Secureworks
Pioneering MSSP with deep threat intelligence and the Taegis XDR platform
- Service
- XDR
- Response
- Contain threats
Best for
Enterprise and large mid-market organizationsUsually replaces
In-house SOC for 24/7 monitoringCheck first
Premium pricing positions Secureworks above many MDR-only competitorsCoverage
Covers
- Taegis XDR cloud-native platform with unified detection and response
- Counter Threat Unit (CTU) research team with 70+ threat intelligence analysts
- Three ManagedXDR tiers (Standard, Plus, Enhanced) for flexible coverage
Pros and limits
Works well
- One of the longest track records in managed security (founded 1999), with deep institutional expertise
- Counter Threat Unit provides proprietary threat intelligence drawn from 4,000+ customer environments
- Open, vendor-agnostic Taegis XDR platform integrates with CrowdStrike, SentinelOne, Microsoft, and more
Watch out for
- Sophos acquisition (completed February 2025) introduces uncertainty around long-term product roadmap
- Reporting and dashboard customization can feel limited for advanced users
- Onboarding and initial tuning can be time-intensive for complex environments
Pricing
- Billing model
- Per-user, Tiered, Custom
- Minimum contract
- 12 months
- Proof of concept
- Available
- Onboarding
- 14-30 days
Pricing based on organization size by employee count; three ManagedXDR tiers available (ManagedXDR, ManagedXDR Plus, ManagedXDR Enhanced). Contact Secureworks for a custom quote.
Connects with
- SIEM
- Taegis XDR (proprietary), Splunk (integration)
- EDR / Endpoint
- Taegis Endpoint Agent (native), CrowdStrike Falcon, SentinelOne, Microsoft Defender, VMware Carbon Black
- Cloud
- AWS, Azure, GCP
- Other
- Palo Alto Networks, Okta, Microsoft 365, Fortinet, Cisco
Questions
How much does Secureworks Taegis ManagedXDR cost?
Secureworks uses a per-organization pricing model based on employee count rather than per-endpoint or per-log-volume, which provides more predictable costs. Three tiers are available — ManagedXDR, ManagedXDR Plus, and ManagedXDR Enhanced — each adding additional customization, threat hunting, and premium support. Contact Secureworks directly for a tailored quote.
What is the Counter Threat Unit (CTU)?
The CTU is Secureworks' dedicated threat intelligence research team of 70+ analysts. They track threat actors, analyze emerging attack techniques, and develop countermeasures. Their intelligence is drawn from monitoring over 4,000 customer networks and more than 1,000 incident response engagements annually, and it feeds directly into Taegis XDR detections.
What changed after the Sophos acquisition?
Sophos completed its acquisition of Secureworks in February 2025 for $859 million. In the near term, both companies are operating business as usual with their existing products and channel partners. Sophos has stated plans to integrate capabilities such as identity threat detection, next-gen SIEM, and managed risk into a combined platform over time.