Cortex XDR by Palo Alto Networks vs Cybereason XDR comparison

Palo Alto Networks and Cybereason are both solutions in the Extended Detection and Response (XDR) category. Palo Alto Networks is ranked #7 with an average rating of 8.7, while Cybereason is ranked #22 with an average rating of 8.7. Palo Alto Networks holds a 5.6% mindshare in XDR, compared to Cybereason’s 0.7% mindshare. Additionally, 95% of Palo Alto Networks users are willing to recommend the solution, compared to 100% of Cybereason users who would recommend it.

Cortex XDR by Palo Alto Net...

Read 90 Cortex XDR by Palo Alto Networks reviews

7,883 Views
4,799 Comparison Views

95% willing to recommend

Cybereason XDR

Read 3 Cybereason XDR reviews

1,495 Views
476 Comparison Views

100% willing to recommend

Cortex XDR by Palo Alto Net...

Cybereason XDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Cortex XDR and Cybereason XDR are competitors in the extended detection and response market. Cybereason appears to have the upper hand due to its extensive feature set and positive reviews on deployment and support.

Features: Cortex XDR is known for advanced analytics, strong threat detection capabilities, and support praised by users. Cybereason XDR includes AI-driven threat hunting, automated response features, and real-time attack prevention, providing a diverse range of options for users.

Room for Improvement: Cortex XDR users want better third-party tool integration, enhanced incident response features, and more seamless user experiences. Cybereason XDR could improve navigation, address system lags, and optimize technical performance to enhance overall usability.

Ease of Deployment and Customer Service: Cortex XDR offers straightforward deployment but mixed feedback on customer support. Cybereason XDR delivers seamless deployment and proactive support, providing a more favorable experience in both deployment and customer service.

Pricing and ROI: Cortex XDR is appreciated for competitive pricing and cost-effectiveness, making it accessible to a broad user base. Cybereason XDR, though having higher initial costs, is valued for significant long-term ROI, justifying the investment for advanced security needs.

To learn more, read our detailed Cortex XDR by Palo Alto Networks vs. Cybereason XDR Report (Updated: March 2025).

Buyer's Guide

Cortex XDR by Palo Alto Networks vs. Cybereason XDR

March 2025

Download the complete report

Helped 846,617 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XDR by Palo Alto Net...

Ranking in Extended Detection and Response (XDR)

7th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (4th)

Cybereason XDR

Ranking in Extended Detection and Response (XDR)

22nd

Average Rating

8.6

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of April 2025, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 5.6%, down from 6.8% compared to the previous year. The mindshare of Cybereason XDR is 0.7%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Extended Detection and Response (XDR)

Featured Reviews

Mohammad Qaw

Senior Security Consultant at helpag

Perfect correlation and XDR capabilities for network traffic plus endpoint security

The solution should force customers to integrate with network traffic to see the full benefits of XDR. If you are not integrating it or feeding in your network traffic, then you are just buying a normal antivirus which doesn't make any sense. You are paying double the price to use the antivirus feature or to say you have XDR, but in reality you are not using it. The solution should include an on-premises option because some customers want only on-premises. It would be hard, but good to do if possible. Open XDR would be beneficial in the future. Right now, the solution is Closed XDR so cannot communicate with the few new vendors in the Open XDR market.

Read full review

Peter Nowak

Business Development Manager for Cybereason at Bechtle

Integration of multiple firewalls enables advanced threat detection

The integration of data from firewalls and Active Directory is most valuable. Cybereason XDR facilitates two-way communication, where the firewall sends data to the Cybereason system, and it can communicate with the firewall to stop unwanted communication. Customers can deal with multiple types of firewalls with ease. The behavioral analytics help detect advanced threats when attackers use existing software. The multilayered protection approach, including NGAV, integrates XDR detection with antivirus to assess and counter threats effectively.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"They did what they said. This solution could apply to any scenario."

"The solution doesn't need a high level of technical training."

"Threat identification and detection are the most valuable features of this solution."

"The solution allows us to make investigations. Other XDR solutions also provide similar capabilities but for investigation, Cortex XDR is better."

"The initial setup isn't too bad."

"Palo Alto is constantly adding new features."

"The most valuable features are incident creation, policy-based protection, IP whitelisting, and device encryption. These are beneficial for endpoint and server security."

"Traps has drastically reduced our endpoint attack surface via advanced detection capabilities, sandboxing of never before seen programs, and by drastically limiting where executables can launch in the first place."

More Cortex XDR by Palo Alto Networks pros

"The integration of data from firewalls and Active Directory is most valuable."

"Cybereason XDR's most useful feature is the investigation."

"The solution has an investigation feature, which is useful for building storylines."

Cons

"I would like to see some additional features related to email protection included."

"In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex."

"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint."

"There are some default policies which sometimes affect our applications and cause them to run around. In the hotel industry, we use a different type of data versus Oracle and SQL. By default, there are some policies which stop us from running properly. Because of this, the support level is also not that strong. We have to wait to get a results."

"Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console."

"Product might have some bugs."

"I would like to see better protection, specifically to protect email applications."

"There is a severe gap in functionality between Windows, Linux, and Mac versions. For example all folder restriction settings are Windows only. Traps 5.0+ does not have SAML / LDAP integration."

More Cortex XDR by Palo Alto Networks cons

"Customer service is rated as a five out of ten. When they work and reach the right level, they are helpful, but getting to the right person can be time-consuming."

"The one thing we sometimes have issues with is its integration with other security applications like antiviruses."

"There could be more integrations with other data sources like NDR systems."

"Cybereason's customer support could be better."

Pricing and Cost Advice

"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."

"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."

"It has reasonable pricing for the use cases it provides to the company."

"This is an expensive solution."

"The price of the solution is high for the license and in general."

"I am using the Community edition."

"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."

"The tool's price is moderate."

More Cortex XDR by Palo Alto Networks pricing and cost advice

"The solution is cheaper than Microsoft Defender. It has a subscription and no standard license."

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

846,617 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

Government

Manufacturing Company

Computer Software Company

26%

Manufacturing Company

13%

Financial Services Firm

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...

See all answers

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...

See all answers

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...

See all answers

What do you like most about Cybereason XDR?

The solution has an investigation feature, which is useful for building storylines.

See all answers

What needs improvement with Cybereason XDR?

There could be more integrations with other data sources like NDR systems. Additionally, technical support has been slow in recent times. Enabling multifactor authentication has been problematic fo...

See all answers

What is your primary use case for Cybereason XDR?

I use Cybereason XDR for customers who don't have a SOC or managed SOC yet and want to be protected on more than their desktops. It is especially used in the manufacturing industry, yet not exclusi...

See all answers

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks

Compared 12% of the time

CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks

Compared 7% of the time

Darktrace vs Cortex XDR by Palo Alto Networks

Compared 5% of the time

Wazuh vs Cortex XDR by Palo Alto Networks

Compared 5% of the time

Check Point Harmony Endpoint vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

More Cortex XDR by Palo Alto Networks Competitors

Wazuh vs Cybereason XDR

Compared 47% of the time

Microsoft Defender XDR vs Cybereason XDR

Compared 26% of the time

CrowdStrike Falcon vs Cybereason XDR

Compared 15% of the time

Cynet vs Cybereason XDR

Compared 12% of the time

More Cybereason XDR Competitors

Product Reports

Buyer's Guide

Cortex XDR by Palo Alto Networks

April 2025

Download Cortex XDR by Palo Alto Networks product report

Buyer's Guide

Extended Detection and Response (XDR)

March 2025

Download Cybereason XDR product report

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps

No data available

Overview

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?

Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
AI Analytics: Utilizes AI for accurate threat detection and response.
Real-Time Protection: Provides immediate defense against threats.
Policy Management: Allows customization of security policies across endpoints.
USB Control: Regulates USB device access for added security.
Incident Correlation: Connects and analyzes various security events for better response.
Firewall Integration: Seamlessly works with firewalls for enhanced security.
Machine Learning Capabilities: Continuously improves threat detection precision.

What benefits should be considered in reviews?

Low Resource Consumption: Efficient security functions without taxing system resources.
Multi-Layered Protection: Comprehensive security across multiple attack vectors.
User-Friendly Interface: Intuitive design for easier management.
Enhanced Threat Management: Identifies and mitigates threats effectively.
Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Palo Alto Networks

Cybereason is the leader in endpoint protection, offering endpoint detection and response, next-generation antivirus, and managed monitoring services. Founded by elite intelligence professionals born and bred in offense-first hunting, Cybereason gives enterprises the upper hand over cyber adversaries.

Cybereason

Sample Customers

CBI Health Group, University Honda, VakifBank

MOTOROLA MOBILITY

Buyer's Guide

Cortex XDR by Palo Alto Networks vs. Cybereason XDR

March 2025

Free Report: Cortex XDR by Palo Alto Networks vs. Cybereason XDR

Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Cybereason XDR and other solutions. Updated: March 2025.

DOWNLOAD NOW

846,617 professionals have used our research since 2012.

See our Cortex XDR by Palo Alto Networks vs. Cybereason XDR report.

See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.