Cortex XDR by Palo Alto Networks is the first threat detection and response software to combine both visibility across all types of data as well as autonomous machine learning analytics. Threat detection very often requires analysts to divide their attention among many different data streams. This platform unifies a vast variety of data flows, which allows analysts to assess threats from a single location. Users can now maintain a level of visibility that other threat detection programs simply cannot offer. This level of transparency lends itself to both quick identification of problems that arise and the equally quick development of a potential solution.
The most valuable features of Cortex XDR by Palo Alto Networks are:
- Ability to detect and investigate incidents quickly.
- Comprehensive graph visualization of incidents and the ability to take remedial action. -
Rapid detection of hardware files.
- Flexibility to change and customize features.
- Easy deployment and great threat detection capabilities.
- User control and restriction of access to certain websites.
- Artificial intelligence modules and effective communication methods.
- Policy extensions for controlling USB connections and identifying vulnerabilities.
- Strong protection for large networks and endpoints.
- Machine-learning capabilities and full integration with other solutions.
- Correlation with Palo Alto Networks Firewall for network traffic and endpoint security.
- Low consumption of system resources.
- Access to live terminal for immediate action.
- Real-time scanning and notifications for application-related issues.
- Granularity of policy configuration and ease of setup.
- Capability for detecting digital forensics and source of issues.
- Constant addition of new features and proactive approach to security.
- Monitoring capabilities.
- Simple implementation and management of multiple clients.
- Integration with other solutions and vendors.
- Excellent ease of use and clean dashboard interface.
- Integration of firewalls and detection of attack tendencies.
- Reduction of alerts and custom barriers.
- Easy blocking and allowing of services and external device control.
- Analysis of network and users for detecting additional risks and threats.
- Management capabilities and out-of-the-box investigation capabilities.
- Interface and pricing advantages over other vendors.
- Ability to react rapidly to cyber data attacks and access assets remotely.
- Threat identification and detection capabilities.
- Stability and scalability of the product.
- Intelligence to correlate events into incidents.
Cortex XDR by Palo Alto Networks has several areas that need improvement. Users have mentioned the need for better integration and interface, as well as a lightweight agent with improved technical support. Users also want the ability to remove or uninstall an agent directly from the console.
Additionally, there is a desire for more user-friendly dashboards and the ability for non-security team members to view data. Some users have mentioned the need for improved device control capabilities and better pricing options. There is also a request for more functionalities or actions in the playbooks, as well as the addition of disk encryption capability and user group-wise admin roles.
Users have compared Cortex XDR to Check Point and expressed a desire for better detection features. The solution could benefit from more frequent definition updates and easier endpoint agent updates. Users have also mentioned the need for better onboarding, URL filtering, and web-based prevention.
The GUI could be more user-friendly. There is a need for better detection of internal attacks and a recovery feature. Some users have mentioned that the implementation of Cortex XDR is complex and that the price could be more competitive. The solution could also benefit from simpler onboarding, better technical support, and a more user-friendly dashboard. Users have expressed a desire for better IoT integration and the ability to check endpoints included in the platform.
The solution should support more mobile operating systems and include features related to email protection. Better customer education, pricing, and integration with other products are also desired.
Users find Cortex XDR by Palo Alto Networks to be a valuable tool. They prioritize the security of their software and customer data over the return on investment (ROI) and emphasize that protecting their systems is essential.
The pricing for Cortex XDR by Palo Alto Networks varies, with some reviewers considering it expensive while others find it reasonable or even cheap. Licensing costs can be costly, especially for a number of users, and the subscription must be renewed annually.
Reviewers mention that the solution has different types of licenses, which can be a drawback. Setup costs are generally described as easy, although integration with other platforms may be lacking.
The primary use case of Cortex XDR by Palo Alto Networks is for security purposes. It is used to detect and mitigate security risks, protect against malware and threats, monitor and secure endpoints, and provide endpoint protection, detection, and response.
It also functions as an antivirus solution, detects malicious activity, and creates security policies. Additionally, Cortex XDR is used for endpoint security, network management, and ensuring compliance standards.
It is deployed on various devices, including laptops and remote users, and can integrate with firewalls and other network tools.
The customer service and support for Cortex XDR by Palo Alto Networks has received mixed reviews. Some users have praised the technical support team, describing them as responsive, helpful, and knowledgeable. They appreciate the quick resolution of critical configuration issues and the overall support provided by Palo Alto Networks. Users have also mentioned that the support team is accessible and efficient in addressing any challenges that may arise. However, there are also negative experiences shared by some users. They have mentioned instances where the support teams from certain regions were unable to help, leading to escalation and longer resolution times for technical issues.
The initial setup for Cortex XDR by Palo Alto Networks is generally described as simple. Users mention that the deployment process is quick and can be completed within a few days or even a few hours. The solution's cloud-based nature is highlighted as a factor that contributes to the ease of setup. However, a few users mention that the setup can be complex or require significant preparation and understanding of the system.
The scalability of the Cortex XDR solution by Palo Alto Networks is excellent. Users praise its scalability, describing it as easily scalable. They mention that it can handle a large number of users and can be expanded without much extra work or effort. The solution is considered scalable for both small and large enterprises.
The stability of Cortex XDR by Palo Alto Networks is highly stable. Users have mentioned that the solution does not slow down systems, has no bugs or glitches, and does not crash or freeze. It is also mentioned that the solution is stable when deployed on the cloud, eliminating the need for CPU utilization and hardware requirements.
Cortex XDR’s machine learning works on many different levels to detect and prevent threats. It is constantly scanning for threats and vulnerabilities. The solution can scan up to 5.4 billion IP addresses in three-quarters of an hour. This allows it to spot weak points in the system and notify administrators long before hackers can take advantage of vulnerabilities. Once the Artificial Intelligence (AI) discovers an issue or an area where an issue could potentially take place the system creates a log of the information and subsequently sends an alert to system administrators. The AI takes the information that it has gathered and uses it to assign threat levels to the issues that it detects. Following this, a human analyst will be assigned to manually assess the issue and deal with it accordingly. You can set it to automatically respond to the threat by isolating the issue while analysts investigate it.
Benefits of Cortex XDR
Some of Cortex XDR’s benefits include:
Reviews from Real Users
Cortex XDR by Palo Alto Networks software stands out among its competitors for a number of reasons. Two major ones are its ability to isolate threats while enabling them to be studied and the way that the software combines all of the data that it gathers into a single, more complete picture than other solutions offer.
PeerSpot users note the effectiveness of these features. A network designer at a computer software company wrote, “The solution has a very helpful isolation feature. If any system gets compromised, with one click I can access the system and isolate it from other networks, and then go into further forensic investigation of the current threat without compromising anything else.”
Jeff W., Vice President/CTO at Sinnott Wolach Technology Group, noted, “The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly.”
Cortex XDR by Palo Alto Networks was previously known as Cyvera, Cortex XDR, Palo Alto Networks Traps.
CBI Health Group, University Honda, VakifBank