Arctic Wolf Managed Detection and Response vs Cortex XSIAM comparison

The compared Arctic Wolf Networks and Palo Alto Networks solutions aren't in the same category. Arctic Wolf Networks is ranked #2 in MDR , with an average rating of 9.3, and holds a 9.8% mindshare in the category. Palo Alto Networks is ranked #29 in SIEM , with an average rating of 9.3, and holds a 1.7% mindshare. Additionally, 100% of Arctic Wolf Networks users are willing to recommend the solution, compared to 100% of Palo Alto Networks users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Arctic Wolf Managed Detection and Response and Cortex XSIAM based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, Arctic Wolf Networks, Huntress and others in Managed Detection and Response (MDR).

To learn more, read our detailed Managed Detection and Response (MDR) Report (Updated: November 2024).

Buyer's Guide

Managed Detection and Response (MDR)

November 2024

Download the complete report

Helped 814,649 peers since 2012

Categories and Ranking

Binary Defense MDR

Mindshare comparison

Managed Detection and Response (MDR)

Security Information and Event Management (SIEM)

Featured Reviews

Rich Ullom

AVP, IT Security Compliance and Audit/Information Security Officer at Western Reserve Group

May 1, 2023

Worth the money, fantastic communication, and fast service with an average response time of about four minutes on an alert

This is my third SOC. I have never had anybody react as well. So, it's hard for me to provide something that they could do better because I'm really happy with them. I just signed another three-year contract with them. I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine. Consistent staffing is the only challenge they have because when you're hiring level-one analysts, you go through them pretty quickly. You'll probably hire them at 50K or 55K, and after they do it for a year, they find out they can make 85K somewhere else, and they bounce. So, their turnover is a little high, but that's it.

Read full review

Jared Kruger

Buisness Developer Manager / Sales Executive at Troye

Oct 11, 2023

Particularly valuable for smaller and mid-sized businesses without a dedicated cybersecurity team

The scalability of this solution is great. It offers user-based licensing, so if there is an increase in the number of IT users, it can easily scale accordingly. In contrast to other solutions that base pricing on data ingestion, which can be challenging as data grows, user count tends to be more predictable, making this model highly scalable. Arctic Wolf is flexible and works with clients to ensure smooth scaling. Our clients for this solution come from a range of business sizes, primarily focusing on small and medium-sized enterprises. We generally don't cater to large enterprises, but instead, our clients typically fall within the medium-sized category, with user counts ranging from 50 to around 3,000.

Read full review

Forrest Stevens

Senior Manager - Security Operations at First Advantage Corporation

Sep 28, 2023

A robust security operation that ensures achieving automation, stability, and scalability

There is room for improvement in some areas, and I would highlight three key aspects. Firstly, the Attack Surface Management (ASM) module could benefit from more contextual depth. Currently, it tends to provide a broad overview without enriched context, and there's room for enhancement in this regard. Secondly, further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous. This would enhance its versatility and interoperability within a broader ecosystem. Regarding performance, there's potential for optimization. When multiple tabs are open in Cortex XSIAM, it can experience slowdowns, leading to longer load times for web pages. It's worth noting that this isn't a severe issue, and it doesn't entail waiting for extended periods, but there is room for improvement in terms of performance optimization.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Binary Defense has a human service department that provides live monitoring for our systems."

"The customization has been the most valuable aspect and was really the reason we ended up selecting Binary Defense. They worked with us to provide exactly the level of support, features, response, and collaboration we needed."

"The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."

"Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."

"The case interface is Binary Defense MDR's most valuable feature."

"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."

"The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."

"Our mean time to response has gone down. We're much faster with direct response and have more investigative capabilities than we did before."

More Binary Defense MDR pros

"Arctic Wolf is our eyes and ears 24/7 because we can't possibly watch all of our alerts. We may see all of these alerts, but our attention is distracted because we're working on other things."

"They have a portal where you can evaluate and mitigate any vulnerabilities that you and your network might have."

"The tool definitely saves money for our company's customers."

"The agents give pretty good visibility into what is happening at the endpoint."

"What's valuable about Arctic Wolf AWN CyberSOC is the cost savings it provides for companies that no longer have to hire a bunch of security people and pay for a SIM."

"Having quarterly meetings with the team to review the last 90 days and determine what if any changes need to be made."

"The most valuable aspect of this solution is the managed detection and response component."

"They provide useful quarterly updates."

More Arctic Wolf Managed Detection and Response pros

"It operates on a single, extensive database which enables it to excel in detecting threats and anomalies across the network and endpoints, delivering a highly effective and comprehensive security solution."

"Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program."

"The most valuable features of Cortex XSIAM are the machine learning used to identify threats, the complexity of the environment of products, and efficiency."

"It does a better job of identifying anomalies that are more likely to be incidents of compromise without as many false positives or false negatives."

"The most valuable feature is the integration capability."

"The automation capabilities significantly improve response times by allowing us to respond to incidents from a single dashboard rather than navigating multiple dashboards."

"It is an effective solution in terms of performance and functionalities."

Cons

"I would like to get more reports from Binary Defense about what they're blocking."

"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."

"I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine."

"It's hard to think of anything that they need to improve on, but just to point out something, I would like to see them provide advanced XDR."

"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."

"We should be able to isolate devices faster. They should shorten the time between clicking on a device to contain it and carrying out the action. That would be a welcome improvement."

"The current reporting system could benefit from improvement."

"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."

More Binary Defense MDR cons

"More integrations with various security tools to improve data ingestion would be beneficial."

"I would like to see them build the ability to co-sell an EDR platform, manage an EDR or manage the actual response, potentially from the issues that are coming up from the security risks."

"It can sometimes take up to an hour to get notification of a problem and that's a long time."

"It will be helpful if the dashboard is more granular."

"They focus on detecting administrator-level control compromises. Because they're focusing more on administrator-level compromise, they are less able to see if an individual user has been compromised. It is, admittedly, very difficult because they don't know what normal human behavior is. If a hacker compromises a human account and then acts just like the human, how are you ever going to notice, unless you have some inside knowledge of how the company works? For example, they overlook account lockouts on user accounts, whereas in our own alerting system, we do not. We review every account lockout, and if it is bad, we contact the person, whereas they think of that as noise because they're more focused on the administrator-level compromise."

"While it isn't a regular occurrence, there have been some gaps in response to some support questions. Questions get answered, yet there are times it takes longer than I'm comfortable with."

"The implementation process could be a little more streamlined."

"We get a lot of false alarms, but that's because they don't know our network in detail. I think that could be alleviated if we told them more about our network so they could create rules to skip some of those things."

More Arctic Wolf Managed Detection and Response cons

"I am not sure if any improvements are needed right now."

"The platform isn't very developer-friendly and it should provide more flexibility and ease."

"The support could be a bit faster."

"The solution’s pricing and technical support could be improved."

"There is room for improvement in expanding integrations to include more cybersecurity solutions."

"Further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous."

"It could provide more integration with a large variety of products."

Pricing and Cost Advice

"After we acquired this platform, we met with a number of different vendors. Binary Defense came in with a proposal that was surprisingly affordable. In fact, we were able to recoup the cost of their services within a short period of time. This is because Binary Defense is able to provide the same level of security as a team of two or three in-house analysts but at a fraction of the cost. As a result, Binary Defense is saving us an estimated $250,000 to $300,000 per year."

"Binary Defense has changed its pricing model from being primarily based on the volume of data to one based on escalations and incidents they handle."

"The solution's price is spot on; if anything, it's slightly below the norm for most services. Compared to building the same team internally, it would cost more to create the same amount of capability than what we get from an external team. Price-wise, Binary Defense is in a great spot."

"Binary Defense MDR is priced competitively and may be slightly lower than CrowdStrike."

"From the initial cost that Binary Defense came in with, we pared it down quite a bit over the course of 30 or 60 days. My leadership would say that their cost was high, but realistically, they were in line with the market."

"It's valued at the right price. Even with the number of endpoints we have, we don't feel that it's a lot more than any competitor. In fact, it might be less expensive when you look at the fact that you're getting a full flex SOC out of it along with the tools."

"The pricing is on target. Working with their sales team on pricing negotiations was a pleasant process. They were very respectful of the constraints we had and I feel that we're paying a fair price."

"The pricing is very good. They are definitely competitive and they were lower at the time that we went with them."

More Binary Defense MDR pricing and cost advice

"The pricing is fair."

"The pricing is pretty competitive."

"I find their pricing to be reasonable and competitive."

"It is more expensive than CrowdStrike, but it also has more features. I don't remember the amount, but I do remember that it was on the higher side. I believe we have five sensors, and the sensors have a yearly cost. We don't have any additional costs, but I know that if we have more features, they will add to the cost."

"I rate the tool's pricing a nine out of ten."

"The solution is expensive compared to its competitors."

"Since Palo Alto is trying to get as many new customers as possible, they're offering very competitive pricing."

"The solution comes at a significant cost."

"The product cost could be considered value for money compared to other solutions in the market, though it is quite high."

"In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate."

See which vendors are best for you

Use our free recommendation engine to learn which Managed Detection and Response (MDR) solutions are best for your needs.

See recommendations

814,649 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Healthcare Company

Financial Services Firm

Manufacturing Company

Computer Software Company

15%

Manufacturing Company

11%

Government

Financial Services Firm

Computer Software Company

14%

Manufacturing Company

11%

Financial Services Firm

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Binary Defense MDR?

The most valuable feature is reviewing tickets and the notes added by technicians.

See all answers

What is your experience regarding pricing and costs for Binary Defense MDR?

The pricing is very competitive; it's on par with or below others. For those sensitive to pricing, I'd advise that th...

See all answers

What needs improvement with Binary Defense MDR?

Sometimes, something may not install right; however, whenever we have challenges, they are very solution-oriented and...

See all answers

What do you like most about Arctic Wolf Managed Detection and Response?

The agents give pretty good visibility into what is happening at the endpoint.

See all answers

What is your experience regarding pricing and costs for Arctic Wolf Managed Detection and Response?

The pricing is pretty competitive.

See all answers

What needs improvement with Arctic Wolf Managed Detection and Response?

I have heard that the tool doesn't go right to the endpoints. With CrowdStrike, I don't think that it is a bad thing ...

See all answers

What do you like most about Cortex XSIAM?

It is an effective solution in terms of performance and functionalities.

See all answers

What is your experience regarding pricing and costs for Cortex XSIAM?

We do not deal with licensing. Only the accounts team handles that information.

See all answers

What needs improvement with Cortex XSIAM?

I am not sure if any improvements are needed right now. The current features are satisfactory, and new features are i...

See all answers

Comparisons

CrowdStrike Falcon vs Binary Defense MDR

Compared 24% of the time

Darktrace vs Binary Defense MDR

Compared 22% of the time

SentinelOne Singularity Complete vs Binary Defense MDR

Compared 22% of the time

Cortex XDR by Palo Alto Networks vs Binary Defense MDR

Compared 15% of the time

More Binary Defense MDR Competitors

CrowdStrike Falcon Complete MDR vs Arctic Wolf Managed Detection and Response

Compared 16% of the time

Red Canary vs Arctic Wolf Managed Detection and Response

Compared 9% of the time

Huntress vs Arctic Wolf Managed Detection and Response

Compared 9% of the time

Adlumin Cybersecurity vs Arctic Wolf Managed Detection and Response

Compared 8% of the time

Microsoft Defender Experts for Hunting vs Arctic Wolf Managed Detection and Response

Compared 7% of the time

More Arctic Wolf Managed Detection and Response Competitors

Palo Alto Networks Cortex XSOAR vs Cortex XSIAM

Compared 43% of the time

Microsoft Sentinel vs Cortex XSIAM

Compared 17% of the time

Splunk SOAR vs Cortex XSIAM

Compared 14% of the time

IBM Security QRadar vs Cortex XSIAM

Compared 12% of the time

Sentinel vs Cortex XSIAM

Compared 0% of the time

More Cortex XSIAM Competitors

Product Reports

Buyer's Guide

Binary Defense MDR

November 2024

Download Binary Defense MDR product report

Buyer's Guide

Arctic Wolf Managed Detection and Response

November 2024

Arctic Wolf Managed Detection and Response report

Download Arctic Wolf Managed Detection and Response product report

Buyer's Guide

Security Information and Event Management (SIEM)

October 2024

Download Cortex XSIAM product report

Also Known As

Binary Defense Vision, Binary Defense Managed Detection and Response, Binary Defense Managed Detection & Response

Arctic Wolf AWN CyberSOC

No data available

Learn More

Binary Defense

Arctic Wolf Networks

Palo Alto Networks

Overview

Binary Defense provides a Managed Detection and Response service using an Open XDR strategy that detects and isolates threats early in the attack lifecycle. Expert security analysts in the Binary Defense Security Operations Center leverage an attacker’s mindset, monitoring your environments for security events 24x7x365 and acting as an extension of your security teams. When a security event occurs, Binary Defense analysts triage, disposition, and prioritize the event. Analysts conduct full kill chain analysis and supply tactical and strategic mitigation recommendations to your security team with the goal of increasing your organization’s security posture against the latest adversary threats.

Visit us online at https://www.binarydefense.com

Built on the industry’s only cloud-native platform to deliver security operations as a concierge service, the Arctic Wolf® Managed Detection and Response (MDR) solution eliminates alert fatigue and false positives to promote a faster response with detection and response capabilities tailored to the specific needs of your organization. Your Arctic Wolf Concierge Security® Team (CST) works directly with you to perform threat hunting, incident response, and guided remediation, while also providing strategic recommendations uniquely customized for your environment.

By design, XSIAM operates across both cloud and enterprise security operations, providing true end-to-end-management of threats, wherever they originate. While companies born in the cloud benefit from the scale and automation of XSIAM and the ease of integration with public cloud and SaaS telemetry, organizations with legacy SIEM deployments can seamlessly transition to XSIAM as the next-generation autonomous SOC platform.

Sample Customers

Securitas USA, Black Hills Energy, Lincoln Electric,The J.M. Smuckers Company, New York Community Bank, State of Connecticut, NCR

Agero, Madison Memorial Hospital, DLZ, Howard LLP, City of Sparks

Information Not Available

Buyer's Guide

Managed Detection and Response (MDR)

November 2024

Download Free Report

Find out what your peers are saying about CrowdStrike, Arctic Wolf Networks, Huntress and others in Managed Detection and Response (MDR). Updated: November 2024.

DOWNLOAD NOW

814,649 professionals have used our research since 2012.

We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.