We performed a comparison between Cortex XDR by Palo Alto Networks and Cisco SecureX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cortex XDR presents an intuitive interface, advanced identification of risks, expandability, and compatibility with various other solutions. Cisco SecureX earns high marks for its automated utilities, comprehensive visibility, and seamless integration with external resources. Meanwhile, Cortex XDR could use enhancements in hard disk encryption, security integration, and customer education. Users say Cisco SecureX needs better documentation and integration with on-premises systems. It would also benefit by expanding its compatibility with third-party solutions.
Service and Support: Some customers were impressed with Palo Alto’s support, while others reported mixed experiences. Some users describe Cisco support as dependable and efficient, while others noted a decline in quality due to personnel changes.
Ease of Deployment: Some users thought Cortex XDR’s deployment was fast and straightforward, while others consider it to be a complex and time-consuming task that requires thorough planning. Setting up Cisco SecureX is generally considered to be straightforward in cloud environments, but it requires more effort to integrate the solution with on-premise products.
Pricing: Some reviewers said Cortex XDR is expensive, but others said it was reasonable for the robust feature set Cortex offers. A few users said Cisco SecureX’s price could be lower, given that it is included for free with certain Cisco products.
ROI: Cortex XDR creates value by ensuring system and data security rather than a financial return on investment. Cisco SecureX provides a positive ROI by speeding up detection and resolution. It also decreases workloads through automation and proactive information gathering.
Comparison Results: Our users prefer Cortex XDR over Cisco SecureX. Cortex XDR stands out for its comprehensive platform and valuable features. Users praised its ease of use, threat identification capabilities, and minimal hardware resource consumption.
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The integration between all the Defender products is the most valuable feature."
"The ability to create firewalls online has been most valuable including the ability to create rules."
"Integrates well with our existing security infrastructure."
"SecureX enables us to have all the threat intelligence and threat event data in one place."
"The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever."
"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."
"It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place."
"The automation and orchestration tools are the most valuable features."
"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."
"If the user leaves our premises or network, Palo Alto Traps will still be on that endpoint and will still apply our policies."
"The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past."
"Stability is a primary factor, and then there's the ease of distribution and policy management."
"The user interface of the solution is sophisticated and straightforward."
"It integrates well into the environment."
"They have a new GUI which is just fantastic."
"We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."
"Cortex XDR by Palo Alto Networks should be a stable solution."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"The licensing is a nightmare and has room for improvement."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The logs could be better."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"what's missing right now is the multi-tenant capability."
"The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial."
"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."
"The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved."
"The automation and orchestration could be simpler. It could be that all the other parts are that easy to use so that these stick out as a negative, but that's the trickiest part for us. The workflows within the orchestration are just a bit more difficult."
"If they could make the Cisco Umbrella piece a little bit more advanced or easier to manage, that would help. We use it for filtering and when you compare it to a normal content filter, it lacks some functionality."
"The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive."
"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."
"I would like to see them include NDR (Network Detection Response)."
"It's more focused on network communication. If a customer wants to increase the level of protection and start working with documents, it's impossible to integrate these features into the system. It's more of a communication-oriented system than a content security-oriented system."
"The solution can never really be an on-premises solution based simply on the way it is set up. It needs metadata to run and improve. Having an on-premises solution would cut it off from making improvements."
"It would be good to have a better way to search for a file within the UI."
"Cortex XDR could be improved with more GUI features."
"There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly."
"I would like to see some additional features related to email protection included."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cisco SecureX is ranked 14th in Extended Detection and Response (XDR) with 13 reviews while Cortex XDR by Palo Alto Networks is ranked 4th in Extended Detection and Response (XDR) with 80 reviews. Cisco SecureX is rated 9.0, while Cortex XDR by Palo Alto Networks is rated 8.4. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". Cisco SecureX is most compared with Trend Vision One, Splunk SOAR, Cisco Secure Network Analytics, Fortinet FortiSOAR and Wazuh, whereas Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trellix Endpoint Security. See our Cisco SecureX vs. Cortex XDR by Palo Alto Networks report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.