We performed a comparison between Cortex XDR by Palo Alto Networks and Deep Instinct Prevention Platform based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution was relatively easy to deploy."
"The product detects and blocks threats and is more proactive than firewalls."
"The product's initial setup phase is very easy."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Ability to get forensics details and also memory exfiltration."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Cortex XDR is a simple platform that's easy for administrators and users. You have a lot of flexibility to change or customize the features."
"It collects and caches and the knowledge of machine learning from different customers to take to the cloud. It makes it better to use for everybody. It allows for quick learning and updates and can, therefore, offer zero-day malware security. This sharing of metadata helps make the solution very safe."
"It has pretty much everything we need and works well within the Palo Alto ecosystem."
"One of the main benefits of the solution is its intelligence to correlate the events into an incident."
"The solution doesn't need a high level of technical training."
"The integrations are out-of-the-box, as are the playbooks."
"The tool's use cases are relevant to security."
"It's a nice product that's stable and scalable."
"The most valuable feature is its ability to detect and eradicate ransomware using non-signature-based methods."
"The most valuable features are the static/dynamic analyses. Deep Instinct's predictive model has very high accuracy and provides threat information for unknown malware, such as malware classification, static analysis information, and sandbox information."
"This solution is good at catching viruses and it's very effective and lightweight, which are all things that you want in an antivirus product."
"Instead of having features like rollback and after-event actionable stuff, the whole premise and the context of the solution is to actually prevent these malicious attacks from happening to begin with.... The ability to prevent threats is the most appealing aspect. It absolutely, 100 percent helps with real-time prevention of unknown malware. That's the strength of the product."
"It has a very low false-positive ratio. That is important because it means we're not wasting time... We're able to run that entire 20,000-endpoint base with just a handful of engineers."
"The product offers integration capabilities and is also easy to use."
"Its false positives are very low, because the behavior analysis engine double checks them."
"It has given us a more structured approach for detecting and preventing threats. It has machine learning-based detection and prevention. Their engines, in even older versions, are able to pick these viruses and malware. They have posted a lot of use cases online for detecting different viruses and malware that have been out for many years."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The solution is not user-friendly."
"The solution should address emerging threats like SQL injection."
"The support needs improvement."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The solution is not stable."
"The dashboard is the area that needs to improve so that we can have the ability to drill down without having to go elsewhere to verify results."
"It would be good to have a better way to search for a file within the UI."
"I would like to see better protection, specifically to protect email applications."
"Cortex XDR could be improved with more GUI features."
"Technology evolves every day, so it would be nice if it gets more secure. It can also have more integration with other platforms."
"It's more focused on network communication. If a customer wants to increase the level of protection and start working with documents, it's impossible to integrate these features into the system. It's more of a communication-oriented system than a content security-oriented system."
"Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis."
"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."
"I think it's probably the administration, especially the administration platform, which could be improved in the solution. It's clunky and hard to navigate, especially for inexperienced technicians."
"If they can bring some additional, complementary solutions, like network scanning and the like, that will help. If they had some sort of a firewall which could help detect DDoS attacks and other things, it would be an improvement"
"Its support for Linux and Unix operating systems can be improved. Currently, they cover macOS and Windows, but they don't cover Linux and some of the Unix products. Pricing is also an issue. Its pricing is not as aggressive as it could be, and its price makes it difficult to sell. Customers feel that they can get an antivirus for a lower price, even though it is not a similar product. It is technically different. Their SLAs can be better. They have to give you 24/7 support, but their SLAs are not very good. They should be better documented, and the offerings should also be a little bit better. What happens is that the SLAs end up in the hands of the intermediary, seller, or the local partner of Deep Instinct in a country. The customers want very fast SLAs in a very short time, but Deep Instinct doesn't give them at the same speed. Having said that, SLAs are important when you have a lot of issues, but this product doesn't have too many issues, so it is not a big concern. However, for a customer who doesn't know the product, it could be a concern."
"The Deep Instinct client stops working when you have two servers and you add high availability or Windows Failover Cluster mode. It doesn't work in a clustered mode. I haven't yet had time to go back and talk with their support and get it fixed. It would be good if they can make the installation independent of an actual user. Currently, its installation is dependent on the actual user being logged in. For example, a computer has to be logged in for the installation to happen. If it is not logged in, then on the cloud platform, it is going to show that the client is offline. On the management side of the cloud platform, we would like to have the administrators segregated by logical entities. We have told them that on their cloud management platform, we would like to be able to segregate clients into different logical entities or organizations so that the administrators are able to manage only those entities that are within their designated organization."
"There's an issue in the installation process where you can't install it unless you disable the built-in Windows Bitdefender antivirus. So, you have to manually disable Microsoft Bitdefender in order to install Deep Instinct. So, that makes it impossible to do a network rollout unless you manually visit each computer, which is ridiculous."
"The interface on the endpoint could be a little more descriptive and more valuable. It doesn't always tell you the data you need to see. Improvement there would be very helpful."
"Some features are too resource intensive."
"I am looking forward to them adding Linux in Q1 or Q2 of 2019, as this is often requested by my partners and customers. Currently, Deep Instinct only has Windows, Mac, Android, and iOS."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
More Deep Instinct Prevention Platform Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Deep Instinct Prevention Platform is ranked 24th in Endpoint Protection Platform (EPP) with 18 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Deep Instinct Prevention Platform is rated 8.6. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Deep Instinct Prevention Platform writes "Bolsters prevention with great detection and response capabilities". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, Darktrace, CrowdStrike Falcon, Symantec Endpoint Security and Trellix Endpoint Security, whereas Deep Instinct Prevention Platform is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, CylancePROTECT and Kaspersky Endpoint Detection and Response Optimum. See our Cortex XDR by Palo Alto Networks vs. Deep Instinct Prevention Platform report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.