Cortex XDR by Palo Alto Networks vs Cybereason Endpoint Detection & Response comparison

Palo Alto Networks and Cybereason are both solutions in the Endpoint Protection Platform (EPP) category. Palo Alto Networks is ranked #4 with an average rating of 8.7, while Cybereason is ranked #35 with an average rating of 8.2. Palo Alto Networks holds a 4.0% mindshare in EPP, compared to Cybereason’s 0.9% mindshare. Additionally, 95% of Palo Alto Networks users are willing to recommend the solution, compared to 89% of Cybereason users who would recommend it.

Cortex XDR by Palo Alto Net...

Read 90 Cortex XDR by Palo Alto Networks reviews

16,556 Views
9,737 Comparison Views

95% willing to recommend

Cybereason Endpoint Detecti...

Read 21 Cybereason Endpoint Detection & Response reviews

3,928 Views
2,188 Comparison Views

89% willing to recommend

Cortex XDR by Palo Alto Net...

Cybereason Endpoint Detecti...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

Cybereason Endpoint Detection & Response and Cortex XDR by Palo Alto Networks compete in the endpoint detection and response category. Cortex XDR appears to have the upper hand due to its comprehensive data correlation and more robust feature set.

Features: Cybereason Endpoint Detection & Response offers intuitive threat detection capabilities, automation features, and a straightforward deployment process. Cortex XDR by Palo Alto Networks provides comprehensive data correlation, advanced analytics, and superior customer support.

Room for Improvement: Cybereason Endpoint Detection & Response needs better scalability, improved integration with other security tools, and more stability during setup. Cortex XDR users report a need for more granular control, advanced analytics, and simplified deployment processes.

Ease of Deployment and Customer Service: Cybereason Endpoint Detection & Response offers a straightforward deployment with supportive customer service, though some users experience setup complications. Cortex XDR has a more complex deployment but provides superior customer support and guided assistance.

Pricing and ROI: Cybereason Endpoint Detection & Response is generally more affordable, delivering favorable ROI for small to medium-sized enterprises. Cortex XDR by Palo Alto Networks is more costly but delivers significant value and ROI through its advanced features.

To learn more, read our detailed Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response Report (Updated: February 2025).

Buyer's Guide

Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response

February 2025

Download the complete report

Helped 842,651 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XDR by Palo Alto Net...

Ranking in Endpoint Protection Platform (EPP)

4th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Extended Detection and Response (XDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (5th)

Cybereason Endpoint Detecti...

Ranking in Endpoint Protection Platform (EPP)

35th

Average Rating

8.0

Reviews Sentiment

7.9

Number of Reviews

Ranking in other categories

Endpoint Detection and Response (EDR) (26th)

Mindshare comparison

As of March 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.0%, down from 5.2% compared to the previous year. The mindshare of Cybereason Endpoint Detection & Response is 0.9%, down from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP)

Featured Reviews

Mohammad Qaw

Senior Security Consultant at helpag

Perfect correlation and XDR capabilities for network traffic plus endpoint security

The solution should force customers to integrate with network traffic to see the full benefits of XDR. If you are not integrating it or feeding in your network traffic, then you are just buying a normal antivirus which doesn't make any sense. You are paying double the price to use the antivirus feature or to say you have XDR, but in reality you are not using it. The solution should include an on-premises option because some customers want only on-premises. It would be hard, but good to do if possible. Open XDR would be beneficial in the future. Right now, the solution is Closed XDR so cannot communicate with the few new vendors in the Open XDR market.

Read full review

Chad Kliewer

Information Security Officer at PTCI

We can make more informed decisions on whether an action is malicious

The ease of use and dashboards are improving. We came in at a time when they were developing a new dashboard screen. Therefore, we have had some confusing times between the old and new dashboards. Knowing how the new one works, I have seen vast improvements with it. While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper. They are improving on this because I have seen some improvements in the user interface that helps with this. Part of it was moving two different screens into one, merging the two together. It is very good, but it is very technically detailed and would be harder for an entry-level person to decipher. However, improvements are being made. It leverages indicators of behavior to help us remediate faster against attacks. Sometimes, I wish there was more detail on why they consider it malicious.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."

"Since they've done their most recent update, the ease to isolate endpoints is valuable. If we find one where there is a virus on it, we can easily isolate it. We don't even have to contact the user. We don't have to manually take them off the network. We can easily isolate them."

"Cortex XDR by Palo Alto Networks should be a stable solution."

"The solution doesn't need a high level of technical training."

"The initial setup is easy."

"They did what they said. This solution could apply to any scenario."

"It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else."

"The solution allows us to gain remote access without the user's knowledge and take the necessary actions on the device."

More Cortex XDR by Palo Alto Networks pros

"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."

"Immediately we can pick up the computers in the network if any malicious operation that is triggered."

"The initial setup is not overly complicated."

"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."

"The solution is efficient."

"For me, the technical support is good."

"The initial setup was easy and straightforward."

"What I find most valuable is the clarity of the platform."

More Cybereason Endpoint Detection & Response pros

Cons

"The solution needs better reports. I think they should let the customer go in and customize the reports."

"In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."

"It is not easy to sell Cortex XDR, not because it isn't a good tool. Its marketing needs to be improved."

"It would be good to have a better way to search for a file within the UI."

"It's more focused on network communication. If a customer wants to increase the level of protection and start working with documents, it's impossible to integrate these features into the system. It's more of a communication-oriented system than a content security-oriented system."

"I would like to see better protection, specifically to protect email applications."

"The product's pricing needs improvement. They could provide more discounts. Additionally, the dashboard and control panel could be enhanced."

"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."

More Cortex XDR by Palo Alto Networks cons

"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."

"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."

"I feel that the product lacks reporting features and needs improvement."

"The product's reporting isn't great."

"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."

"There can be problems with the EDI."

"I would like to see improvements on the operational side, specifically in grouping."

"I feel it is a shame that I cannot create groups of groups with inheritance."

More Cybereason Endpoint Detection & Response cons

Pricing and Cost Advice

"The cost depends on your chosen license type, like Pro or other licenses."

"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."

"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."

"The price was fine."

"The pricing is a little bit on the expensive side."

"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."

"Cortex XDR by Palo Alto Networks is an expensive solution."

"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."

More Cortex XDR by Palo Alto Networks pricing and cost advice

"I do not have experience with the licensing of the product."

"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."

"The pricing is manageable."

"I had to go through a third-party to purchase it, which I wasn't really pleased about."

"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."

"In terms of cost, this is a good choice for our needs."

"In terms of pricing, it's a good solution."

"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."

More Cybereason Endpoint Detection & Response pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

842,651 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

Government

Manufacturing Company

Computer Software Company

18%

Financial Services Firm

11%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...

See all answers

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...

See all answers

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...

See all answers

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?

Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...

See all answers

What is your primary use case for Cybereason Endpoint Detection & Response?

We use it to improve detection in the whole industrial sector. We are a big energy company. Across multiple endpoints, we deploy the EDR to secure all, improve detection, and also attempt to automa...

See all answers

What do you like most about Cybereason Endpoint Detection & Response?

The interface is user-friendly.

See all answers

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks

Compared 12% of the time

CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks

Compared 7% of the time

Darktrace vs Cortex XDR by Palo Alto Networks

Compared 6% of the time

Wazuh vs Cortex XDR by Palo Alto Networks

Compared 5% of the time

Check Point Harmony Endpoint vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

More Cortex XDR by Palo Alto Networks Competitors

Darktrace vs Cybereason Endpoint Detection & Response

Compared 27% of the time

CrowdStrike Falcon vs Cybereason Endpoint Detection & Response

Compared 19% of the time

Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response

Compared 10% of the time

SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response

Compared 9% of the time

ESET Inspect vs Cybereason Endpoint Detection & Response

Compared 3% of the time

More Cybereason Endpoint Detection & Response Competitors

Product Reports

Buyer's Guide

Cortex XDR by Palo Alto Networks

March 2025

Download Cortex XDR by Palo Alto Networks product report

Buyer's Guide

Cybereason Endpoint Detection & Response

March 2025

Cybereason Endpoint Detection & Response report

Download Cybereason Endpoint Detection & Response product report

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps

Cybereason EDR, Cybereason Deep Detect & Respond

Overview

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?

Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
AI Analytics: Utilizes AI for accurate threat detection and response.
Real-Time Protection: Provides immediate defense against threats.
Policy Management: Allows customization of security policies across endpoints.
USB Control: Regulates USB device access for added security.
Incident Correlation: Connects and analyzes various security events for better response.
Firewall Integration: Seamlessly works with firewalls for enhanced security.
Machine Learning Capabilities: Continuously improves threat detection precision.

What benefits should be considered in reviews?

Low Resource Consumption: Efficient security functions without taxing system resources.
Multi-Layered Protection: Comprehensive security across multiple attack vectors.
User-Friendly Interface: Intuitive design for easier management.
Enhanced Threat Management: Identifies and mitigates threats effectively.
Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Palo Alto Networks

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason

Sample Customers

CBI Health Group, University Honda, VakifBank

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital

Buyer's Guide

Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response

February 2025

Free Report: Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response

Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response and other solutions. Updated: February 2025.

DOWNLOAD NOW

842,651 professionals have used our research since 2012.

See our Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response report.

See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.