year. The mindshare of Secureworks Taegis XDR is 1.3%, up from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks4.6%
Cisco XDR1.6%
Secureworks Taegis XDR1.3%
Other92.5%
Extended Detection and Response (XDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Fred Parks - PeerSpot reviewer
Senior Systems Consultant at W.C. Bradley Co.
Centralized visibility has transformed incident investigations and now cuts response time dramatically
Workflows could definitely be easier to work with. Workflows are automated tasks that can be kicked off inside of a playbook. When someone is responding to something, they can click a button and it will perform automated tasks for them inside of these other products. The product can actually control the behavior of a firewall and you can write a rule in a firewall from Cisco XDR without having to go into the firewall software. However, if it is not a native workflow automation, it is very difficult to create your own. It is not intuitive and you almost have to be a developer and get really good with the API. This could definitely be improved on, particularly the custom workflow automation. Another thing that could be improved is Cisco documenting how it makes decisions, because there are certain factors or criteria that it uses from the source products. Cisco XDR gets all of its data from the integrations, so if you do not integrate anything, it is not going to do anything. Sometimes in these integration products, such as Secure Network Analytics or Cisco Security Exposure, they could be generating some type of alert and you do not necessarily see that in Cisco XDR. This is because it knows, maybe because of these other products, it is not really a big deal and is not big enough to raise an incident. However, I do not think Cisco does a great job in explaining what those rules are, such as why this happens and how this happens. This can cause some questions and some concern. I think it is doing the right thing, but I think it would be better if they had a rule set to say, based on this data, this is how the product actually works.
Mohammad Talha Talkin Alam - PeerSpot reviewer
Assistant Manager IT at PDS Multinational
Improved network protection has secured our servers and monitors web and application traffic
Till now, I have not seen any weak point that needs to be improved in Secureworks Taegis XDR. I think that since the technology is becoming upgraded, it will be good for Sophos to include more features in future updates of this solution. Secureworks Taegis XDR is a good product, but it should include AI technology.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"Cortex XDR alerts us on the dashboard when there's a threat, which allows us to restrict that user and helps secure our infrastructure."
"Cortex is the best tool for endpoint detection, and I have used it to verify hashes or domains to identify malicious activity, trigger playbooks that automate and gather endpoint logs, block malicious processes, and update incident tickets, showcasing end-to-end processes with automation in investigation and reducing the analysis workflow."
"We use it for malicious connections from malicious websites, to identify payloads that might be inside the traffic, to identify malicious processes or bugs that are running on the network, and any activities that tend to lead to data infiltration."
"Once you become familiar with it, Cortex XDR by Palo Alto Networks is a more powerful tool and I would say that I prefer it over MDE because it is a stronger tool for me."
"We switched because there were a lot of added features with Palo Alto that Check Point didn't have, and it was an upgrade for us."
"The level of security I get for my endpoints and servers is extremely valuable."
"Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices."
"The merging of all of that data into one display is probably the best benefit of Cisco XDR."
"Technical support from Cisco is good and very helpful."
"I appreciate the granularity of what I get from Cisco XDR the most."
"Cisco XDR is one of the most matured systems available."
"Before using Cisco XDR, I sometimes did not detect malicious activities in my client's environment, but since implementing this solution, my mean time to detect has reduced and my mean time to respond has fallen within the acceptable threshold, positively impacting my organization as I can detect and respond to threats in time."
"I have seen a measurable ROI after implementing Cisco XDR, as my SOC team reduced manual investigation and triage effort by nearly 40 to 50%, which significantly improved analyst productivity and reduced response time for critical incidents."
"The feature I appreciate the most about Cisco XDR is the reliability."
"Cisco XDR has definitely improved our security posture and our visualization, ensuring that we are protected and providing greater visibility for our SOC team."
"The auto-triage feature of Secureworks Taegis XDR makes my workflow easier and efficient, helping me shorten the time of responding to every alert, make my activities productive, and manage everything that I need to check every alert and detection."
"Definitely, Secureworks Taegis XDR is cost effective for the long run since the product is at a lower cost rather than other brands."
"Sophos is a good XDR, and I recommend it for large companies since they have approximately 2,000 or 3,000 devices and can implement it as it is the best XDR."
"It's a complete solution package."
"The initial setup was straightforward."
"The price for Secureworks Taegis XDR is very competitive."
"The features I find most valuable are the fact that Secureworks Taegis XDR runs itself without any form of intervention."
"Secureworks Taegis XDR has positively impacted our organization by improving detection rates and reducing our time; as I mentioned, it saves us from manually going through all the logs, which is not practical."
 

Cons

"Cortex XDR by Palo Alto Networks could improve by adding a sandbox feature to better compete with their competitors which have it."
"The installation should be easier and the Palo Alto pre-sales and sales teams should have more information on the product because they don't know what they are selling."
"A potential area of improvement for Cortex XDR by Palo Alto Networks is the cost."
"The solution lags to the real-time scenarios here and there."
"It should support more mobile operating systems. That is one of the cons of their infrastructure right now."
"We would also like to have advanced tech protection and email scanning."
"There's room for improvement with Mac device installations, which can be challenging."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"When we first started with Cisco XDR in August, everybody was having issues. There were three people in our organization, including me, who couldn't even log in to Cisco XDR."
"The interface of Cisco XDR can be improved."
"Regarding the pricing aspect of Cisco XDR, I think the price is a bit expensive."
"Cisco XDR could improve the UI customization experience."
"The licensing of Cisco XDR is a bit complicated. The cost can depend on what it is, and the process can be a little complicated."
"Improvements in Cisco XDR revolve around performance."
"Cisco XDR can be improved in terms of out-of-the-box integrations and standard operating procedures available on the platform where we would not have to refer to documents outside of the platform to integrate."
"Cisco XDR is working well, but the solution could be more cost-effective for mid-sized and small organizations."
"I do not see any other problems with Secureworks Taegis XDR besides pricing."
"Secureworks Taegis XDR is a good product, but it should include AI technology."
"We found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules."
"Hardware compatibility could be an area for improvement."
"The pricing could be improved."
"The efficiency or the smooth navigation of the website or the application can be improved in Secureworks Taegis XDR."
"Customer support for Secureworks Taegis XDR is not that bad; they are reachable but not super efficient."
 

Pricing and Cost Advice

"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"Its pricing is kind of in line with its competitors and everybody else out there."
"The price of the product is not very economical."
"The pricing is okay, although direct support can be expensive."
"This is an expensive solution."
"I don't have any issues with the pricing. We are satisfied with the price."
"The licensing of Cisco XDR is a bit complicated. The cost can depend on what it is, and the process can be a little complicated."
"The pricing is six out of ten."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
904,146 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
11%
Comms Service Provider
9%
Outsourcing Company
20%
Computer Software Company
9%
Government
8%
Manufacturing Company
8%
Financial Services Firm
15%
Manufacturing Company
13%
Computer Software Company
9%
Educational Organization
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business17
Midsize Enterprise9
Large Enterprise4
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise1
Large Enterprise6
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Cisco XDR?
The centralized visibility, automation, and reduction in investigation time have provided good operational value for ...
What needs improvement with Cisco XDR?
Cisco XDR could improve the UI customization experience. Some workflows still feel more complex than they need to be,...
What is your primary use case for Cisco XDR?
We mainly use Cisco XDR for centralized threat detection and incident investigation, especially for correlating endpo...
What needs improvement with Secureworks Taegis XDR?
I suggest that we can check also the data sources of every data collector so that we can be informed of what data sou...
What is your primary use case for Secureworks Taegis XDR?
The main use for Secureworks Taegis XDR is to triage alerts from low to critical alerts and analyze and investigate d...
What advice do you have for others considering Secureworks Taegis XDR?
Secureworks Taegis XDR has been dependable for me regarding its AI capabilities in terms of accuracy and reliability ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
Secureworks Taegis NDR
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Information Not Available
Find out what your peers are saying about Cisco XDR vs. Secureworks Taegis XDR and other solutions. Updated: June 2026.
904,146 professionals have used our research since 2012.