Secureworks Taegis Managed XDR / MDR Reviews

This solution gathers the information logs from all devices and correlates all the information. It notifies us of any critical events taking place across our networks which has been valuable. 

This solution could be improved with a higher degree of automation such as automated emails, triggers and defining the severity of the cases. It would be beneficial if this solution could predict future outcomes based on what is happening on the servers. There is a degree of automation on the back-end but not the front-end. 

We have used this solution for six months. 

This is a stable solution. 

This is a scalable solution since it is cloud based and not an event based setup. Any product can be added as long as it is supported by the solution. 

We get support for this solution locally and not directly from the Secureworks team. This is a new product and so there are some delays in receiving support when we have contacted the solution's team directly. 

Neutral

The initial setup was straightforward.

The implementation was done in-house but we have used a MSP for feedback, monitoring and SOPs. 

The pricing for this solution is reasonable. One agent costs approximately 270 dirhams/70 USD for one year. There is a reduction in cost per licence as the number of licences used increases. 

The advantage of using this solution is that the setup is done quickly and can be done in-house. This solution is also cheaper compared to others on the market. It has allowed us to integrate compliance and monitoring into our systems. 

I would rate this solution a seven out of ten. 

My client selected Secureworks Red Cloak MDR. I can't tell you why they chose this one over another solution. We presented two different solutions: Secureworks and Splunk, and they made the selection. They chose the one they felt more familiar with. My guess is probably the dashboard was better so that if and when they get queries, it was something that they were more familiar with. I know Splunk, so I'd have probably gone the other way, but that's just because it's what I know.

In terms of what could be improved, I really don't have anything to add to that. The client probably has a perspective on that but I don't.

I didn't deal with all aspects, just the set up, implementation and the tuning. But when it gets into what the licensing was and the cost, I wasn't involved, so I don't have any feedback on that.

In regards to maintaining the SIM, Dell does all of that. We were involved in helping them get the feed scan, helping them get set up, helping them do vendor selection. That was all when it came to the SIM. We have a lot more going on, other elements, but Dell provided a lot of those other services and we didn't have to get involved in that.

In terms of scalability, we didn't scale it very large. We're three business units, 13 sites, and around 2,500 users, so not a real huge company. I assume it's more scalable than that. It's not something we're concerned about here, and even with growth or percent growth, I didn't sense that there's any limitation on that. I would be surprised if we're anywhere near where we'd be concerned about scalability with them.

The initial setup was very straight forward.

In terms of ROI, I'd be surprised if there is any investment return on the SIM. They had no SIM before, so there's reputation and security and that they need to adhere to some kind of a framework. So they are moving that way.

On a scale of one to ten, I'd rate Secureworks Red Cloak MDR an eight, because it's been really good. I don't know everything about it yet.

The deployment was easy. We just put on some of the end points, so we're still talking about what's going on there. But to my knowledge, there's been no issues with it. It has a good reputation, so I don't really have a lot of insight to give you detailed feedback.

We use ManagedXDR for vulnerability management. 

We don't have a full SOC, so it's helpful to have them sifting through our alerts and only bringing actionable items to us.

The integration with the Carbon Black sensor could be better. ManagedXDR doesn't seem to know how to extract the forensic data from an endpoint that was quarantined by Carbon Black. 

It's a hybrid environment. Secureworks' environment is entirely in the cloud, but we have some on-prem components like vulnerability scanners. We had to set up VMs for those and launch them. 

After deployment, we maintain the vulnerability scanners and endpoints. We also need to configure the proactive response playbooks. Secureworks wasn't very helpful in getting those set up either.

I rate Secureworks Taegis ManagedXDR seven out of 10. 

We use Dell Secureworks as our SIEM solution.

The most valuable features are IDS and IPS.

The knowledge base is up to date and easy to use.

Log integration should be improved. If they can add SIEM, the event monitoring, then that would be great.

Scalability is an area that needs to be improved.

In the next release of this solution, I would like to see file integrity monitoring. I also hope that they will provide threat intelligence scripts for free.

I have been using Dell Secureworks for three years.

This is a stable solution.

I would rate the scalability at 50%. We have been having a problem as we are shifting from a previous appliance to a virtual machine. I think that it is an issue of scalability.

Our experience with technical support depends on the problem. Proactive support is good, but if it's something to do with health status then it is a hassle for us to find the correct department. We need to get a direct answer but it can take a lot of time.

The initial setup is straightforward.

I would rate this solution an eight out of ten.

At my last company, which was a small health care operator, I needed to outsource threat management and vulnerability management. And using DSW with Qualys, supported by Palo Alto next-gen firewall worked extremely well for us.

Solved a fundamental problem that lets us all sleep well at night! The service lived up to its reputation as a leader in the space. Not surprisingly, false positives happened, but forced us to register our preferred handling, which were consistently managed per preference going forward.

Support staff is excellent. Staff was always knowledgeable, available and eager to help. It was not unusual that a support person went above and beyond what I expected.

GUI for resolving tickets is terrible. Non-intuitive, offering a dizzying array of options, often none of which made sense even for common problems. I ended up choosing "Other" way more than I should have had to, to categorize an issue resolution.