We performed a comparison between Cisco Secure Endpoint and Cortex XDR by Palo Alto Networks based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The price is low and quite competitive with others."
"It is stable and scalable."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Ability to get forensics details and also memory exfiltration."
"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"The most valuable features of this solution are the IPS and the integration with ISE."
"There are several valuable features including strong prevention and exceptional reporting capabilities."
"If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that."
"Definitely, the best feature for Cisco Secure Endpoint is the integration with Talos. On the backend, Talos checks all the signatures, all the malware, and for any attacks going on around the world... Because Secure Endpoint has a connection to it, we get protected by it right then and there."
"The VPN is most valuable. It's the best thing in the market today. We can use two-factor authentication with another platform, and we can authenticate with two-factor."
"Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"We've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for."
"Cortex XDR can integrate the firewalls and determine the tendencies of the attacks. It's a new generation antivirus, with protection endpoints and detection response. It is very easy to use and everybody can operate the solution."
"The management capabilities, allow an IT organization to get quite a good picture of attempted cyber attacks."
"I've found the solution to be highly scalable for enterprises."
"Its interface and pricing are most valuable. It is better than other vendors in terms of security."
"The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service."
"The initial setup isn't too bad."
"We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"We'd like to see more one-to-one product presentations for the distribution channels."
"ZTNA can improve latency."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The solution is not stable."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The support needs improvement."
"The room for improvement would be on event notifications. I have mine tuned fairly well. I do feel that if you subscribe to all the event notification types out-of-the-box, or don't really go through and take the time to filter out events, the notifications can become overwhelming with information. Sometimes, when you're overwhelmed with information, you just say, "I'm not going to look at anything because I'm receiving so much." I recommend the vendor come up with a white paper on the best practices for event notifications."
"We would like to have an API integration with a SIEM solution, because as far as I know, it currently hasn't yet been released."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"The integration of the Cisco products for security could be better in the sense that not everything is integrated, and they aren't working together. In addition, not all products are multi-tenant, so you can't separate different customer environments from each other, which makes it a little bit hard for a managed service provider to deliver services to the customers."
"In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."
"It could be improved in connection with artificial intelligence and IoT."
"Its price is okay for us, but it can always be better. There's always room for improvement when it comes to pricing."
"An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number."
"The encryption is not up to the mark."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"Managing the product should be easier."
"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."
"I would like to see some additional features related to email protection included."
"Cortex XDR should have a lightweight agent, and the agent size should not be heavy."
"The product's pricing could be better."
"The product's pricing needs improvement. They could provide more discounts. Additionally, the dashboard and control panel could be enhanced."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cisco Secure Endpoint is ranked 9th in Endpoint Protection Platform (EPP) with 45 reviews while Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews. Cisco Secure Endpoint is rated 8.6, while Cortex XDR by Palo Alto Networks is rated 8.4. The top reviewer of Cisco Secure Endpoint writes "Makes it possible to see a threat once and block it across all endpoints and your entire security platform". On the other hand, the top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". Cisco Secure Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Check Point Harmony Endpoint, VMware Carbon Black Endpoint and Cisco Umbrella, whereas Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Wazuh. See our Cisco Secure Endpoint vs. Cortex XDR by Palo Alto Networks report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.