No more typing reviews! Try our Samantha, our new voice AI agent.

Bitdefender GravityZone Extended Detection and Response (XDR) vs Vectra AI comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Bitdefender GravityZone Ext...
Ranking in Extended Detection and Response (XDR)
27th
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
8
Ranking in other categories
Endpoint Detection and Response (EDR) (30th), Network Detection and Response (NDR) (13th)
Vectra AI
Ranking in Extended Detection and Response (XDR)
19th
Average Rating
8.6
Reviews Sentiment
7.0
Number of Reviews
48
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (5th), Network Detection and Response (NDR) (3rd), Identity Threat Detection and Response (ITDR) (11th), AI-Powered Cybersecurity Platforms (10th)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
reviewer2165952 - PeerSpot reviewer
Company Advisor
Automated protection has reduced our management time and keeps all client environments consistently secure
Reporting in Bitdefender GravityZone Extended Detection and Response (XDR) could be improved. It has some reporting in it, but it's a little cumbersome to work with, so the reporting that is there could be improved. The analytics dashboards of Bitdefender GravityZone Extended Detection and Response (XDR) are quite useful, and they are nice in that we can see an overview very quickly and drill down into specific issues or specific clients. The dashboards are quite good, though it would be nice if we had the same with automated reports. It would be much more useful for us to have that via email or having a report. The only downside that we find is that the product is a little bit slow.
RR
Consultant at a retailer with 5,001-10,000 employees
Threat detection has improved and malicious emails are now identified quickly
Vectra AI offers artificial intelligence capabilities with visibility that can be integrated into our day-to-day operations and other tools, including malware detection tools and cyber threat tools. Vectra AI has positively impacted my organization. Last year while using it, we received many malicious email threats and virus incidents, including a trojan virus that had reportedly been deployed by someone. Our company used Vectra AI to detect the malicious threats and viruses before they could cause more damage, and we successfully stopped the threats. Using Vectra AI, I notice that server downtime has decreased significantly. We now experience only two to three hours of downtime, whereas without Vectra AI and other tools, our downtime would exceed 48 to 72 hours.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It blocks malicious files, prevents attacks, and doesn't require many updates because it is a very light application."
"We think that this product will help us grow, as it meets our needs currently and we can grow with it over time."
"It's very stable. I've never experienced downtime for the ASM console or ASM core."
"The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past."
"My advice for others looking into using Cortex is that it is very easy to use and very useful for the customer environment, whether it's a public or private one."
"The product is very good, it has caught a lot of exploits that most products would not."
"Cortex XDR is a simple platform that's easy for administrators and users. You have a lot of flexibility to change or customize the features."
"Cortex XDR features advanced threat detection capabilities."
"We are using Bitdefender GravityZone Ultra Plus for the threat protection and security of our network."
"I find Bitdefender GravityZone Ultra Plus to be a pretty good solution for the mid-level market, specifically for organizations with up to two hundred fifty users. I like that it is an averagely priced solution. It also has a straightforward installation that can be completed within three to five minutes. Its technical support is also good enough."
"Bitdefender GravityZone Ultra Plus is highly stable."
"The threat detection rates are exceptionally good, better than most of the competition."
"The quarantine computer functionality is very good for me."
"The solution has best-in-breed technology and scores very highly on efficacy rates."
"We moved from Sophos antivirus to Bitdefender GravityZone Extended Detection and Response (XDR), and ever since then, we've been very happy with the product."
"The product is easy to use."
"We often use the new feature to create PCAP files from the whole data traffic. It makes it much easier to find network problems such as whether the server is responding to a request. It has nothing to do with security, but it helps a lot to find other problems."
"It has also increased our security efficiency."
"It has to be up there with my favorite security tool set at the moment."
"One of the things that we didn't expect to happen was that our network team also jumped on it faster than we thought. In most cases, if it's a security tool that's working on the network part, they can also use it to find out certain flaws that have been in the system. Certain flaws, related to some legacy stuff, were already there for quite a few years, which they couldn't explain at first, but we could explain them based on the timing of certain things."
"I can't even explain how happy we are with the amount of time it has saved us."
"The dashboard gives me a scoring system that allows me to prioritize things that I should look at. I may not necessarily care so much about one event, whereas if I have a single botnet detection or a brute force attack, I really want to get on top of those."
"The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well."
"The initial setup was pretty straightforward."
 

Cons

"There's an overall lack of features."
"It's more focused on network communication. If a customer wants to increase the level of protection and start working with documents, it's impossible to integrate these features into the system. It's more of a communication-oriented system than a content security-oriented system."
"Cortex XDR by Palo Alto Networks is a strong tool, but it is true that digesting information sometimes makes the tool go a little bit slower."
"There is a severe gap in functionality between Windows, Linux, and Mac versions. For example all folder restriction settings are Windows only. Traps 5.0+ does not have SAML / LDAP integration."
"There are some default policies which sometimes affect our applications and cause them to run around. In the hotel industry, we use a different type of data versus Oracle and SQL. By default, there are some policies which stop us from running properly. Because of this, the support level is also not that strong. We have to wait to get a results."
"The playbooks could be improved to include more functionalities or actions."
"A potential area of improvement for Cortex XDR by Palo Alto Networks is the cost."
"Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console."
"Some customers would like additional features that aren't available through the current GravityZone platform. Some feedback has been about the deletion of other software not going smoothly during the installation of Bitdefender, particularly the removal of previous software like Sophos."
"Detection and response is a disadvantage that could be improved."
"Reporting in Bitdefender GravityZone Extended Detection and Response (XDR) could be improved."
"Adding a feature like Data Loss Prevention would be beneficial."
"The solution must improve its management features."
"The solution seems to be pretty amateur for an EDR solution, and it should be more in sync in terms of features, with solutions such as FireEye and SentinelOne."
"I would like automatic issue fixing for users without needing to physically open the PC. I'd prefer updates and fixes from the cloud to avoid headaches and save time."
"I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats."
"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."
"Multiple appliances are required for Vectra AI, making it less convenient compared to competitors."
"In education as a sector, we are looking at AI a lot in terms of how it can be used as part of the teaching and learning side of things. It would be great to have Vectra AI look at a better way to enhance the security posture related to the AI tools in our portfolio."
"If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly."
"A blind spot that I have is around the ease with which you can automate threat intervention."
"The solution has not reduced the security analyst workload in our organization because we still need to SIEM."
"It would be commercially beneficial if Vectra AI had something like Darktrace's Antigena Email or something similar to email protection."
 

Pricing and Cost Advice

"The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."
"The pricing is a little high. It is per user per year."
"It has a yearly renewal."
"Every customer has to pay for a license because it doesn't work with what you get from a managed services provider."
"I don't recall what the cost was, but it wasn't really that expensive."
"Very costly product."
"The pricing is a little bit on the expensive side."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"We have purchased licenses for the use of Bitdefender GravityZone Ultra Plus. The price of the solution is reasonable but could be better."
"Bitdefender GravityZone Ultra Plus is pretty average, meaning it's not cheaper, but it's pretty good. It has average pricing."
"Vectra AI is not a cheap solution."
"Their licensing model is antiquated. I'm not a fan of their licensing model. We have to pay for licensing based on four different things. You have to pay based on the number of unique IPs, the number of logs that we send through Recall and Stream, and the size of our environment. They need to simplify their licensing down to just one thing. It should be based on the amount of data, the number of devices, or something else, but there should be just one thing for everything. That's what they need to base their licensing on. Cost-wise, they're not cheap. They were definitely the most expensive option, but you get what you pay for. They're not the cheapest option."
"At the time of purchase, we found the pricing acceptable. We had an urgency to get something in place because we had a minor breach that occurred at the tail end of 2016 to the beginning of 2017. This indicated we had a lack of ability to detect things on the network. Hence, why we moved quickly to get into the tool in place. We found things like Bitcoin mining and botnets which we closed quickly. In that regard, it was worth the money."
"From a pricing perspective, they are very commercially competitive. From a licensing perspective, just be conscious that some of their future cloud solutions come with additional subscriptions. Also, if you're outside of the US, you will get charged freight for the device back to your country."
"The pricing is very good. It's less expensive than many of the tools out there."
"My company pays for the Vectra AI licensing fee yearly. I know the figure because my company recently renewed the license, and it's okay, at least for the financial sector."
"The pricing is high."
"Vectra AI's pricing is cheaper than that of Darktrace."
report
Use our free recommendation engine to learn which Network Detection and Response (NDR) solutions are best for your needs.
904,836 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Construction Company
13%
Comms Service Provider
13%
Manufacturing Company
7%
University
7%
Manufacturing Company
10%
Financial Services Firm
9%
Computer Software Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business6
Large Enterprise1
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise10
Large Enterprise29
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Bitdefender GravityZone Ultra Plus?
The pricing and licensing of Bitdefender GravityZone Extended Detection and Response (XDR) is reasonable. We moved fr...
What needs improvement with Bitdefender GravityZone Ultra Plus?
Reporting in Bitdefender GravityZone Extended Detection and Response (XDR) could be improved. It has some reporting i...
What is your primary use case for Bitdefender GravityZone Ultra Plus?
Our customers typically use Bitdefender GravityZone Extended Detection and Response (XDR) primarily as an antivirus s...
What is your experience regarding pricing and costs for Vectra AI?
I find the pricing of Vectra AI to be one of the best we have seen as feedback from customers and partners indicates ...
What needs improvement with Vectra AI?
I think one area that could be improved about Vectra AI is their marketing. One of the aspects that Darktrace excels ...
What is your primary use case for Vectra AI?
I primarily use Vectra AI for customers, and I only provide Vectra AI.
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
GravityZone Ultra Plus
Vectra Networks, Vectra AI NDR
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Archdiocese, Northstar, SeSa, W&W Informatik, Yamaha Motor Europe
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Find out what your peers are saying about Bitdefender GravityZone Extended Detection and Response (XDR) vs. Vectra AI and other solutions. Updated: June 2026.
904,836 professionals have used our research since 2012.