The industry has made managing security too complex – from how you respond to alerts siloed across too many product consoles to renewing licenses that expire at different times across too many security vendors. Here’s a small sampling of recent surveys that validate this…

  • In our CISO Benchmark survey, 81% say managing a multi-vendor environment is ‘challenging’ (28% say ‘very challenging’) and 42% suffer from cyber fatigue, i.e. they’re giving up on proactively defending against malicious actors!
  • In ESG’s survey, 40% say that purchasing from a multitude of vendors adds cost, and IDC estimated 25 percent of your software budget is wasted due to license complexity.
  • In Forrester’s survey, 91% express concern over their organizations’ security complexity.

This complexity in how we buy and use security has reduced our overall effectiveness and efficiency to counter attacks and stay compliant. Cisco is addressing the dual problem head on.

While other portfolio vendors have enterprise agreements or security platforms, what each offers pale in comparison to Cisco. Let’s highlight three huge differentiators that enable the Cisco Secure portfolio to be the simplest to buy and use – ultimately, helping you over time to consolidate security vendors without compromising security efficacy or causing vendor lock-in.

Differentiation #1: predictable billing with price protection
All enterprise agreements offer you a discount when you buy more products, including Cisco, to help your budgets go further. Yet even more valuable is protecting the price you were quoted to ensure predictable billing. That’s why Cisco builds in 20% annual growth with true forward terms. What this means is that if you buy 100 licenses on Sept 2020, and by Mar 2021 (six months later) you’re using 115 licenses, your annual payment in Sept 2021 stays the same. Let’s say you increased to 150 licenses by June 2021 — then, your annual payment in Sept 2021 is for 130 licenses (20 licenses were part of your allowed growth). Most importantly, Cisco doesn’t retroactively charge you for the last 3 months going over your built-in annual growth — that’s Cisco True Forward!

In addition to enabling you to manage a single coterminous agreement in one portal, this agreement covers all security licenses and includes 24×7 support with 1-hour response. Moreover, the agreement can also extend to your enterprise networking, data center, and collaboration licenses for even more simplicity.

Differentiation #2: contextual awareness in one location
Most security platforms offer you a dashboard, including Cisco, to enable each user to customize which ROI metrics and operational measures they want to see in one view. Yet what happens when you’re not looking at the platform’s dashboard? That’s why Cisco designed SecureX to be a built-in platform experience. One way we achieved this is by coding a consistent interface — called the SecureX ribbon — at the bottom of each of our products’ consoles.

  • The ribbon enables your teams to share and maintain context on cases or incidents in one location when navigating consoles. And you can launch other products’ consoles from the ribbon with seamless navigation via SecureX sign-on.
  • Features from one product can be integrated within the ribbon to enable cross-portfolio detection, investigation, and response – hence, making it simpler to use and multiplying that feature’s value.


For example, the ribbon integrates a real-time forensics query feature that is available with our endpoint security product.

  • So, if an incident responder is investigating a threat detected by our cloud security product, using the ribbon they could automatically extract endpoint IPs from cloud security’s console.
  • Then, SecureX runs a predefined query searching for exploitable vulnerabilities by malware or malicious domain that were accessed by these endpoints and the query findings are right in the ribbon.
  • When you or other teammates look at the SecureX dashboard or other products’ consoles with the built-in ribbon, they can see the same query findings for better collaboration.

There are many other visibility headaches we eliminate: from aggregating and correlating local context and global intelligence in one view with SecureX threat response to connecting with your infrastructure, including third-party security, with built-in, pre-packaged and custom SecureX integrations.

You may be wondering: How do I add SecureX to an enterprise agreement?
The answer is that you don’t need to because all Cisco Secure customers are already entitled to SecureX and it is included with your existing product licenses. You can start small using SecureX with even a single product and grow as your needs dictate.

Differentiation #3: Every product license includes XDR capabilities and beyond
The irony in the security industry is that vendors offer you a “platform” as yet another separate product, such as SOAR or XDR (Extended Detection & Response as defined by Gartner). Nearly all such products require yet another license, and some require additional Data Lake or EDR (Endpoint Detection & Response) product licenses to get started. Many require you to deploy software or build integrations and normalize data yourself with APIs. This doesn’t help CISOs simplify their security, it just adds more pain to license and learn how to operationalize yet another technology.

Cisco believes that XDR capabilities and beyond are a fundamental right with every Cisco Secure product, so you can achieve the security outcomes you were promised. Additionally, SecureX is cloud-native, so you can begin to realize benefits in as little as 15 minutes.

What to do next?


Barry Fisher

Senior Manager

Security Solution Marketing