Sold by: Secureworks
Deployed on AWS
Vendor Insights
Secureworks® Taegis™ XDR is an open cloud-native platform that combines the power of human intellect with insights from security analytics to unify detection and response across endpoint, network and cloud environments for better security outcomes and simpler security operations.
Taegis™ IDR, an add-on designed to improve your security posture, continuously monitors your environment for identity misconfigurations and risks, while also
providing dark web intelligence on compromised credentials.
Learn more at https://www.secureworks.com/partners/aws
Overview
Taegis XDR helps reduce the noise so you can identify more threats faster. We apply knowledge from 20+ years of attack and threat data plus 1400+ incident response engagements performed in the past year to recognize adversary behavior. This expertise is applied to your environment through behavioral analytics to detect the stealthiest of threat actor tactics with Tactic Graphs™. You'll see the full story of your endpoint, network and cloud activity in a single dashboard that makes event correlation easy. XDR operationalizes threat intelligence by automatically correlating our knowledge of the threat landscape with your security telemetry and built-in threat intelligence that's continuously updated.
Taegis XDR allows your security operations teams to respond to security incidents with greater confidence. With capabilities such as extended log retention, search query, user-defined reporting and custom use case support, security analysts gain more ability to actively investigate and proactively hunt for threats in your environment. With Ask an Expert live chat, your security team has 24x7 access to our expert analysts. As a result, XDR can easily replace your current SIEM giving you advanced threat detection as well as additional SIEM capabilities to gain actionable insights into malicious activity. Our goal is to give you enough business and security context to make sense of an investigation and take the right action.
Secureworks detects and responds to identity threats that bypass traditional identity security controls, protecting against 100% of MITRE ATT&CK Credential Access techniques. Taegis™ IDR, an add-on designed to improve your security posture, continuously monitors your environment for identity misconfigurations and risks, while also providing dark web intelligence on compromised credentials. Uncover identity risks in under 90 seconds compared to days with legacy solutions and benchmark the reduction of your attack surface over time.
Learn more at https://www.secureworks.com/products/xdr and https://www.secureworks.com/products/idr
Highlights
- Advanced Analytics
- Accelerated Investigation & Response
- Quickly Detect and Respond to Identity Attacks
Details
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(2)
SOC2
ISO27001
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
TDR - 1000 Endpoints | Price per monitored endpoint, 1000 endpoints | $43,000.00 |
Custom Pricing | Custom pricing w/terms via Private Offer | $100,000.00 |
IDR Add-on Custom Pricing | Custom pricing w/terms via Private Offer | $16,500.00 |
Taegis MDR Combo | 10,001 to 25,000 Endpoints | $550,055.00 |
Vendor refund policy
N/A
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Taegis™ XDR is supported through a web portal, live chat and live agent (telephone) support.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Secureworks
By Rapid7
Top
25
In Data Security and Governance
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Threat Detection Analytics
Applies behavioral analytics to detect threat actor tactics using Tactic Graphs™ across endpoint, network, and cloud environments
Security Intelligence Platform
Leverages 20+ years of attack and threat data from 1400+ incident response engagements to recognize adversary behavior
Identity Threat Protection
Detects and responds to identity threats, protecting against 100% of MITRE ATT&CK Credential Access techniques
Log Correlation and Retention
Provides extended log retention, search query capabilities, and automated threat intelligence correlation
Multi-Environment Monitoring
Continuously monitors endpoint, network, and cloud environments for security misconfigurations and potential risks
Log Aggregation and Monitoring
Monitors entire IT environment by ingesting logs from CloudTrail, GuardDuty, EC2 network traffic, multiple AWS accounts, cloud services, on-premises networks, and remote endpoints
Threat Detection Analytics
Utilizes user and attacker behavior analytics with 900+ out-of-the-box detections and community threat intelligence to minimize false alarms
Compliance Monitoring
Supports log, event, and File Integrity Monitoring (FIM) requirements for compliance frameworks like PCI, HIPAA, and GDPR
Advanced Defense Mechanisms
Implements layered security defenses through honeypots, honey credentials, and honey files to detect potential intrusions
Investigation Capabilities
Provides detailed log timelines and automated response workflows to cut investigation times and enable rapid incident response
Threat Intelligence Integration
Comprehensive threat intelligence platform analyzing over 3,000 threat campaigns with advanced correlation capabilities
Cross-Platform Event Ingestion
Ability to ingest event and incident data across multiple products and over 1,000 third-party services with 13 AWS integrations
AI-Powered Investigation
Deep AI-guided investigations with advanced threat modeling and intelligent response capabilities
Security Operations Automation
Advanced AI models for operationalizing threat intelligence through control posture updates and automated response mechanisms
Adaptive Threat Detection
AI-driven threat landscape analysis enabling proactive and dynamic security threat identification and mitigation
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
-
-
No security profile
No security profile
Standard contract
No
No
No
Customer reviews
0 ratings
0 AWS reviews
|
6 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Chad S.
Great product with good integration
Reviewed on Jan 31, 2025
Review provided by G2
What do you like best about the product?
The level of intergration with with other secuirty appliances is fantastic. Our experiences with the SOC team were fantastic
What do you dislike about the product?
The price increases were substantial. The interface was not intutive.
What problems is the product solving and how is that benefiting you?
I am a single person IT team. Having a 24/7 SOC team that monitored events was fantastic
Carey H.
Great software to monitor network
Reviewed on Apr 02, 2024
Review provided by G2
What do you like best about the product?
I like that it alerts you to things going on your network and especially if you have the endpoints monitored
What do you dislike about the product?
There are false positives every once in awhile.
What problems is the product solving and how is that benefiting you?
Helping to keep network and endpints secure.
Balakrishna Mysore
It's a complete solution package
Reviewed on Feb 20, 2024
Review provided by PeerSpot
What is our primary use case?
More from the perspective of SOC to ensure that every endpoint is taken care of from a cybersecurity perspective. It's a complete solution package.
How has it helped my organization?
When I go into the portal, I can see how many endpoints are enrolled or how many of them are active in place. I can see the current number of threats that are there in the organization. How many threats have been identified, etc. I can see which endpoint the critical events are coming in from a security aspect.
What is most valuable?
It covers every single aspect, and it's one single common platform where you can see everything.
What needs improvement?
For how long have I used the solution?
I have been using Secureworks Taegis XDR for three years.
How was the initial setup?
The initial setup is straightforward.
What's my experience with pricing, setup cost, and licensing?
The pricing is six out of ten.
What other advice do I have?
I would rate the solution an eight out of ten.
Drake Scott
Easy to setup, but limited in its ability to create customized detection rules
Reviewed on Nov 14, 2023
Review provided by PeerSpot
What is our primary use case?
We used the solution as an XDR platform but primarily as a secondary alerting system and log repository.
What needs improvement?
Initially, we found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules. This functionality, available in the Cortex XDR platform, wasn't present then. While there might have been changes since then, during our usage, we couldn't easily import or send Syslog data to the platform and could not create custom parsing rules for data recognition and correlation rule alerts. The query builder's functionality could have been more robust, forcing us to create broader exclusions than desired, resulting in a visibility gap due to the inability to make more granular exclusions within the query builder.
For how long have I used the solution?
I utilized the solution for a year and six months in my previous organization.
What do I think about the stability of the solution?
The solution is stable. I rate it a nine out of ten.
What do I think about the scalability of the solution?
The solution is scalable. We had it installed on every machine in our company. There were up to 4500 endpoints. I rate the scalability a seven out of ten.
How are customer service and support?
Their technical support typically responded promptly, especially when using the live chat function. They generally met our expectations and provided good incident response timelines.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup was straightforward.
What other advice do I have?
The product is good at what it does, but you need to pay attention to what it doesn't do.
I rate Secureworks Taegis XDR a six out of ten.
Which deployment model are you using for this solution?
Public Cloud
Consumer Services
XDR
Reviewed on Oct 25, 2023
Review provided by G2
What do you like best about the product?
It is a cloud native, holistic security solution that enables supirior threat detection and unmatched rapid response. Platform offers comprehensive attack surface coverage.
What do you dislike about the product?
Everything was good as of now nothing found dislike in xdr.
What problems is the product solving and how is that benefiting you?
It is solving both product based and trap based alerts which includes MDE, MDO, MDI AND MCAS.