No more typing reviews! Try our Samantha, our new voice AI agent.

BlackBerry Cylance Cybersecurity vs HP Wolf Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 8, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Detection and Response (EDR) (6th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
BlackBerry Cylance Cybersec...
Ranking in Endpoint Protection Platform (EPP)
32nd
Average Rating
8.0
Reviews Sentiment
4.6
Number of Reviews
44
Ranking in other categories
No ranking in other categories
HP Wolf Security
Ranking in Endpoint Protection Platform (EPP)
17th
Average Rating
7.8
Reviews Sentiment
3.4
Number of Reviews
8
Ranking in other categories
Endpoint Detection and Response (EDR) (44th)
 

Mindshare comparison

As of July 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.8%, up from 3.7% compared to the previous year. The mindshare of BlackBerry Cylance Cybersecurity is 1.5%, up from 1.1% compared to the previous year. The mindshare of HP Wolf Security is 3.6%, down from 6.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.8%
HP Wolf Security3.6%
BlackBerry Cylance Cybersecurity1.5%
Other91.1%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Sooraj Makkancherrry - PeerSpot reviewer
Security Operations Manager at Philips
Doesn't have daily updates, which is important for healthcare IT
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immediately due to medical device protocols and validation testing. I wish support would try to understand our issues better instead of giving this standard response. The machine learning feature they use often tells us to upgrade the agent or add things to the exclusion list, which isn't unacceptable. It's a very good and new technology as a tool and antivirus. But sometimes, it doesn't work properly with our medical devices and products, quarantining files it shouldn't even after we add them to exclusions. This is tricky for us.
BH
Owner at Stoneridge Engineering, LLC
Adds a layer of safety, especially for laptops operating in various environments
The tool's deployment is easy. HP Wolf Security's deployment was a swift process since it was initially compatible with Windows 10, the operating system on both machines. However, when I transitioned to Windows 11, I encountered minor issues that prompted me to delve deeper into Wolf Security to fine-tune security settings according to my preferences. While I mostly used default settings, there was an initial adjustment where I disabled the AI function related to malware. Currently, the system is running smoothly with no reported issues. Adjusting some settings raised concerns about compatibility between HP Wolf Security and Norton 360. Specifically, aspects of HP Wolf Security, such as the virtual machine component, intrigued me, but I hesitated due to potential conflicts. During my investigation, Windows 11 raised a flag, questioning the system's security settings with Norton 360 and HP Wolf Security. However, it seems that they coexist well without causing issues.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for."
"Monitoring is most valuable."
"Cortex XDR's most valuable feature is its intelligence-based dashboards."
"Cortex XDR by Palo Alto Networks saves time in various ways, although the user interface is fairly standard."
"The anti-exploit is impenetrable."
"The product is mostly automated, and we do not have to make decisions, because all the decisions are made by the product itself and we are not required to create any custom policies since the policies that are created are well defined in the product itself."
"I like the centralized console and the predictive analysis it does of malware. It is very stable and also scalable."
"Technical support is the best in class, in my opinion, because they have invested heavily in research and development."
"Has good RAM capacity for the power I need"
"It provides good insight into the programs, applications, or websites that may need attention."
"Endpoints are protected in real-time without the need of a centralized server, whitelist, or the ability to connect to a central host in the cloud."
"Specifically for a Windows domain environment, the product can be customized and pushed via GPO or SCCM without issue.​"
"Two or three years ago when the WannaCry virus struck, the people that were on Cylance were the ones that weren't affected."
"The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate. In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it."
"You can manage all the threats and everything from a centralized dashboard."
"The ROI is immense, particularly in less dedicated labor hours, and much more in terms of security, particularly when new security flaws have recently appeared."
"I use HP Wolf Security to add a layer of safety, especially for laptops operating in various environments."
"We've been able to isolate and prevent malicious code from external email attachments and from downloaded internet files. Those are the two big areas that have really made an impact."
"Now, instead of us having to go through that analysis, they actually give us a monthly report that shows us: "Here's what you got hit with, here's what would have happened, here are the forensics behind the attack," and, obviously, Bromium stopped it."
"Looking at it in the big picture of the risk that you're mitigating and the protection that you're getting, it's phenomenal."
"The most valuable feature is the process isolation because it simply stops malware from infecting the machines."
"The feature that stands out the most is that when someone clicks on a link in an email... [if] that link is malicious and it has some malware or keylogger attached to it, when it opens up in that Bromium virtualized browser, there's no chance of it actually being on the machine and running, because as soon as they click that "X" in the upper right-hand side of the browser, everything just vanishes. That is an added plus."
"Our security posture has improved; it has definitely contained and prevented some malicious attacks from happening."
"Our overall security posture has absolutely improved as a result of adding Bromium to our security stack. We continue to have less user impact through a significantly reduced amount of malware infections. It's become a non-event."
 

Cons

"In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."
"It takes time to scan the servers and devices."
"There is also no recovery feature; if some endpoint is under attack there must be the possibility of recovering it or restoring it to a normal state."
"Currently, we are monitoring all USB drives and ports but we would like to improve our device control capabilities."
"It is an enterprise-level solution. Its price could be less expensive."
"Technology evolves every day, so it would be nice if it gets more secure. It can also have more integration with other platforms."
"The solution should add unwanted malicious hash values to a block list so that whenever the action is triggered, it will automatically prevent the malicious content."
"The product's pricing needs improvement. They could provide more discounts. Additionally, the dashboard and control panel could be enhanced."
"I'd like them to do software distribution too, but they said that that's architecturally not at the product line."
"We would like to see secure integration and multi-factor authentication to be able to access the administration dashboard."
"The price for this EPP platform is expensive and could be improved."
"The solution should implement AI in the product."
"It should have better support for Windows and Mac."
"For advanced security, I wouldn't."
"The process of whitelisting a script that you want to be able to run can be a little bit difficult, or awkward."
"It should provide more details about the events that they have detected."
"Reporting is one of the shortcomings of the product. We do mine the data that's in there from a forensics perspective... It becomes very difficult because you have to spend a lot of time digging through the volumes of data. Reporting is absolutely the biggest shortcoming."
"They need to improve the compatibility with other applications and its stability."
"Initial setup was complex. There were many configurations that needed to be worked out with the vendor. The setup required hands-on assistance from Bromium."
"Room for improvement would be keeping up with the rate of change, specifically on Windows platforms."
"The tool behaves differently when I ported to Windows 11."
"They have always struggled with usability. The protection that it offers you is tremendous, but there's definitely an impact with use of resources on the computer. It's gotten a lot better now with Win 10. But sometimes, when you open up a website, it's going to take longer than it would without Bromium, and it's the same with documents."
"After a major release, there's always a lot of "dust settling." You have to work through all those issues and then you're fine for a while. The problem is, it's stable, it's fine, until the next major release comes out. Then you go back into the cycle again of uncertainty, instability, working through issues until they have patched and remediated all the problems that you're having. It's not unlike any other vendor though"
"They need to improve the compatibility with other applications and its stability. It works well with attacks, but it doesn't work well with all software on the clients. There is a lot of troubleshooting and a lot of things that need to be tuned to make it work and not break things."
 

Pricing and Cost Advice

"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"I don't recall what the cost was, but it wasn't really that expensive."
"I don't have any issues with the pricing. We are satisfied with the price."
"Cortex XDR’s pricing is very reasonable."
"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
"Very costly product."
"The price of the solution is high for the license and in general."
"This cost of the license is approximately $5 USD monthly per user."
"Review closely how many endpoints you actually need before buying into a pricing level. Deal and deal with the VAR of your choice."
"​Shop around for sure and be assured the price you pay will be close to other solutions available, but even at a slight mark-up from the other solutions, you are getting real endpoint protection versus nothing more than a cheap security blanket that might keep you warm at night."
"The solution provides me with competitive pricing."
"CylancePROTECT is worth the money, but I'm not sure of its exact price. I can't remember off the top of my head."
"I think that the price we are paying is good for what it is."
"My company is on a yearly CylancePROTECT subscription. Price-wise, the solution is slightly expensive, so I'd rate it as eight out of ten."
"We would just add more if there are new users, but right now you just need one license for per user."
"The product came as a bundle with the machine."
"Pricing is reasonable."
"I think the pricing is a good value. All of these security products are always going to be very expensive, but I don't think Bromium is unreasonable. I think Bromium is decently priced. It’s a tiered licensing platform. The more you buy, the cheaper gets per unit, and I think their tiers are very well defined. I think they're fair."
"The pricing is very fair compared to the competition. The licensing is straightforward."
"The product's pricing is a good value. We only run it on our internet-facing workstations, we don't run it on everything in our environment. We are very selective. Some organizations may want to consider doing something like that to reduce their license count."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
904,146 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Construction Company
11%
Manufacturing Company
7%
Financial Services Firm
7%
Comms Service Provider
7%
Comms Service Provider
11%
Manufacturing Company
9%
Computer Software Company
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business33
Midsize Enterprise5
Large Enterprise14
By reviewers
Company SizeCount
Small Business3
Large Enterprise5
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Blackberry Protect?
The price is reasonable for us at the moment. I rate the overall solution an eight out of ten.
What needs improvement with Blackberry Protect?
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we conta...
What is your primary use case for Blackberry Protect?
I am using CylancePROTECT as an active learning algorithm. We installed it on almost 20,000 servers and virtual machi...
Ask a question
Earn 20 points
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Blackberry Protect
Bromium vSentry
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit
Valspar
Find out what your peers are saying about BlackBerry Cylance Cybersecurity vs. HP Wolf Security and other solutions. Updated: June 2026.
904,146 professionals have used our research since 2012.