Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs IBM Security QRadar comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.6
Cortex XDR by Palo Alto Networks offers ROI with fewer breaches, reduced incidents, enhanced security, and compliance benefits within 16 months.
Sentiment score
7.5
IBM Security QRadar provides cost-effective value with strong ROI, efficient resource use, and quick threat response for organizations.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
Investing this amount was very much worth it for my organization.
 

Customer Service

Sentiment score
6.5
Cortex XDR customer service receives mixed reviews, citing regional differences in responsiveness, communication, and expertise quality.
Sentiment score
6.1
IBM QRadar customer service is praised for availability, but technical support receives mixed reviews due to inconsistent service levels.
Every vendor has similar support; it depends on how the case is handled and raised.
They assist with advanced issues, such as hardware or other problems, that are not part of standard operations.
The problem escalates through level one to level three, and then the process starts over with Novo again.
I received very good support, possibly due to a good relationship with IBM.
 

Scalability Issues

Sentiment score
7.6
Cortex XDR by Palo Alto Networks efficiently scales for medium to large businesses, supporting numerous users and endpoints seamlessly.
Sentiment score
7.5
IBM Security QRadar excels in scalable adaptability, supporting diverse environments and expansion with cloud options enhancing seamless growth.
 

Stability Issues

Sentiment score
8.1
Cortex XDR is highly stable and reliable, with user satisfaction scores between eight and ten out of ten.
Sentiment score
7.6
IBM Security QRadar is stable if configured properly, with support praised, despite occasional issues during updates and high usage.
Cortex XDR is stable, offering high quality and reliable performance.
The product has been stable so far.
I think QRadar is stable and currently satisfies my needs.
 

Room For Improvement

Cortex XDR requires improved functionality, user interface, integration, and pricing, while addressing performance, false positives, and compatibility issues.
IBM Security QRadar needs enhanced usability, integration, support, API access, automation, cost-efficiency, and customization to address user challenges.
Cortex XDR could improve its sales support team, including better commission structures and referral programs.
If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules.
We receive logs from different types of devices and need a way to correlate them effectively.
Improving the integration with IBM Server for MetaMask for correlation rules would be beneficial.
 

Setup Cost

Cortex XDR offers flexible but costly licensing, accommodating varying business sizes with yearly or monthly payment options.
IBM Security QRadar provides competitive, negotiable pricing for enterprises, perceived as cost-effective compared to some competitors like Splunk.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
 

Valuable Features

Cortex XDR provides advanced threat detection, integration, and ease of use, excelling in real-time prevention and incident investigation.
IBM Security QRadar excels with scalable log management, threat detection, user analytics, customization, and seamless integration for enhanced monitoring.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
Recently, I faced an incident, a cyber incident, and it was detected in real time.
IBM is seeking information about IBM QRadar because a part of QRadar, especially in the cloud, has been sold to Palo Alto.
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Extended Detection and Response (XDR)
7th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
91
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (4th)
IBM Security QRadar
Ranking in Extended Detection and Response (XDR)
13th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
207
Ranking in other categories
Log Management (6th), Security Information and Event Management (SIEM) (4th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (18th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (10th)
 

Mindshare comparison

As of January 2025, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 7.4%, down from 9.6% compared to the previous year. The mindshare of IBM Security QRadar is 2.6%, up from 2.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Mohammad Qaw - PeerSpot reviewer
Perfect correlation and XDR capabilities for network traffic plus endpoint security
The solution should force customers to integrate with network traffic to see the full benefits of XDR. If you are not integrating it or feeding in your network traffic, then you are just buying a normal antivirus which doesn't make any sense. You are paying double the price to use the antivirus feature or to say you have XDR, but in reality you are not using it. The solution should include an on-premises option because some customers want only on-premises. It would be hard, but good to do if possible. Open XDR would be beneficial in the future. Right now, the solution is Closed XDR so cannot communicate with the few new vendors in the Open XDR market.
Maaz  Khalid - PeerSpot reviewer
Provides easy integration at low cost but lacks AI enhancement
The initial setup is user-friendly and straightforward, making deployment easy. However, compatibility issues with other security controls still need to be addressed. It provides a 35-day period for project enablement. This timeframe is too short and should be extended to 45 or 50 days. When deploying QRadar on-premises, we assess the organization's size to determine the required number of UPS units, application servers, and other necessary hardware. Once these requirements are identified, we proceed with the deployment. We face challenges in the deployment phase, especially when working with an MSSP license. The main issue is with QRadar's multi-tenancy, which often causes the system to crash. Their support services are not very helpful in addressing these problems. We allocate two working days for the deployment of QRadar for our customers. Our team includes a senior engineer who communicates with the client and a junior engineer responsible for deploying and installing other services. The deployment time can vary based on the size of the setup. Large deployments, such as those with 20,000 to 25,000 EPS for corporate clients, take longer due to the need for multiple hardware servers. In such cases, it can take several days. QRadar can be installed in about three to four hours for smaller setups.
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
829,541 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
9%
Government
8%
Manufacturing Company
7%
Educational Organization
23%
Computer Software Company
14%
Financial Services Firm
10%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about IBM QRadar?
The event collector, flow collector, PCAP and SOAR are valuable.
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar, IBM QRadar User Behavior Analytics, IBM QRadar Advisor with Watson
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. IBM Security QRadar and other solutions. Updated: November 2024.
829,541 professionals have used our research since 2012.